[CVE-2018-19518] 2013_disable_rsh.patch (new): Disable access to IMAP mailboxes through running imapd over rsh (Closes: #914632).
Magnus Holmgren
5 years ago
|
0 |
uw-imap (8:2007f~dfsg-6) unstable; urgency=medium
|
|
1 |
|
|
2 |
* [CVE-2018-19518] 2013_disable_rsh.patch (new): Disable access to IMAP
|
|
3 |
mailboxes through running imapd over rsh, and therefore ssh (Closes:
|
|
4 |
#914632). Code using the library can enable it with tcp_parameters()
|
|
5 |
after making sure that the IMAP server name is sanitized.
|
|
6 |
|
|
7 |
-- Magnus Holmgren <holmgren@debian.org> Tue, 26 Feb 2019 23:35:43 +0100
|
|
8 |
|
| 0 | 9 |
uw-imap (8:2007f~dfsg-5) unstable; urgency=low
|
| 1 | 10 |
|
| 2 | 11 |
* 1006_openssl1.1_autoverify.patch (new): Use new features for
|
|
0 |
--- a/src/osdep/unix/Makefile
|
|
1 |
+++ b/src/osdep/unix/Makefile
|
|
2 |
@@ -985,7 +985,7 @@ onceenv:
|
|
3 |
-DMD5ENABLE=\"$(MD5PWD)\" -DMAILSPOOL=\"$(MAILSPOOL)\" \
|
|
4 |
-DANONYMOUSHOME=\"$(MAILSPOOL)/anonymous\" \
|
|
5 |
-DACTIVEFILE=\"$(ACTIVEFILE)\" -DNEWSSPOOL=\"$(NEWSSPOOL)\" \
|
|
6 |
- -DRSHPATH=\"$(RSHPATH)\" -DLOCKPGM=\"$(LOCKPGM)\" \
|
|
7 |
+ -DLOCKPGM=\"$(LOCKPGM)\" \
|
|
8 |
-DLOCKPGM1=\"$(LOCKPGM1)\" -DLOCKPGM2=\"$(LOCKPGM2)\" \
|
|
9 |
-DLOCKPGM3=\"$(LOCKPGM3)\" > OSCFLAGS
|
|
10 |
echo $(BASELDFLAGS) $(EXTRALDFLAGS) > LDFLAGS
|
| 8 | 8 |
2012_krb5_multidev.patch
|
| 9 | 9 |
1005_poll.patch
|
| 10 | 10 |
1006_openssl1.1_autoverify.patch
|
|
11 |
2013_disable_rsh.patch
|