Re: [SECURITY] [DSA 533-1] New courier packages fix cross-site scripting vulnerability

To: debian-security@lists.debian.org
Subject: Re: [SECURITY] [DSA 533-1] New courier packages fix cross-site scripting vulnerability
From: Robert Penz <robert.penz@outertech.com>
Date: Fri, 23 Jul 2004 10:11:30 +0200
Message-id: <[🔎] 200407231010.02998.robert.penz@outertech.com>
In-reply-to: <20040723042050.GA3736@alcor.net>
References: <20040723042050.GA3736@alcor.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Friday 23 July 2004 06:20, Matt Zimmerman wrote:

I've just updated to the new packages and now I've following problem

Jul 23 10:03:41 blackstar courieresmtpd: started,ip=[::ffff:62.138.5.44]
Jul 23 10:03:41 blackstar esmtpd-ssl:
/usr/lib/courier/courier/modules/esmtp/authstart: cannot read authmodulelist.
Jul 23 10:03:41 blackstar courieresmtpd:
error,relay=::ffff:62.138.5.44,msg="535 Authentication failed.",cmd: AUTH
LOGIN

and Kmail reports that the server does not support login

I looked a little bit into the problem and the file

/etc/courier/authmodulelist

got removed in the update again - why again?

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=147285

fix with

# cat > /etc/courier/authmodulelist
authdaemon


- --
Regards,
Robert
- ----------
Robert Penz
robert dot penz at outertech dot com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2-rc1-SuSE (GNU/Linux)

iD4DBQFBAMgz8tTsQqJDUBMRAo9GAJ46yjE2hRt0wZD1Stdjv61si7R4OACY/Vyp
WwdIYBuidCiIs1yf5ZZWIQ==
=fo9d
-----END PGP SIGNATURE-----

Reply to:

Follow-Ups:
- Re: [SECURITY] [DSA 533-1] New courier packages fix cross-site scripting vulnerability
  - From: Matt Zimmerman <mdz@debian.org>

Prev by Date: Fredo Strüber/HV/Maritim ist außer Haus.
Next by Date: Re: [SECURITY] [DSA 533-1] New courier packages fix cross-site scripting vulnerability
Previous by thread: Fredo Strüber/HV/Maritim ist außer Haus.
Next by thread: Re: [SECURITY] [DSA 533-1] New courier packages fix cross-site scripting vulnerability
Index(es):
- Date
- Thread