[Dovecot] [Dovecot-news] v2.2.7 released

Eric Kom erickom at metropolitancollege.co.za
Mon Nov 4 01:47:25 EET 2013


Thanks again for the released.

Timo Sirainen <tss at iki.fi> wrote:
>On 3.11.2013, at 22.08, Timo Sirainen <tss at iki.fi> wrote:
>
>> 	* Some usage of passdb checkpassword could have been exploitable by
>> 	  local users. You may need to modify your setup to keep it working.
>> 	  See http://wiki2.dovecot.org/AuthDatabase/CheckPassword#Security
>
>Oh, forgot to mention here: This problem was found by the cPanel people
>(cPanel uses checkpassword). They also reserved CVE-2013-6171 for this.
>
>_______________________________________________
>Dovecot-news mailing list
>Dovecot-news at dovecot.org
>http://dovecot.org/cgi-bin/mailman/listinfo/dovecot-news

--
Senior IT Manager
Metropolitan Schools
013 750 2255

This message was sent from my Android mobile. I was out from the office at that time.



More information about the dovecot mailing list