ELSA-2008-0297

ELSA-2008-0297 - dovecot security and bug fix update

Type:SECURITY
Severity:LOW
Release Date:2008-05-30

Description


[1.0.7-2]
- LDAP+auth cache user login mixup (CVE-2007-6598, #427575)
- insecure mail_extra_groups option (CVE-2008-1199, #436927)

[1.0.7-1]
- update to latest upstream, fixes a few bugs (#331441, #245249), plus two
security vulnerabilities (CVE-2007-2231, CVE-2007-4211)
- increased default login_process_size to 64 (#253363)


Related CVEs


CVE-2007-2231
CVE-2007-4211
CVE-2007-6598
CVE-2008-1199

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 5 (i386) dovecot-1.0.7-2.el5.src.rpmc34a7a5dc7b1498dddf103ae8a908449ELEA-2014-1898
dovecot-1.0.7-2.el5.i386.rpmad90a36c5a1caa3c06f7e3a01d7768edELEA-2014-1898
Oracle Linux 5 (x86_64) dovecot-1.0.7-2.el5.src.rpmc34a7a5dc7b1498dddf103ae8a908449ELEA-2014-1898
dovecot-1.0.7-2.el5.x86_64.rpmc7cdf4c869d01176b63387c480ff50aeELEA-2014-1898



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete