---------------------------------------------------------------------- A new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI has been released. The new version includes many new and advanced features, which makes it even easier to stay patched. Download and test it today: https://psi.secunia.com/ Read more about this new version: https://psi.secunia.com/?page=changelog ---------------------------------------------------------------------- TITLE: Debian update for dovecot SECUNIA ADVISORY ID: SA28404 VERIFY ADVISORY: http://secunia.com/advisories/28404/ CRITICAL: Less critical IMPACT: Security Bypass WHERE: >From remote OPERATING SYSTEM: Debian GNU/Linux unstable alias sid http://secunia.com/product/530/ Debian GNU/Linux 4.0 http://secunia.com/product/13844/ DESCRIPTION: Debian has issued an update for dovecot. This fixes a security issue, which can be exploited by malicious users to bypass certain security restrictions. For more information: SA28271 SOLUTION: Apply updated packages. -- Debian 4.0 (stable) -- Source archives: http://security.debian.org/pool/updates/main/d/dovecot/dovecot_1.0.rc15.orig.tar.gz Size/MD5 checksum: 1463069 26f3d2b075856b1b1d180146363819e6 http://security.debian.org/pool/updates/main/d/dovecot/dovecot_1.0.rc15-2etch2.diff.gz Size/MD5 checksum: 95447 4252a81404254f52b5e6c94a4de4523a http://security.debian.org/pool/updates/main/d/dovecot/dovecot_1.0.rc15-2etch3.diff.gz Size/MD5 checksum: 95500 0830883bb3ca7c2630997d965de70649 http://security.debian.org/pool/updates/main/d/dovecot/dovecot_1.0.rc15-2etch3.dsc Size/MD5 checksum: 1007 5191ee3012a0cc39733193c0a252390b http://security.debian.org/pool/updates/main/d/dovecot/dovecot_1.0.rc15-2etch2.dsc Size/MD5 checksum: 1007 c3433847e48d110427082efcad604c01 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/d/dovecot/dovecot-imapd_1.0.rc15-2etch3_alpha.deb Size/MD5 checksum: 618976 eb902859a167ebafb599e61924acf195 http://security.debian.org/pool/updates/main/d/dovecot/dovecot-common_1.0.rc15-2etch3_alpha.deb Size/MD5 checksum: 1374032 a3dcd337e6db9d0960c00bc338ef8ef2 http://security.debian.org/pool/updates/main/d/dovecot/dovecot-pop3d_1.0.rc15-2etch3_alpha.deb Size/MD5 checksum: 580876 bea05f9a7ea34106b4c24d616cc04b32 amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/d/dovecot/dovecot-common_1.0.rc15-2etch2_amd64.deb Size/MD5 checksum: 1217404 d23db4b3ddd688c1fd2f1d071efbebb3 http://security.debian.org/pool/updates/main/d/dovecot/dovecot-imapd_1.0.rc15-2etch2_amd64.deb Size/MD5 checksum: 568628 7e1bdb2f9f1b22d9195df779dc3a2c51 http://security.debian.org/pool/updates/main/d/dovecot/dovecot-pop3d_1.0.rc15-2etch3_amd64.deb Size/MD5 checksum: 534094 9c7af4af63a1e8fe9eefec8a47f12823 http://security.debian.org/pool/updates/main/d/dovecot/dovecot-imapd_1.0.rc15-2etch3_amd64.deb Size/MD5 checksum: 568666 ef8531b8cf9e8bf4ef56e9d3ca856c30 http://security.debian.org/pool/updates/main/d/dovecot/dovecot-pop3d_1.0.rc15-2etch2_amd64.deb Size/MD5 checksum: 534050 12b89ff0b7b9401c53b92690bf271fa4 http://security.debian.org/pool/updates/main/d/dovecot/dovecot-common_1.0.rc15-2etch3_amd64.deb Size/MD5 checksum: 1217440 e62e69df8289b9faf7dc784aa36653fb arm architecture (ARM) http://security.debian.org/pool/updates/main/d/dovecot/dovecot-common_1.0.rc15-2etch3_arm.deb Size/MD5 checksum: 1118112 c3596a761103d16762e93c33d7f6e058 http://security.debian.org/pool/updates/main/d/dovecot/dovecot-imapd_1.0.rc15-2etch3_arm.deb Size/MD5 checksum: 535328 033b84c6b155e0d3313d52e133293d3f http://security.debian.org/pool/updates/main/d/dovecot/dovecot-pop3d_1.0.rc15-2etch3_arm.deb Size/MD5 checksum: 503874 cd1650904a0f228c6b98af6e1bdac58f hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/d/dovecot/dovecot-imapd_1.0.rc15-2etch3_hppa.deb Size/MD5 checksum: 596448 6f670915264fc88cdcf54d6f718271da http://security.debian.org/pool/updates/main/d/dovecot/dovecot-pop3d_1.0.rc15-2etch3_hppa.deb