---------------------------------------------------------------------- A new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI has been released. The new version includes many new and advanced features, which makes it even easier to stay patched. Download and test it today: https://psi.secunia.com/ Read more about this new version: https://psi.secunia.com/?page=changelog ---------------------------------------------------------------------- TITLE: Ubuntu update for dovecot SECUNIA ADVISORY ID: SA28434 VERIFY ADVISORY: http://secunia.com/advisories/28434/ CRITICAL: Less critical IMPACT: Security Bypass WHERE: >From remote OPERATING SYSTEM: Ubuntu Linux 7.04 http://secunia.com/product/14068/ Ubuntu Linux 7.10 http://secunia.com/product/16251/ DESCRIPTION: Ubuntu has issued an update for dovecot. This fixes a security issue, which can be exploited by malicious users to bypass certain security restrictions. For more information: SA28271 SOLUTION: Apply updated packages. -- Ubuntu 7.04 -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot_1.0.rc17-1ubuntu2.2.diff.gz Size/MD5: 101513 3a05fe3f2bdcd39c32e0a650b61c9b18 http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot_1.0.rc17-1ubuntu2.2.dsc Size/MD5: 1100 89b4ea9a138396356ce51947d4a958b8 http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot_1.0.rc17.orig.tar.gz Size/MD5: 1512386 881bcc7d2c8fba6d337f3e616a602bf7 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-common_1.0.rc17-1ubuntu2.2_amd64.deb Size/MD5: 1274744 7c4aea65aa4b2c8360ca296e4c7dd11b http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-imapd_1.0.rc17-1ubuntu2.2_amd64.deb Size/MD5: 586662 3a4c663dd70057ff8a559512880f88b5 http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-pop3d_1.0.rc17-1ubuntu2.2_amd64.deb Size/MD5: 552404 d3c2ce0c2eb3aa58f8b17dad3fc4ee8f i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-common_1.0.rc17-1ubuntu2.2_i386.deb Size/MD5: 1164784 517cb8721acce093e3435565a2163a0e http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-imapd_1.0.rc17-1ubuntu2.2_i386.deb Size/MD5: 554298 eb6fbeeeee1889303647318298ad5150 http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-pop3d_1.0.rc17-1ubuntu2.2_i386.deb Size/MD5: 521626 a82bae1bb6e26289a91166bc77f1a23b powerpc architecture (Apple Macintosh G3/G4/G5): http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-common_1.0.rc17-1ubuntu2.2_powerpc.deb Size/MD5: 1291322 a4df46fd2fac7456d425bf66b5862188 http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-imapd_1.0.rc17-1ubuntu2.2_powerpc.deb Size/MD5: 591040 a27429b620664c82ada26d6cbfafcbc5 http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-pop3d_1.0.rc17-1ubuntu2.2_powerpc.deb Size/MD5: 556188 16c2bdae0d14a402644c8c58439fa75c sparc architecture (Sun SPARC/UltraSPARC): http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-common_1.0.rc17-1ubuntu2.2_sparc.deb Size/MD5: 1158252 875a51f7b4ee7c81ada93481e2fc7487 http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-imapd_1.0.rc17-1ubuntu2.2_sparc.deb Size/MD5: 549596 75f43e94538ed72b7342b3ed00ba6005 http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-pop3d_1.0.rc17-1ubuntu2.2_sparc.deb Size/MD5: 517136 7a6bc0cd8bbf73514d54624431e8c1b3 -- Ubuntu 7.10 -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot_1.0.5-1ubuntu2.1.diff.gz Size/MD5: 107642 9e04e08b57194364c8248332817049e3 http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot_1.0.5-1ubuntu2.1.dsc Size/MD5: 1115 0e95044d51301ec964cf96bda69f1a0a http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot_1.0.5.orig.tar.gz Size/MD5: 1775898 94b7d29cf44f63f89d538361afa05c40 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-common_1.0.5-1ubuntu2.1_amd64.deb Size/MD5: 1814690 3c1b2d9247c7f246eb8c59b9d04a4362 http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-imapd_1.0.5-1ubuntu2.1_amd64.deb Size/MD5: 654514 7140315d855e7fab6d796be4166514a4 http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-pop3d_1.0.5-1ubuntu2.1_amd64.deb Size/MD5: 617618 8c73c94bd43e89da32a0549c0c4218b6 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-common_1.0.5-1ubuntu2.1_i386.deb Size/MD5: 1672926 1b323221b09fca189b471079f1ee5612 http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-imapd_1.0.5-1ubuntu2.1_i386.deb Size/MD5: 621486 fa8977d8a945022fcdcf460d25d57141 http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-pop3d_1.0.5-1ubuntu2.1_i386.deb Size/MD5: 588164 df780cc94e95fabf7793139ed8ca4c1e powerpc architecture (Apple Macintosh G3/G4/G5): http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-common_1.0.5-1ubuntu2.1_powerpc.deb Size/MD5: 1831950 d79e9f2cd81daab0eb7ae642d0444a0e http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-imapd_1.0.5-1ubuntu2.1_powerpc.deb Size/MD5: 656610 941223abf4f45c00434ff50a1323efad http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-pop3d_1.0.5-1ubuntu2.1_powerpc.deb Size/MD5: 621772 c4557afdeac4488718e3e4cd7d66aed6 sparc architecture (Sun SPARC/UltraSPARC): http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-common_1.0.5-1ubuntu2.1_sparc.deb Size/MD5: 1666806 8dc28e714f31d687a1283f888f8b6301 http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-imapd_1.0.5-1ubuntu2.1_sparc.deb Size/MD5: 618418 f7f5afcaf0de5164b0f1189dabb7761d http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-pop3d_1.0.5-1ubuntu2.1_sparc.deb Size/MD5: 585178 fdb2b1bfc470ed595671596656d1e12c ORIGINAL ADVISORY: https://lists.ubuntu.com/archives/ubuntu-security-announce/2008-January/000653.html OTHER REFERENCES: SA28271: http://secunia.com/advisories/28271/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------