7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
Jaldhar H. Vyas uploaded new packages which fix the following problem:
DSA-1892-1
CVE-2009-2632, CVE-2009-3235
Multiple stack-based buffer overflows in the Sieve plugin in Dovecot
For the etch-backports distribution the problem has been fixed in
version 1.0.15-2.3+lenny1~bpo40+1
For the lenny-backports distribution the problem has been fixed in
version 1.2.4-2~bpo50+1 (note this is because the 1.2.x series include an
entirely new sieve plugin.)
Upgrade instructions
If you don't use pinning
(http://backports.org/dokuwiki/doku.php?id=instructions) you have to
update the package manually via apt-get -t lenny-backports install
<packagename>.
We recommend to pin the backports repository to 200 so that new versions
of installed backports will be installed automatically.
Package: *
Pin: release a=lenny-backports
Pin-Priority: 200
Jaldhar H. Vyas <[email protected]>
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 4 | mipsel | cyrus-pop3d-2.2 | < 2.2.13-10+etch4 | cyrus-pop3d-2.2_2.2.13-10+etch4_mipsel.deb |
Debian | 4 | mips | kolab-cyrus-pop3d | < 2.2.13-2+etch2 | kolab-cyrus-pop3d_2.2.13-2+etch2_mips.deb |
Debian | 5 | s390 | dovecot-imapd | < 1.0.15-2.3+lenny1 | dovecot-imapd_1.0.15-2.3+lenny1_s390.deb |
Debian | 4 | ia64 | libcyrus-imap-perl22 | < 2.2.13-10+etch4 | libcyrus-imap-perl22_2.2.13-10+etch4_ia64.deb |
Debian | 5 | arm | dovecot-dev | < 1.0.15-2.3+lenny1 | dovecot-dev_1.0.15-2.3+lenny1_arm.deb |
Debian | 5 | amd64 | dovecot-common | < 1.0.15-2.3+lenny1 | dovecot-common_1.0.15-2.3+lenny1_amd64.deb |
Debian | 4 | i386 | kolab-cyrus-imapd | < 2.2.13-2+etch2 | kolab-cyrus-imapd_2.2.13-2+etch2_i386.deb |
Debian | 4 | s390 | dovecot-pop3d | < 1.0.rc15-2etch5 | dovecot-pop3d_1.0.rc15-2etch5_s390.deb |
Debian | 5 | sparc | kolab-cyrus-clients | < 2.2.13-5+lenny2 | kolab-cyrus-clients_2.2.13-5+lenny2_sparc.deb |
Debian | 5 | amd64 | kolab-cyrus-imapd | < 2.2.13-5+lenny2 | kolab-cyrus-imapd_2.2.13-5+lenny2_amd64.deb |