Control: tags -1 + pending
On Sun, 2014-07-13 at 15:03 +0200, Andreas Metzler wrote:
> On 2014-07-13 "Adam D. Barratt" wrote:
> > On Sun, 2014-07-13 at 14:00 +0200, Andreas Metzler wrote:
> [...]
> > The window for getting the fix in to the point release officially closes
> > today; is that likel
Processing control commands:
> tags -1 + pending
Bug #699591 [release.debian.org] exim4 upload to stable (dovecot stability /
and optionally spf quoting)
Added tag(s) pending.
--
699591: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699591
Debian Bug Tracking System
Contact
On 2014-07-13 "Adam D. Barratt" wrote:
> On Sun, 2014-07-13 at 14:00 +0200, Andreas Metzler wrote:
[...]
> The window for getting the fix in to the point release officially closes
> today; is that likely to be doable?
[x] Uploaded.
> Assuming that the diff would consist of the patch from
There
Control: tags -1 + confirmed
On Sun, 2014-07-13 at 14:00 +0200, Andreas Metzler wrote:
> On 2014-07-08 "Adam D. Barratt" wrote:
> > On Sun, 2013-02-24 at 14:58 +0100, Andreas Metzler wrote:
> >> On 2013-02-17 "Adam D. Barratt" wrote:
> [...]
> >> I have just setup a test system in my squeeze ch
Processing control commands:
> tags -1 + confirmed
Bug #699591 [release.debian.org] exim4 upload to stable (dovecot stability /
and optionally spf quoting)
Added tag(s) confirmed.
--
699591: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699591
Debian Bug Tracking System
Contact
On 2014-07-08 "Adam D. Barratt" wrote:
> On Sun, 2013-02-24 at 14:58 +0100, Andreas Metzler wrote:
>> On 2013-02-17 "Adam D. Barratt" wrote:
[...]
>> I have just setup a test system in my squeeze chroot, using dovecot
>> with passdb passwd-file as authentication source. It worked for me. I
>> ha
On Sun, 2013-02-24 at 14:58 +0100, Andreas Metzler wrote:
> On 2013-02-17 "Adam D. Barratt" wrote:
> > Apologies for the delay in getting back to you about this.
>
> no worries.
and very much so again. :-(
> > On Sat, 2013-02-02 at 09:34 +0100, Andreas Metzler wrote:
> > > | Dovecot: robustness
On 2013-02-17 "Adam D. Barratt" wrote:
> Apologies for the delay in getting back to you about this.
no worries.
> On Sat, 2013-02-02 at 09:34 +0100, Andreas Metzler wrote:
> > | Dovecot: robustness; better msg on missing mech.
> [...]
>> This fixes an exim segfault when accessing a malicious dov
Hi,
Apologies for the delay in getting back to you about this.
On Sat, 2013-02-02 at 09:34 +0100, Andreas Metzler wrote:
> | Dovecot: robustness; better msg on missing mech.
[...]
> This fixes an exim segfault when accessing a malicious dovecot AUTH
> server. I have already talked with the securi
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: pu
On 2013-01-12 Andreas Metzler wrote:
> On 2013-01-06 "Adam D. Barratt" wrote:
> [...]
> > In principle the fixes sound okay but a debdiff between stable (well,
> > p-u, as that has +squeeze3) a
On 2013-01-06 "Adam D. Barratt" wrote:
[...]
> In principle the fixes sound okay but a debdiff between stable (well,
> p-u, as that has +squeeze3) and the proposed package would be
> appreciated.
There you go ...
cu andreas
--
`What a good friend you are to him, Dr. Maturin. His other friends
On 2013-01-07 Philipp Kern wrote:
> On Sat, Jan 05, 2013 at 02:20:06PM +0100, Andreas Metzler wrote:
[...]
> > Due to insufficient quoting it is possible to pass on arbitrary
> > arguments to spfquery and therefore bypass SPF checks. The fix is not
> > invasive, but it changes dpkg conffiles.
[...
On Sat, Jan 05, 2013 at 02:20:06PM +0100, Andreas Metzler wrote:
> On top of this I would like to discuss whether it is acceptable to fix
> http://bugs.debian.org/697057 in stable, too. [ I definitily want o
> get the fix into testing - #697444.] The Debian configuration
> optionally allows to use
On 2013-01-06 "Adam D. Barratt" wrote:
> On Sat, 2013-01-05 at 14:20 +0100, Andreas Metzler wrote:
> > | Dovecot: robustness; better msg on missing mech.
[...]
>> On top of this I would like to discuss whether it is acceptable to fix
>> http://bugs.debian.org/697057 in stable, too. [ I definitily
On Sat, 2013-01-05 at 14:20 +0100, Andreas Metzler wrote:
> | Dovecot: robustness; better msg on missing mech.
[...]
> This fixes an exim segfault when accessing a malicious dovecot AUTH
> server. I have already talked with the security team, Moritz agrees
> that this should be fixed in a point rel
Hello,
I would like to push this change to stable:
|--
| http://git.exim.org/exim.git/commit/3f1df0e341c4ddc4add38fa97d9d34972655a6c7
|
| Dovecot: robustness; better msg on missing mech.
|
| If the dovecot protocol response doesn't include the MECH messag
16 matches
Mail list logo
