4 Nov
2013
4 Nov
'13
1:47 a.m.
Thanks again for the released.
Timo Sirainen tss@iki.fi wrote:
On 3.11.2013, at 22.08, Timo Sirainen tss@iki.fi wrote:
- Some usage of passdb checkpassword could have been exploitable by local users. You may need to modify your setup to keep it working. See http://wiki2.dovecot.org/AuthDatabase/CheckPassword#Security
Oh, forgot to mention here: This problem was found by the cPanel people (cPanel uses checkpassword). They also reserved CVE-2013-6171 for this.
Dovecot-news mailing list Dovecot-news@dovecot.org http://dovecot.org/cgi-bin/mailman/listinfo/dovecot-news
-- Senior IT Manager Metropolitan Schools 013 750 2255
This message was sent from my Android mobile. I was out from the office at that time.