Re: Please update courier security tracker information

To: debian-security-tracker@lists.debian.org
Subject: Re: Please update courier security tracker information
From: Soren Stoutner <soren@debian.org>
Date: Wed, 23 Jul 2025 11:47:16 -0700
Message-id: <[🔎] 5129225.QUVhkkXW8f@soren-desktop>
In-reply-to: <[🔎] aH9GWKh8Nybg-YVW@eldamar.lan>
References: <1914501.R1toDxpfAE@soren-desktop> <[🔎] 5098965.jrt8l4j9yI@soren-desktop> <[🔎] aH9GWKh8Nybg-YVW@eldamar.lan>

On Tuesday, July 22, 2025 1:05:44 AM Mountain Standard Time Salvatore 
Bonaccorso wrote:
> - you can try to reach out to courier upstream to get a public answer
>   referenceable on the fix for CVE-2004-2313 which we can use as
>   proof.

That is reasonable.  I have a fairly good working relationship with upstream.  
I have opened the following issue requesting verification that neither of 
these CVEs affect the current version of SqWebMail:

https://github.com/svarshavchik/courier/issues/61

-- 
Soren Stoutner
soren@debian.org

Attachment: signature.asc
Description: This is a digitally signed message part.

Reply to:

References:
- Re: Please update courier security tracker information
  - From: Soren Stoutner <soren@debian.org>
- Re: Please update courier security tracker information
  - From: Salvatore Bonaccorso <carnil@debian.org>

Prev by Date: Re: Please update courier security tracker information
Next by Date: External check
Previous by thread: Re: Please update courier security tracker information
Next by thread: Re: Please update courier security tracker information
Index(es):
- Date
- Thread