Re: [SECURITY] [DSA 533-1] New courier packages fix cross-site scripting vulnerability

To: debian-security@lists.debian.org
Cc: Stefan Hornburg <racke@linuxia.de>
Subject: Re: [SECURITY] [DSA 533-1] New courier packages fix cross-site scripting vulnerability
From: Matt Zimmerman <mdz@debian.org>
Date: Fri, 23 Jul 2004 09:13:40 -0700
Message-id: <[🔎] 20040723161340.GO3736@alcor.net>
Mail-followup-to: debian-security@lists.debian.org, Stefan Hornburg <racke@linuxia.de>
In-reply-to: <[🔎] 200407231010.02998.robert.penz@outertech.com>
References: <20040723042050.GA3736@alcor.net> <[🔎] 200407231010.02998.robert.penz@outertech.com>

On Fri, Jul 23, 2004 at 10:11:30AM +0200, Robert Penz wrote:
> On Friday 23 July 2004 06:20, Matt Zimmerman wrote:
> 
> I've just updated to the new packages and now I've following problem
> 
> Jul 23 10:03:41 blackstar courieresmtpd: started,ip=[::ffff:62.138.5.44]
> Jul 23 10:03:41 blackstar esmtpd-ssl:
> /usr/lib/courier/courier/modules/esmtp/authstart: cannot read authmodulelist.
> Jul 23 10:03:41 blackstar courieresmtpd:
> error,relay=::ffff:62.138.5.44,msg="535 Authentication failed.",cmd: AUTH
> LOGIN
> 
> and Kmail reports that the server does not support login
> 
> I looked a little bit into the problem and the file
> 
> /etc/courier/authmodulelist
> 
> got removed in the update again - why again?
> 
> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=147285
> 
> fix with
> 
> # cat > /etc/courier/authmodulelist
> authdaemon

CCing the package maintainer.

-- 
 - mdz

Reply to:

References:
- Re: [SECURITY] [DSA 533-1] New courier packages fix cross-site scripting vulnerability
  - From: Robert Penz <robert.penz@outertech.com>

Prev by Date: Re: [SECURITY] [DSA 533-1] New courier packages fix cross-site scripting vulnerability
Next by Date: running services in their own little world
Previous by thread: Re: [SECURITY] [DSA 533-1] New courier packages fix cross-site scripting vulnerability
Next by thread: running services in their own little world
Index(es):
- Date
- Thread