[SECURITY] Fedora 15 Update: dovecot-2.0.13-1.fc15

updates at fedoraproject.org updates at fedoraproject.org
Fri May 27 20:20:10 UTC 2011


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2011-7268
2011-05-19 21:34:59
--------------------------------------------------------------------------------

Name        : dovecot
Product     : Fedora 15
Version     : 2.0.13
Release     : 1.fc15
URL         : http://www.dovecot.org/
Summary     : Secure imap and pop3 server
Description :
Dovecot is an IMAP server for Linux/UNIX-like systems, written with security
primarily in mind.  It also contains a small POP3 server.  It supports mail
in either of maildir or mbox formats.

The SQL drivers and authentication plug-ins are in their subpackages.

--------------------------------------------------------------------------------
Update Information:

- dovecot updated to 2.0.13
- mdbox purge: Fixed wrong warning about corrupted extrefs.
- script-login binary wasn't actually dropping privileges to the
  user/group/chroot specified by its service settings.
- Fixed potential crashes and other problems when parsing header names
  that contained NUL characters.
--------------------------------------------------------------------------------
ChangeLog:

* Thu May 12 2011 Michal Hlavinka <mhlavink at redhat.com> - 1:2.0.13-1
- dovecot updated to 2.0.13
- mdbox purge: Fixed wrong warning about corrupted extrefs.
- script-login binary wasn't actually dropping privileges to the
  user/group/chroot specified by its service settings.
- Fixed potential crashes and other problems when parsing header names
  that contained NUL characters.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #706286 - CVE-2011-1929 dovecot: potential crash when parsing header names that contain NUL characters
        https://bugzilla.redhat.com/show_bug.cgi?id=706286
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update dovecot' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


More information about the package-announce mailing list