--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2009-9559
2009-09-15 06:22:55
--------------------------------------------------------------------------------

Name        : dovecot
Product     : Fedora 10
Version     : 1.1.18
Release     : 2.fc10
URL         : https://www.dovecot.org/
Summary     : Dovecot Secure imap server
Description :
Dovecot is an IMAP server for Linux/UNIX-like systems, written with security
primarily in mind.  It also contains a small POP3 server.  It supports mail
in either of maildir or mbox formats.

The SQL drivers and authentication plugins are in their subpackages.

--------------------------------------------------------------------------------
Update Information:

dovecot-sieve updated to 1.1.7    It is derived from CMU sieve used by cyrus-
imapd and was affected by CVE-2009-2632 too.    See upstream announcement for
further details:  https://dovecot.org/list/dovecot-news/2009-September/000135.html
--------------------------------------------------------------------------------
ChangeLog:

* Mon Sep 14 2009 Michal Hlavinka  - 1:1.1.18-2
- dovecot-sieve updated to 1.1.7
- fixes bug similar to CVE-2009-2632 (buffer overflow)
* Wed Jul 29 2009 Michal Hlavinka  - 1:1.1.18-1
- updated to 1.1.18
- Maildir++ quota: Quota was sometimes updated wrong when it was
  being recalculated.
- Searching quoted-printable message body internally converted "_"
  characters to spaces and didn't match search keys with "_".
* Mon Jul 13 2009 Michal Hlavinka  - 1:1.1.17-1
- updated to 1.1.17
- IMAP: Don't crash if IDLE command is pipelined after a long-running
  UID FETCH or UID SEARCH.
- mbox: Don't write garbage to mbox if message doesn't have a body.
- Maildir: Fixed using in-memory indexes when some required directory
  was missing.
- auth: Don't assert-crash if trying to log in as master user but
  with empty login username.
- Several fixes to expire plugin / expire-tool
- managesive updated: improved handling of script truncation 
  bugs: connection is now closed
* Wed Jun  3 2009 Michal Hlavinka  - 1:1.1.16-1
- updated to 1.1.16
* Fri May 22 2009 Michal Hlavinka  - 1:1.1.15-1
- updated to 1.1.15
* Wed Feb 11 2009 Michal Hlavinka  - 1:1.1.14-1
- updated to 1.1.14
* Wed Feb 11 2009 Michal Hlavinka  - 1:1.1.11-1
- updated to 1.1.11
- IMAP: PERMANENTFLAGS list didn't contain \*, causing some clients
  not to save keywords.
- auth: Using "username" or "domain" passdb fields caused problems
  with cache and blocking passdbs in v1.1.8 .. v1.1.10.
- userdb prefetch + blocking passdbs was broken with non-plaintext
  auth in v1.1.8 .. v1.1.10.
* Tue Jan 27 2009 Michal Hlavinka  - 1:1.1.10-1
- update dovecot to 1.1.10
- added managesieve support
* Thu Jan  8 2009 Michal Hlavinka  - 1:1.1.8-1
- update dovecot to 1.1.8 (Resolves: #475848)
- update dovecot sieve plugin to 1.1.6
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #521010 - cyrus-imapd: buffer overflow in cyrus sieve
        https://bugzilla.redhat.com/show_bug.cgi?id=521010
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update dovecot' at the command line.
For more information, refer to "Managing Software with yum",
available at .

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
--------------------------------------------------------------------------------

_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-announce