Re: [SECURITY] [DSA 1516-1] New dovecot packages fix privilege escalation

To: debian-security@lists.debian.org
Subject: Re: [SECURITY] [DSA 1516-1] New dovecot packages fix privilege escalation
From: Florian Weimer <fw@deneb.enyo.de>
Date: Sat, 15 Mar 2008 17:54:45 +0100
Message-id: <[🔎] 87zlt03p2i.fsf@mid.deneb.enyo.de>
In-reply-to: <[🔎] 20080315110553.GA5667@gamma.ln.dn-kr.de> (Stefan Denker's message of "Sat, 15 Mar 2008 12:05:54 +0100")
References: <87abl0rik0.fsf@mid.deneb.enyo.de> <[🔎] 20080315110553.GA5667@gamma.ln.dn-kr.de>

* Stefan Denker:

>> For the old stable distribution (sarge), no updates are provided.
>> We recommend that you consider upgrading to the stable distribution.
>
> Would somebody then please update
> http://www.us.debian.org/News/2008/20080229.en.html to show that
> security support for sarge already ended?

This is similar to the situation with Mozilla.  Actually, it's better:
We would still release a dovecot update in case a critical vulnerability
is discovered.

And if someone actually needs a dovecot update for sarge and is willing
to test it, it should be possible to provide a tentative patch.

Reply to:

References:
- Re: [SECURITY] [DSA 1516-1] New dovecot packages fix privilege escalation
  - From: Stefan Denker <Stefan@dn-kr.de>

Prev by Date: Re: Is oldstable security support duration something to be proud of?
Next by Date: Re: Is oldstable security support duration something to be proud of?
Previous by thread: Re: [SECURITY] [DSA 1516-1] New dovecot packages fix privilege escalation
Next by thread: Re: [SECURITY] [DSA 1516-1] New dovecot packages fix privilege escalation
Index(es):
- Date
- Thread