Debian Package Tracker

From: Simon Horman <horms@debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted perdition 1.15-5sarge1 (source i386)
Date: Sun, 23 Dec 2007 07:52:48 +0000
Signed by: Noah Meyerhans <noahm@csail.mit.edu>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Wed, 31 Oct 2007 13:49:04 +0900
Source: perdition
Binary: perdition perdition-postgresql perdition-mysql perdition-ldap perdition-dev perdition-odbc
Architecture: source i386
Version: 1.15-5sarge1
Distribution: oldstable-security
Urgency: high
Maintainer: Simon Horman <horms@debian.org>
Changed-By: Simon Horman <horms@debian.org>
Description: 
 perdition  - POP3 and IMAP4 Proxy server
 perdition-dev - Development libraries and headers for perdition
 perdition-ldap - Library to allow perdition to access LDAP based popmaps
 perdition-mysql - Library to allow perdition to access MySQL based popmaps
 perdition-odbc - Library to allow perdition to access ODBC based popmaps
 perdition-postgresql - Library to allow perdition to access PostgreSQL based popmaps
Changes: 
 perdition (1.15-5sarge1) oldstable-security; urgency=high
 .
   * Verify that tag read from end-users is valid
     - CVE-2007-5740
       The format string protection mechanism in IMAPD for Perdition Mail
       Retrieval Proxy 1.17 and earlier allows remote attackers to execute
       arbitrary code via an IMAP tag with a null byte followed by a format
       string specifier, which is not counted by the mechanism.
Files: 
 0e3ce322a1b1ad44abbda163b925d642 919 mail optional perdition_1.15-5sarge1.dsc
 aa17651883aea7cca61424ad9bf8a38e 7002 mail optional perdition_1.15-5sarge1.diff.gz
 7c3aaf30198cf73191a984a76637a940 551692 mail optional perdition_1.15.orig.tar.gz
 4671079309c853aa5d13f2918f53c1f2 119726 mail optional perdition_1.15-5sarge1_i386.deb
 b16d645566732d1385de81877c952d96 6294 mail optional perdition-dev_1.15-5sarge1_i386.deb
 9079ac2b06bb7fba3144ce3f76c3c215 15528 mail optional perdition-ldap_1.15-5sarge1_i386.deb
 633db52e6fcf8b4f2e099937498a012f 14326 mail optional perdition-mysql_1.15-5sarge1_i386.deb
 2f5b1b22d2b482082d83cc8a9070b964 14348 mail optional perdition-odbc_1.15-5sarge1_i386.deb
 b75a42714104e1578c8b3627c74c2d60 14232 mail optional perdition-postgresql_1.15-5sarge1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHKdd1YrVLjBFATsMRAoOeAJ98p/PKNIkKoftlCdil6fsbOqnl8wCghN/N
ZwN8HzVeQJSMX8x/jiJdQw8=
=sJHp
-----END PGP SIGNATURE-----


Accepted:
perdition-dev_1.15-5sarge1_i386.deb
  to pool/main/p/perdition/perdition-dev_1.15-5sarge1_i386.deb
perdition-ldap_1.15-5sarge1_i386.deb
  to pool/main/p/perdition/perdition-ldap_1.15-5sarge1_i386.deb
perdition-mysql_1.15-5sarge1_i386.deb
  to pool/main/p/perdition/perdition-mysql_1.15-5sarge1_i386.deb
perdition-odbc_1.15-5sarge1_i386.deb
  to pool/main/p/perdition/perdition-odbc_1.15-5sarge1_i386.deb
perdition-postgresql_1.15-5sarge1_i386.deb
  to pool/main/p/perdition/perdition-postgresql_1.15-5sarge1_i386.deb
perdition_1.15-5sarge1.diff.gz
  to pool/main/p/perdition/perdition_1.15-5sarge1.diff.gz
perdition_1.15-5sarge1.dsc
  to pool/main/p/perdition/perdition_1.15-5sarge1.dsc
perdition_1.15-5sarge1_i386.deb
  to pool/main/p/perdition/perdition_1.15-5sarge1_i386.deb
News for package perdition
