Register | Log in

courier-authlib

Courier authentication library

Choose email to subscribe with

general

source: courier-authlib (main)
version: 0.71.1-2
maintainer: Markus Wanner (DMD)
arch: any
std-ver: 4.5.1
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

oldstable: 0.66.4-9
stable: 0.69.0-2
testing: 0.71.1-2
unstable: 0.71.1-2

versioned links

0.66.4-9: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.69.0-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.71.1-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

courier-authdaemon (8 bugs: 0, 6, 2, 0)
courier-authlib (4 bugs: 1, 3, 0, 0)
courier-authlib-dev
courier-authlib-ldap (3 bugs: 0, 2, 1, 0)
courier-authlib-mysql (2 bugs: 0, 1, 1, 0)
courier-authlib-pipe (2 bugs: 0, 2, 0, 0)
courier-authlib-postgresql (2 bugs: 0, 2, 0, 0)
courier-authlib-sqlite
courier-authlib-userdb

action needed

A new upstream version is available: 0.71.2 high

A new upstream version 0.71.2 is available, you should consider packaging it.

Created: 2021-03-21 Last update: 2021-04-12 17:35

1 security issue in stretch high

There is 1 open security issue in stretch.

1 important issue:

CVE-2021-28374: The Debian courier-authlib package before 0.71.1-2 for Courier Authentication Library creates a /run/courier/authdaemon directory with weak permissions, allowing an attacker to read user information. This may include a cleartext password in some configurations. In general, it includes the user's existence, uid and gids, home and/or Maildir directory, quota, and some type of password information (such as a hash).

Created: 2021-03-10 Last update: 2021-03-21 19:04

1 security issue in buster high

There is 1 open security issue in buster.

1 important issue:

CVE-2021-28374: The Debian courier-authlib package before 0.71.1-2 for Courier Authentication Library creates a /run/courier/authdaemon directory with weak permissions, allowing an attacker to read user information. This may include a cleartext password in some configurations. In general, it includes the user's existence, uid and gids, home and/or Maildir directory, quota, and some type of password information (such as a hash).

Created: 2021-03-10 Last update: 2021-03-21 19:04

1 bug tagged patch in the BTS normal

The BTS contains patches fixing 1 bug, consider including or untagging them.

Created: 2020-10-19 Last update: 2021-04-12 17:30

lintian reports 13 warnings normal

Lintian reports 13 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2021-04-11 Last update: 2021-04-11 10:16

Build log checks report 1 warning low

Build log checks report 1 warning

Created: 2017-10-26 Last update: 2017-10-26 07:22

news

[2021-03-17] courier-authlib 0.71.1-2 MIGRATED to testing (Debian testing watch)
[2021-03-08] Accepted courier-authlib 0.71.1-2 (source) into unstable (Markus Wanner)
[2021-02-27] courier-authlib 0.71.1-1 MIGRATED to testing (Debian testing watch)
[2021-02-16] Accepted courier-authlib 0.71.1-1 (source) into unstable (Markus Wanner)
[2020-12-29] courier-authlib 0.71.0-1 MIGRATED to testing (Debian testing watch)
[2020-12-26] Accepted courier-authlib 0.71.0-1 (source) into unstable (Markus Wanner)
[2019-02-05] courier-authlib 0.69.0-2 MIGRATED to testing (Debian testing watch)
[2019-02-03] Accepted courier-authlib 0.69.0-2 (source amd64) into unstable (Markus Wanner)
[2018-10-22] courier-authlib 0.69.0-1 MIGRATED to testing (Debian testing watch)
[2018-10-17] Accepted courier-authlib 0.69.0-1 (source) into unstable (Markus Wanner)
[2018-10-12] Accepted courier-authlib 0.68.0-4.1 (source) into unstable (Dmitry Bogatov) (signed by: Dmitry Shachnev)
[2018-05-22] Accepted courier-authlib 0.68.0.20180427-1 (source ppc64el) into experimental (Markus Wanner)
[2017-09-17] courier-authlib 0.68.0-4 MIGRATED to testing (Debian testing watch)
[2017-09-11] Accepted courier-authlib 0.68.0-4 (source) into unstable (Markus Wanner)
[2017-07-24] courier-authlib 0.68.0-3 MIGRATED to testing (Debian testing watch)
[2017-07-18] Accepted courier-authlib 0.68.0-3 (source) into unstable (Markus Wanner)
[2017-07-17] Accepted courier-authlib 0.68.0-2 (source amd64) into unstable (Markus Wanner)
[2017-07-02] Accepted courier-authlib 0.68.0-1 (source amd64) into unstable (Markus Wanner)
[2017-04-09] Accepted courier-authlib 0.67.0-1 (source) into experimental (Markus Wanner)
[2017-01-01] courier-authlib 0.66.4-9 MIGRATED to testing (Debian testing watch)
[2016-12-21] Accepted courier-authlib 0.66.4-9 (source) into unstable (Ondřej Surý)
[2016-12-01] courier-authlib 0.66.4-8 MIGRATED to testing (Debian testing watch)
[2016-11-25] Accepted courier-authlib 0.66.4-8 (source) into unstable (Ondřej Surý)
[2016-04-16] courier-authlib 0.66.4-7 MIGRATED to testing (Debian testing watch)
[2016-03-23] Accepted courier-authlib 0.66.4-7 (source amd64) into unstable (Ondřej Surý)
[2016-03-22] Accepted courier-authlib 0.66.4-6 (source amd64) into unstable (Ondřej Surý)
[2016-03-16] Accepted courier-authlib 0.66.4-5 (source amd64) into unstable (Ondřej Surý)
[2016-02-05] Accepted courier-authlib 0.66.4-3 (source amd64) into unstable (Ondřej Surý)
[2016-01-02] Accepted courier-authlib 0.66.4-2 (source amd64) into unstable (Ondřej Surý)
[2016-01-02] Accepted courier-authlib 0.66.4-1 (source amd64) into unstable, unstable (Ondřej Surý)

1
2

bugs [bug history graph]

all: 21
RC: 1
I&N: 16
M&W: 4
F&P: 0
patch: 1

links

homepage
lintian (0, 13)
buildd: logs, checks, clang, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker
screenshots
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 0.71.1-1
10 bugs (1 patch)

Debian Package Tracker — Copyright 2013-2018 The Distro Tracker Developers

Report problems to the tracker.debian.org pseudo-package in the Debian BTS.

Documentation — Bugs — Git Repository — Contributing