Re: rPSA-2008-0001-1 dovecot

看板Bugtraq作者時間18年前 (2008/01/05 01:01), 編輯推噓0(000)
留言0則, 0人參與, 最新討論串5/5 (看更多)
Steven M. Christey wrote: > No, CVE-2007-6598 is correct. > [snip] > The announcement from Timo Sirainen, the upstream developer, does not > mention nss_ldap : > > http://dovecot.org/list/dovecot-news/2007-December/000057.html > http://dovecot.org/list/dovecot-news/2007-December/000058.html > > ... so perhaps some clarification is in order. rPath fixed the nss_ldap issue a month ago with rPSA-2007-0255-1. Our mailing list archived it at http://lists.rpath.com/pipermail/security-announce/2007-November/000284.html, but it should have been sent to bugtraq as well. The fix did not require any modifications to dovecot, so that is why dovecot wasn't mentioned in the advisory. smithj
更多 smithj. 的文章
文章代碼(AID): #17VcPq00 (Bugtraq)
更多 smithj. 的文章
文章代碼(AID): #17VcPq00 (Bugtraq)