Size/MD5 checksum: 559828 3cd525f298dd4f95ddafc60fa00af2ad http://security.debian.org/pool/updates/main/d/dovecot/dovecot-common_1.0.rc15-2etch3_hppa.deb Size/MD5 checksum: 1293898 32a6bc67694aab1fba397f9b746ec00d i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/d/dovecot/dovecot-common_1.0.rc15-2etch3_i386.deb Size/MD5 checksum: 1127876 b720d23e84f19188a4a845a93e1afab5 http://security.debian.org/pool/updates/main/d/dovecot/dovecot-pop3d_1.0.rc15-2etch3_i386.deb Size/MD5 checksum: 512088 7f4afa3a1edcc4d9d609ec4e91804e7d http://security.debian.org/pool/updates/main/d/dovecot/dovecot-imapd_1.0.rc15-2etch3_i386.deb Size/MD5 checksum: 544222 ac00cab6f14766e6519106db934a346e ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/d/dovecot/dovecot-pop3d_1.0.rc15-2etch3_ia64.deb Size/MD5 checksum: 733448 741376eac279addd80f1a5a4151c0190 http://security.debian.org/pool/updates/main/d/dovecot/dovecot-imapd_1.0.rc15-2etch3_ia64.deb Size/MD5 checksum: 789836 1f324e98577f0813e0774aebdac4bf3c http://security.debian.org/pool/updates/main/d/dovecot/dovecot-common_1.0.rc15-2etch3_ia64.deb Size/MD5 checksum: 1694506 8fb22f4e16d8829c972eb47d87326442 mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/d/dovecot/dovecot-imapd_1.0.rc15-2etch3_mips.deb Size/MD5 checksum: 593186 9429f09e56a17852ec0d4f1883a44418 http://security.debian.org/pool/updates/main/d/dovecot/dovecot-pop3d_1.0.rc15-2etch3_mips.deb Size/MD5 checksum: 557174 ad2533c8d9f24818de213ec1ee9e563c http://security.debian.org/pool/updates/main/d/dovecot/dovecot-common_1.0.rc15-2etch3_mips.deb Size/MD5 checksum: 1258326 faec7dd02f8997f5b61565d79b71dfe9 mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/d/dovecot/dovecot-pop3d_1.0.rc15-2etch3_mipsel.deb Size/MD5 checksum: 556708 e9a23056291e49b07720dfa128cf4355 http://security.debian.org/pool/updates/main/d/dovecot/dovecot-imapd_1.0.rc15-2etch3_mipsel.deb Size/MD5 checksum: 592678 914d97a334c1e5d0c5da3419509053d7 http://security.debian.org/pool/updates/main/d/dovecot/dovecot-common_1.0.rc15-2etch3_mipsel.deb Size/MD5 checksum: 1263238 51892e3eef20b05efdedafd93dfb8b27 powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/d/dovecot/dovecot-pop3d_1.0.rc15-2etch3_powerpc.deb Size/MD5 checksum: 533692 37d655f8f22d8e63fe57f707746d108c http://security.debian.org/pool/updates/main/d/dovecot/dovecot-imapd_1.0.rc15-2etch3_powerpc.deb Size/MD5 checksum: 567296 c668c1a2296e5a54b4190608ae706564 http://security.debian.org/pool/updates/main/d/dovecot/dovecot-common_1.0.rc15-2etch3_powerpc.deb Size/MD5 checksum: 1206504 556c296f2825c508775b5c910ad7f385 s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/d/dovecot/dovecot-imapd_1.0.rc15-2etch3_s390.deb Size/MD5 checksum: 592970 6cfce6df2d58abd7e5002394221a0fff http://security.debian.org/pool/updates/main/d/dovecot/dovecot-common_1.0.rc15-2etch3_s390.deb Size/MD5 checksum: 1284770 d60983cf66112e20a71441a8df3ce0ad http://security.debian.org/pool/updates/main/d/dovecot/dovecot-pop3d_1.0.rc15-2etch3_s390.deb Size/MD5 checksum: 557700 a400bbead94536ffd9e6434426307d8c sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/d/dovecot/dovecot-pop3d_1.0.rc15-2etch3_sparc.deb Size/MD5 checksum: 499754 c0dfefb92101b244c56221c32fd1170c http://security.debian.org/pool/updates/main/d/dovecot/dovecot-common_1.0.rc15-2etch3_sparc.deb Size/MD5 checksum: 1103550 dbb8d030cfd1a5e4029177e1251f578e http://security.debian.org/pool/updates/main/d/dovecot/dovecot-imapd_1.0.rc15-2etch3_sparc.deb Size/MD5 checksum: 531296 dd6dcf26a866c0590f4e8b746dc09bd4 -- Debian GNU/Linux unstable alias sid -- Fixed in version 1.0.10-1. ORIGINAL ADVISORY: http://lists.debian.org/debian-security-announce/debian-security-announce-2008/msg00015.html OTHER REFERENCES: SA28271: http://secunia.com/advisories/28271/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------