Summary: | net-mail/dovecot <1.0.13 Argument injection vulnerability (CVE-2008-1218) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Lars Hartmann <lars> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | net-mail+disabled, thoger |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1218 | ||
Whiteboard: | B4 [glsa] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 212336 | ||
Bug Blocks: |
Description
Lars Hartmann
2008-03-11 12:43:07 UTC
maintainers - please provide an updated ebuild already in portage since 2008-03-10. there is already another dovecot security bug open that involves stabling =1.0.13: bug #212336 Thanks Wolfram. stabling is handled on bug #212336. since it's also C3, we can vote for GLSA for both bugs here. I tend to vote YES. Voting YES as well and filing request. Pleaase not that the password issue never affected any stable ebuild and is should therefore not be considered for the GLSA. CVE-2008-1271 will be rejected as a dupe. GLSA 200803-25 |