ELSA-2009-0205 - dovecot security and bug fix update
| Type: | SECURITY |
| Severity: | LOW |
| Release Date: | 2009-01-27 |
Description
[1.0.7-7]
- permissions of deliver and dovecot.conf from 1.0.7-5 reverted
- password can be stored in different file readable only for root now
- Resolves: #436287, CVE-2008-4870
[1.0.7-6]
- added missing directory in file list
- Resolves: #436287
[1.0.7-5]
- change permissions of deliver and dovecot.conf to prevent possible password ex
posure
- Resolves: #436287
[1.0.7-4]
- fix handling of negative rights in the ACL plugin
- Resolves: #469015, CVE-2008-4577
[1.0.7-3]
- fix package ownership for /etc/pki/dovecot/private (#448089)
- update init script (#238016)
- ask for SSL cert password during start-up (#436287)
- fix for illegal characters in passwd (#439369)
- Resolves: #448089, #238016, #436287, #439369
Related CVEs
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
|
| Oracle Linux 5 (i386) | dovecot-1.0.7-7.el5.src.rpm | f4a961fe297de41f0a926f81c0506cb9 | ELEA-2014-1898 |
| dovecot-1.0.7-7.el5.i386.rpm | ddaab3899b9256c950b9caa46f0b8320 | ELEA-2014-1898 |
|
| Oracle Linux 5 (ia64) | dovecot-1.0.7-7.el5.src.rpm | f4a961fe297de41f0a926f81c0506cb9 | ELEA-2014-1898 |
| dovecot-1.0.7-7.el5.ia64.rpm | 75d5f9e58f592acb90cc8681e1e22a97 | ELEA-2014-1898 |
|
| Oracle Linux 5 (x86_64) | dovecot-1.0.7-7.el5.src.rpm | f4a961fe297de41f0a926f81c0506cb9 | ELEA-2014-1898 |
| dovecot-1.0.7-7.el5.x86_64.rpm | fdfc729517952ed13bac0224f456fe72 | ELEA-2014-1898 |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team
