Accepted perdition 1.15-5sarge1 (source i386)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Wed, 31 Oct 2007 13:49:04 +0900
Source: perdition
Binary: perdition perdition-postgresql perdition-mysql perdition-ldap perdition-dev perdition-odbc
Architecture: source i386
Version: 1.15-5sarge1
Distribution: oldstable-security
Urgency: high
Maintainer: Simon Horman <horms@debian.org>
Changed-By: Simon Horman <horms@debian.org>
Description:
perdition - POP3 and IMAP4 Proxy server
perdition-dev - Development libraries and headers for perdition
perdition-ldap - Library to allow perdition to access LDAP based popmaps
perdition-mysql - Library to allow perdition to access MySQL based popmaps
perdition-odbc - Library to allow perdition to access ODBC based popmaps
perdition-postgresql - Library to allow perdition to access PostgreSQL based popmaps
Changes:
perdition (1.15-5sarge1) oldstable-security; urgency=high
.
* Verify that tag read from end-users is valid
- CVE-2007-5740
The format string protection mechanism in IMAPD for Perdition Mail
Retrieval Proxy 1.17 and earlier allows remote attackers to execute
arbitrary code via an IMAP tag with a null byte followed by a format
string specifier, which is not counted by the mechanism.
Files:
0e3ce322a1b1ad44abbda163b925d642 919 mail optional perdition_1.15-5sarge1.dsc
aa17651883aea7cca61424ad9bf8a38e 7002 mail optional perdition_1.15-5sarge1.diff.gz
7c3aaf30198cf73191a984a76637a940 551692 mail optional perdition_1.15.orig.tar.gz
4671079309c853aa5d13f2918f53c1f2 119726 mail optional perdition_1.15-5sarge1_i386.deb
b16d645566732d1385de81877c952d96 6294 mail optional perdition-dev_1.15-5sarge1_i386.deb
9079ac2b06bb7fba3144ce3f76c3c215 15528 mail optional perdition-ldap_1.15-5sarge1_i386.deb
633db52e6fcf8b4f2e099937498a012f 14326 mail optional perdition-mysql_1.15-5sarge1_i386.deb
2f5b1b22d2b482082d83cc8a9070b964 14348 mail optional perdition-odbc_1.15-5sarge1_i386.deb
b75a42714104e1578c8b3627c74c2d60 14232 mail optional perdition-postgresql_1.15-5sarge1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFHKdd1YrVLjBFATsMRAoOeAJ98p/PKNIkKoftlCdil6fsbOqnl8wCghN/N
ZwN8HzVeQJSMX8x/jiJdQw8=
=sJHp
-----END PGP SIGNATURE-----
Accepted:
perdition-dev_1.15-5sarge1_i386.deb
to pool/main/p/perdition/perdition-dev_1.15-5sarge1_i386.deb
perdition-ldap_1.15-5sarge1_i386.deb
to pool/main/p/perdition/perdition-ldap_1.15-5sarge1_i386.deb
perdition-mysql_1.15-5sarge1_i386.deb
to pool/main/p/perdition/perdition-mysql_1.15-5sarge1_i386.deb
perdition-odbc_1.15-5sarge1_i386.deb
to pool/main/p/perdition/perdition-odbc_1.15-5sarge1_i386.deb
perdition-postgresql_1.15-5sarge1_i386.deb
to pool/main/p/perdition/perdition-postgresql_1.15-5sarge1_i386.deb
perdition_1.15-5sarge1.diff.gz
to pool/main/p/perdition/perdition_1.15-5sarge1.diff.gz
perdition_1.15-5sarge1.dsc
to pool/main/p/perdition/perdition_1.15-5sarge1.dsc
perdition_1.15-5sarge1_i386.deb
to pool/main/p/perdition/perdition_1.15-5sarge1_i386.deb
Reply to: