LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: April 21st, 2014
Linux Security Week: April 7th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Fedora 8 Update: dovecot-1.0.15-16.fc8 Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Fedora new possibility to store ssl passwords in different file linked to dovecot.conf via !include_try directive change permissions of deliver and dovecot.conf to prevent possible password exposure change permissions of deliver and dovecot.conf to prevent possible password exposure
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2008-10797
2008-12-07 02:15:14
--------------------------------------------------------------------------------

Name        : dovecot
Product     : Fedora 8
Version     : 1.0.15
Release     : 16.fc8
URL         : http://www.dovecot.org/
Summary     : Dovecot Secure imap server
Description :
Dovecot is an IMAP server for Linux/UNIX-like systems, written with security
primarily in mind.  It also contains a small POP3 server.  It supports mail
in either of maildir or mbox formats.

The SQL drivers and authentication plugins are in their subpackages.

--------------------------------------------------------------------------------
Update Information:

new possibility to store ssl passwords in different file linked to dovecot.conf
via !include_try directive change permissions of deliver and dovecot.conf to
prevent possible password exposure change permissions of deliver and
dovecot.conf to prevent possible password exposure
--------------------------------------------------------------------------------
ChangeLog:

* Tue Dec  2 2008 Michal Hlavinka  - 1.0.15-16
- permissions of deliver and dovecot.conf from 1.0.15-15 reverted
- password can be stored in different file readable only for root now
* Mon Nov  3 2008 Michal Hlavinka  - 1:1.0.15-15
- change permissions of deliver and dovecot.conf to prevent possible password exposure
* Wed Oct 29 2008 Michal Hlavinka  - 1:1.0.15-14
- fix handling of negative rights in the ACL plugin (Resolves: CVE-2008-4577)
* Thu Aug 14 2008 Dan Horak  - 1:1.0.15-13
- add missing defattr into subpackages
- remove unused patches from CVS
* Tue Jul 29 2008 Dan Horak  - 1:1.0.15-12
- really ask for the password during start-up
* Tue Jul 29 2008 Dan Horák  - 1:1.0.15-11
- final solution for #445200 (put the password into /etc/sysconfig/dovecot)
* Tue Jul  1 2008 Dan Horák  - 1:1.0.15-10
- bump release
* Sun Jun 22 2008 Dan Horák  - 1:1.0.15-1
- update to latest upstream 1.0.15
- Resolves: #452088
* Wed Jun 18 2008 Dan Horak  - 1:1.0.14-9
- update init script (Resolves: #451838)
* Sat Jun  7 2008 Dan Horak  - 1:1.0.14-8
- build devel subpackage (Resolves: #306881)
* Fri Jun  6 2008 Dan Horák  - 1:1.0.14-7
- update to latest upstream stable (dovecot 1.0.14, sieve plugin 1.0.3)
- Resolves: #445200, #448095, #450010
* Sun Mar  9 2008 Tomas Janousek  - 1:1.0.13-6
- update to latest upstream stable (1.0.13)
* Wed Feb 20 2008 Fedora Release Engineering  - 1:1.0.10-5
- Autorebuild for GCC 4.3
* Mon Jan  7 2008 Tomas Janousek  - 1:1.0.10-4
- update to latest upstream stable (1.0.10)
* Wed Dec  5 2007 Jesse Keating  - 1:1.0.7-3
- Bump for deps
* Mon Nov  5 2007 Tomas Janousek  - 1:1.0.7-2
- update to latest upstream stable (1.0.7)
- added the winbind patch (#286351)
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update dovecot' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------

_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-announce
 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Fixing OpenSSL's Heartbleed flaw will take MONTHS, warns Secunia
Even the most secure cloud storage may not be so secure, study finds
Targeted Attack Uses Heartbleed to Hijack VPN Sessions
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.