Summary: | <net-mail/dovecot-2.1.12-r1: version bump | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Agostino Sarubbo <ago> |
Component: | New packages | Assignee: | Eray Aslan <eras> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | eras, net-mail+disabled |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.openwall.com/lists/oss-security/2012/12/03/4 | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Agostino Sarubbo
2012-12-03 19:42:13 UTC
@security: dovecot-2.1.11 is not a good release. There are reports of having problems building sieve plugin. Please consider stabilizing =net-mail/dovecot-2.1.12-r1. Thank you. Arches, please test and mark stable: =net-mail/dovecot-2.1.12-r1 Target keywords : "alpha amd64 arm hppa ia64 ppc ppc64 s390 sh sparc x86" amd64 stable x86 stable ppc stable ppc64 stable (In reply to comment #0) > An authenticated remote user could use this flaw to crash > Dovecot. "A user can crash his/her own IMAP session" says upstream - not the whole IMAP server. http://www.dovecot.org/list/dovecot/2012-December/069793.html FYI Stable for HPPA. stable arm alpha/ia64/s390/sh/sparc stable Thanks, everyone. (In reply to comment #7) > (In reply to comment #0) > > An authenticated remote user could use this flaw to crash > > Dovecot. > > "A user can crash his/her own IMAP session" says upstream - not the whole > IMAP server. > > http://www.dovecot.org/list/dovecot/2012-December/069793.html > > FYI Thanks, Eras. CVE-2012-5620 has been rejected [1] as this is not a vulnerability. Removing from security and closing since arches are finished. [1] http://www.openwall.com/lists/oss-security/2012/12/05/1 |