lp:ubuntu/hoary-security/courier
- Get this branch:
- bzr branch lp:ubuntu/hoary-security/courier
Branch merges
Branch information
Recent revisions
- 5. By Martin Pitt
-
* SECURITY UPDATE: Remote DoS.
* courier/libs/comverp. c, verp_encode(): Fix endless loop with strings that
contain '=' in the username part (before '@').
* Patch provided by upstream at
http://www.courier- mta.org/ beta/patches/ verp-fix/.
* CVE-2006-2659 - 4. By Martin Pitt
-
* SECURITY UPDATE: Unauthorized access.
* authlib/authpam.c: Restore call to pam_acct_mgmt() to prevent granting
access to disabled accounts.
* Patch by David Härdeman.
* References:
- CVE-2005-3532
- http://bugs.debian. org/211920 - 3. By Thom May
-
* Nathaniel McCallum
- debian/*.init: pretty initscripts
- debian/control: version depends on lsb-base - 2. By Stefan Hornburg (Racke)
-
* new upstream release (/etc/courier/
authmodulelist has been deprecated)
* backed out patch to quell FAM error messages, we just suppress them
now as suggested by upstream (Closes: #253304)
* install authdaemon.passwd for changing passwords with courierauthtest
(Closes: #256565, thanks to Mohammed Sameer <email address hidden> for the
report)
* changed sample path for MySQL socket in /etc/courier/authmysqlrc to
default location in Debian (Closes: #258619, thanks to Mike O'Connor
<email address hidden> for the report)
* removed old ChangeLog from courier-base
* use environment variable LDFLAGS to pass -lcyrpt to ./configure
instead of CFLAGS
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/lucid/courier