Accepted uw-imap 7:2007b~dfsg-4+lenny3~bpo40+1 (source amd64)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Wed, 14 Jan 2009 21:40:29 +0100
Source: uw-imap
Binary: mlock libc-client2007b-dev libc-client2007b uw-imapd ipopd uw-mailutils
Architecture: source amd64
Version: 7:2007b~dfsg-4+lenny3~bpo40+1
Distribution: etch-backports
Urgency: high
Maintainer: Jonas Smedegaard <dr@jones.dk>
Changed-By: Magnus Holmgren <holmgren@debian.org>
Description:
ipopd - POP2 and POP3 mail server
libc-client2007b - c-client library for mail protocols - library files
libc-client2007b-dev - c-client library for mail protocols - development files
mlock - mailbox locking program
uw-imapd - remote mail folder access server using IMAP4rev1
uw-mailutils - c-client support programs
Changes:
uw-imap (7:2007b~dfsg-4+lenny3~bpo40+1) etch-backports; urgency=low
.
* Etch backport.
* Lower debhelper compat level to avoid using the backported DH7, which
conflicts with Etch quilt.
* Strip src/osdep/mac/mtest.sit.hqx, which was removed from the upstream
tarball, from the Debian diff.
.
uw-imap (7:2007b~dfsg-4+lenny3) testing-security; urgency=high
.
* Non-maintainer upload by the Security Team.
* Fix stack-based buffer overflow in tmail/dmail that could allow
local users to execute arbitrary code
(0001_insecure_strcmp.patch; CVE-2008-5005)
* Fix NULL ptr dereference because of a malicious response to the QUIT
command leading to denial of service
(0002_no_close_quit_netstream.patch; CVE-2008-5006)
* Fix denial of service vulnerability because of rfc822_output_char() not
checking for a full buffer and writing one byte ahead the buffer, later
resulting in memcpy getting called with a possible size argument of -1
(0003_CVE-2008-5514.patch; CVE-2008-5514)
Files:
780399aaede4a88770568298d2f26c55 844 mail optional uw-imap_2007b~dfsg-4+lenny3~bpo40+1.dsc
0daefa8b7bcbbc71254183128df3160c 95232 mail optional uw-imap_2007b~dfsg-4+lenny3~bpo40+1.diff.gz
1ebfbe6b8caad33afe645fa2568f9e5b 92620 mail optional uw-imapd_2007b~dfsg-4+lenny3~bpo40+1_amd64.deb
15abc3733ec0ec1b0099a68e591b9151 52612 mail optional ipopd_2007b~dfsg-4+lenny3~bpo40+1_amd64.deb
a39d359f2270e40f573f93563bcdce90 734864 libdevel optional libc-client2007b-dev_2007b~dfsg-4+lenny3~bpo40+1_amd64.deb
18ed52618b568b6f7153303169606a2c 761148 libs optional libc-client2007b_2007b~dfsg-4+lenny3~bpo40+1_amd64.deb
74fccf98625e10eb60f4585951ccfd76 30512 mail optional mlock_2007b~dfsg-4+lenny3~bpo40+1_amd64.deb
978d5c2b3679f52bdc4a278f180c9a64 59112 mail optional uw-mailutils_2007b~dfsg-4+lenny3~bpo40+1_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkluUtUACgkQk7mRNn1h4+YC3ACfUpaFkf1nSTyNS8i7xnqstEeK
+DMAnibk67r/V/oidkYAiXJon+KDWS2d
=IZID
-----END PGP SIGNATURE-----
Accepted:
ipopd_2007b~dfsg-4+lenny3~bpo40+1_amd64.deb
to pool/main/u/uw-imap/ipopd_2007b~dfsg-4+lenny3~bpo40+1_amd64.deb
libc-client2007b-dev_2007b~dfsg-4+lenny3~bpo40+1_amd64.deb
to pool/main/u/uw-imap/libc-client2007b-dev_2007b~dfsg-4+lenny3~bpo40+1_amd64.deb
libc-client2007b_2007b~dfsg-4+lenny3~bpo40+1_amd64.deb
to pool/main/u/uw-imap/libc-client2007b_2007b~dfsg-4+lenny3~bpo40+1_amd64.deb
mlock_2007b~dfsg-4+lenny3~bpo40+1_amd64.deb
to pool/main/u/uw-imap/mlock_2007b~dfsg-4+lenny3~bpo40+1_amd64.deb
uw-imap_2007b~dfsg-4+lenny3~bpo40+1.diff.gz
to pool/main/u/uw-imap/uw-imap_2007b~dfsg-4+lenny3~bpo40+1.diff.gz
uw-imap_2007b~dfsg-4+lenny3~bpo40+1.dsc
to pool/main/u/uw-imap/uw-imap_2007b~dfsg-4+lenny3~bpo40+1.dsc
uw-imapd_2007b~dfsg-4+lenny3~bpo40+1_amd64.deb
to pool/main/u/uw-imap/uw-imapd_2007b~dfsg-4+lenny3~bpo40+1_amd64.deb
uw-mailutils_2007b~dfsg-4+lenny3~bpo40+1_amd64.deb
to pool/main/u/uw-imap/uw-mailutils_2007b~dfsg-4+lenny3~bpo40+1_amd64.deb
Reply to: