Debian Package Tracker
Register | Log in
Subscribe

courier-authlib

Courier authentication library

Choose email to subscribe with

general
  • source: courier-authlib (main)
  • version: 0.71.1-2
  • maintainer: Markus Wanner (DMD)
  • arch: any
  • std-ver: 4.5.1
  • VCS: Git (Browse, QA)
versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]
[pool directory]
  • oldstable: 0.66.4-9
  • stable: 0.69.0-2
  • testing: 0.71.1-2
  • unstable: 0.71.1-2
versioned links
  • 0.66.4-9: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 0.69.0-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 0.71.1-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
binaries
  • courier-authdaemon (8 bugs: 0, 6, 2, 0)
  • courier-authlib (4 bugs: 1, 3, 0, 0)
  • courier-authlib-dev
  • courier-authlib-ldap (3 bugs: 0, 2, 1, 0)
  • courier-authlib-mysql (2 bugs: 0, 1, 1, 0)
  • courier-authlib-pipe (2 bugs: 0, 2, 0, 0)
  • courier-authlib-postgresql (2 bugs: 0, 2, 0, 0)
  • courier-authlib-sqlite
  • courier-authlib-userdb
action needed
A new upstream version is available: 0.71.2 high
A new upstream version 0.71.2 is available, you should consider packaging it.
Created: 2021-03-21 Last update: 2021-04-12 17:35
1 security issue in stretch high

There is 1 open security issue in stretch.

1 important issue:
  • CVE-2021-28374: The Debian courier-authlib package before 0.71.1-2 for Courier Authentication Library creates a /run/courier/authdaemon directory with weak permissions, allowing an attacker to read user information. This may include a cleartext password in some configurations. In general, it includes the user's existence, uid and gids, home and/or Maildir directory, quota, and some type of password information (such as a hash).
Created: 2021-03-10 Last update: 2021-03-21 19:04
1 security issue in buster high

There is 1 open security issue in buster.

1 important issue:
  • CVE-2021-28374: The Debian courier-authlib package before 0.71.1-2 for Courier Authentication Library creates a /run/courier/authdaemon directory with weak permissions, allowing an attacker to read user information. This may include a cleartext password in some configurations. In general, it includes the user's existence, uid and gids, home and/or Maildir directory, quota, and some type of password information (such as a hash).
Created: 2021-03-10 Last update: 2021-03-21 19:04
1 bug tagged patch in the BTS normal
The BTS contains patches fixing 1 bug, consider including or untagging them.
Created: 2020-10-19 Last update: 2021-04-12 17:30
lintian reports 13 warnings normal
Lintian reports 13 warnings about this package. You should make the package lintian clean getting rid of them.
Created: 2021-04-11 Last update: 2021-04-11 10:16
Build log checks report 1 warning low
Build log checks report 1 warning
Created: 2017-10-26 Last update: 2017-10-26 07:22
news
[rss feed]
  • [2021-03-17] courier-authlib 0.71.1-2 MIGRATED to testing (Debian testing watch)
  • [2021-03-08] Accepted courier-authlib 0.71.1-2 (source) into unstable (Markus Wanner)
  • [2021-02-27] courier-authlib 0.71.1-1 MIGRATED to testing (Debian testing watch)
  • [2021-02-16] Accepted courier-authlib 0.71.1-1 (source) into unstable (Markus Wanner)
  • [2020-12-29] courier-authlib 0.71.0-1 MIGRATED to testing (Debian testing watch)
  • [2020-12-26] Accepted courier-authlib 0.71.0-1 (source) into unstable (Markus Wanner)
  • [2019-02-05] courier-authlib 0.69.0-2 MIGRATED to testing (Debian testing watch)
  • [2019-02-03] Accepted courier-authlib 0.69.0-2 (source amd64) into unstable (Markus Wanner)
  • [2018-10-22] courier-authlib 0.69.0-1 MIGRATED to testing (Debian testing watch)
  • [2018-10-17] Accepted courier-authlib 0.69.0-1 (source) into unstable (Markus Wanner)
  • [2018-10-12] Accepted courier-authlib 0.68.0-4.1 (source) into unstable (Dmitry Bogatov) (signed by: Dmitry Shachnev)
  • [2018-05-22] Accepted courier-authlib 0.68.0.20180427-1 (source ppc64el) into experimental (Markus Wanner)
  • [2017-09-17] courier-authlib 0.68.0-4 MIGRATED to testing (Debian testing watch)
  • [2017-09-11] Accepted courier-authlib 0.68.0-4 (source) into unstable (Markus Wanner)
  • [2017-07-24] courier-authlib 0.68.0-3 MIGRATED to testing (Debian testing watch)
  • [2017-07-18] Accepted courier-authlib 0.68.0-3 (source) into unstable (Markus Wanner)
  • [2017-07-17] Accepted courier-authlib 0.68.0-2 (source amd64) into unstable (Markus Wanner)
  • [2017-07-02] Accepted courier-authlib 0.68.0-1 (source amd64) into unstable (Markus Wanner)
  • [2017-04-09] Accepted courier-authlib 0.67.0-1 (source) into experimental (Markus Wanner)
  • [2017-01-01] courier-authlib 0.66.4-9 MIGRATED to testing (Debian testing watch)
  • [2016-12-21] Accepted courier-authlib 0.66.4-9 (source) into unstable (Ondřej Surý)
  • [2016-12-01] courier-authlib 0.66.4-8 MIGRATED to testing (Debian testing watch)
  • [2016-11-25] Accepted courier-authlib 0.66.4-8 (source) into unstable (Ondřej Surý)
  • [2016-04-16] courier-authlib 0.66.4-7 MIGRATED to testing (Debian testing watch)
  • [2016-03-23] Accepted courier-authlib 0.66.4-7 (source amd64) into unstable (Ondřej Surý)
  • [2016-03-22] Accepted courier-authlib 0.66.4-6 (source amd64) into unstable (Ondřej Surý)
  • [2016-03-16] Accepted courier-authlib 0.66.4-5 (source amd64) into unstable (Ondřej Surý)
  • [2016-02-05] Accepted courier-authlib 0.66.4-3 (source amd64) into unstable (Ondřej Surý)
  • [2016-01-02] Accepted courier-authlib 0.66.4-2 (source amd64) into unstable (Ondřej Surý)
  • [2016-01-02] Accepted courier-authlib 0.66.4-1 (source amd64) into unstable, unstable (Ondřej Surý)
  • 1
  • 2
bugs [bug history graph]
  • all: 21
  • RC: 1
  • I&N: 16
  • M&W: 4
  • F&P: 0
  • patch: 1
links
  • homepage
  • lintian (0, 13)
  • buildd: logs, checks, clang, reproducibility, cross
  • popcon
  • browse source code
  • edit tags
  • other distros
  • security tracker
  • screenshots
  • debci
ubuntu Ubuntu logo [Information about Ubuntu for Debian Developers]
  • version: 0.71.1-1
  • 10 bugs (1 patch)

Debian Package Tracker — Copyright 2013-2018 The Distro Tracker Developers
Report problems to the tracker.debian.org pseudo-package in the Debian BTS.
Documentation — Bugs — Git Repository — Contributing