Summary: | <net-mail/dovecot-2.2.29.1: DoS when passdb dict was used for authentication | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | eras, net-mail+disabled |
Priority: | Normal | Flags: | stable-bot:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.openwall.com/lists/oss-security/2017/04/11/1 | ||
Whiteboard: | B3 [noglsa cve] | ||
Package list: |
=net-mail/dovecot-2.2.29.1
|
Runtime testing required: | --- |
Bug Depends on: | 601452 | ||
Bug Blocks: |
Description
Agostino Sarubbo
2017-04-11 14:04:48 UTC
net-mail/dovecot-2.2.29.1 in the tree and good for stabilization. Stable for HPPA. arm stable. ppc ppc64 stable Stable on alpha. amd64 stable x86 stable. Maintainer(s), please cleanup. Security, please vote. Maintainer(s), Thank you for your work. GLSA Vote: No Maintainer(s), please drop the vulnerable version(s). Can't remove =net-mail/dovecot-2.2.19 without breaking the tree for ia64 mips sh and sparc (see bugs #564484 #601452 ) Rest punted from the tree. =net-mail/dovecot-2.2.19 is only for ia64/sparc which are not security supported. No other arches will be impacted with the ebuild being in place. |