Accepted perdition 1.17-7etch1 (source i386)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Wed, 31 Oct 2007 13:38:27 +0900
Source: perdition
Binary: perdition perdition-postgresql perdition-mysql perdition-ldap perdition-dev perdition-odbc
Architecture: source i386
Version: 1.17-7etch1
Distribution: stable-security
Urgency: high
Maintainer: Simon Horman <horms@debian.org>
Changed-By: Simon Horman <horms@debian.org>
Description:
perdition - POP3 and IMAP4 Proxy server
perdition-dev - Development libraries and headers for perdition
perdition-ldap - Library to allow perdition to access LDAP based popmaps
perdition-mysql - Library to allow perdition to access MySQL based popmaps
perdition-odbc - Library to allow perdition to access ODBC based popmaps
perdition-postgresql - Library to allow perdition to access PostgreSQL based popmaps
Changes:
perdition (1.17-7etch1) stable-security; urgency=high
.
* Verify that tag read from end-users is valid
- CVE-2007-5740
The format string protection mechanism in IMAPD for Perdition Mail
Retrieval Proxy 1.17 and earlier allows remote attackers to execute
arbitrary code via an IMAP tag with a null byte followed by a format
string specifier, which is not counted by the mechanism.
Files:
325066ab30c9d78d6af74004fa0f8ecc 909 mail optional perdition_1.17-7etch1.dsc
6cef90e55bde9eb2d0a17acccb3516f3 552149 mail optional perdition_1.17.orig.tar.gz
ce6a018ab54dfdff0beebd4661dcdfec 115530 mail optional perdition_1.17-7etch1.diff.gz
3be7e162e22f57515475dfc253ada667 123700 mail optional perdition_1.17-7etch1_i386.deb
2863aa3f4703232e38036b389ea364da 7096 mail optional perdition-dev_1.17-7etch1_i386.deb
98fc325b45d1a2f73660ab85449adbf9 16216 mail optional perdition-ldap_1.17-7etch1_i386.deb
0890a10870f164a52fb0264892828a28 15188 mail optional perdition-mysql_1.17-7etch1_i386.deb
9a17d7063805c8d9499f98d083dfd130 15160 mail optional perdition-odbc_1.17-7etch1_i386.deb
bccc80e234204421a84dd9ab78b621ca 14994 mail optional perdition-postgresql_1.17-7etch1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFHKW1BA8ACPgVBDpcRAmKQAJ43f/BWyO6vKkPME05iB5Edb6ybpQCgv9AQ
ji2wH0DDg958QGfH8DiA60w=
=+KAp
-----END PGP SIGNATURE-----
Accepted:
perdition-dev_1.17-7etch1_i386.deb
to pool/main/p/perdition/perdition-dev_1.17-7etch1_i386.deb
perdition-ldap_1.17-7etch1_i386.deb
to pool/main/p/perdition/perdition-ldap_1.17-7etch1_i386.deb
perdition-mysql_1.17-7etch1_i386.deb
to pool/main/p/perdition/perdition-mysql_1.17-7etch1_i386.deb
perdition-odbc_1.17-7etch1_i386.deb
to pool/main/p/perdition/perdition-odbc_1.17-7etch1_i386.deb
perdition-postgresql_1.17-7etch1_i386.deb
to pool/main/p/perdition/perdition-postgresql_1.17-7etch1_i386.deb
perdition_1.17-7etch1.diff.gz
to pool/main/p/perdition/perdition_1.17-7etch1.diff.gz
perdition_1.17-7etch1.dsc
to pool/main/p/perdition/perdition_1.17-7etch1.dsc
perdition_1.17-7etch1_i386.deb
to pool/main/p/perdition/perdition_1.17-7etch1_i386.deb
Reply to: