similar to: OpenSSH and CBC

Displaying 20 results from an estimated 1000 matches similar to: "OpenSSH and CBC"

2015 Jun 16
2
OpenSSH and CBC
On 15.06.2015 21:31, Christian Weisgerber wrote: > On 2015-06-15, Gerhard Wiesinger <lists at wiesinger.com> wrote: > >> I saw that OpenSSH release 6.7 removed all CBC ciphers by default. Is >> CBC therefore considered as broken and unsecure (in general or SSH >> implementation)? > CBC modes in SSH use the last encrypted block of the previous packet > as the IV
2015 Jun 16
2
OpenSSH and CBC
Hi Gerhard, This is not exactly true. CTR modes have the length field encrypted. etm MAC modes and AES-GCM have the length field in cleartext. CBC is dangerous because the length field is encrypted with CBC. aes128-ctr + hmac-sha256 doesn't have any known vulnerability and encrypts the packet length, but uses the bad practice of e&m. chacha20-poly1305 encrypts both payload and packet
2008 Nov 21
0
OpenSSH security advisory: cbc.adv
OpenSSH Security Advisory: cbc.adv Regarding the "Plaintext Recovery Attack Against SSH" reported as CPNI-957037[1]: The OpenSSH team has been made aware of an attack against the SSH protocol version 2 by researchers at the University of London. Unfortunately, due to the report lacking any detailed technical description of the attack and CPNI's unwillingness to share necessary
2008 Nov 21
3
OpenSSH security advisory: cbc.adv
OpenSSH Security Advisory: cbc.adv Regarding the "Plaintext Recovery Attack Against SSH" reported as CPNI-957037[1]: The OpenSSH team has been made aware of an attack against the SSH protocol version 2 by researchers at the University of London. Unfortunately, due to the report lacking any detailed technical description of the attack and CPNI's unwillingness to share necessary
2006 May 01
1
Dovecot LDA with sendmail/Mailscanner (fwd)
Hello! Noone has running a sendmail/Mailscanner/procmail/mbox environment? Ciao, Gerhard ---------- Forwarded message ---------- Date: Mon, 24 Apr 2006 20:27:56 +0200 (CEST) From: Gerhard Wiesinger <lists at wiesinger.com> To: dovecot at dovecot.org Subject: [Dovecot] Dovecot LDA with sendmail/Mailscanner Hello! I'm running dovecot in a sendmail/Mailscanner/procmail/mbox
2008 Aug 16
2
Problem with squirrelmail and dovecot 1.1
Hello! I'm running squirrelmail 1.4.8 (I know this is not the latest version) and know I'm having troubles with: 1.) Folder list view 2.) Save to sent or Drafts folder. Configuration worked well. I think it has to do with the upgrade from dovecot 1.0 to 1.1 and the LIST command. Thunderbird/alpine work well. Commands from rawlog are: A002 LIST "" "~/Mail/Drafts"
2015 Dec 06
2
v2.2.20 release candidate released
On 05 Dec 2015, at 11:32, Gerhard Wiesinger <lists at wiesinger.com> wrote: > > Is it possible to configure the secure session caching mechanism? > e.g. like in nginx: https://bjornjohansen.no/optimizing-https-nginx I remember hearing about various security vulnerabilities in that earlier.. I guess they're fixed now then, unless people find more ways to exploit it. Anyway
2006 Jul 02
3
Dovecot deliver logging problem and procmail
Hello! Currently I'm trying to integrate dovecot's deliver program into procmail. So basically I'd write a patch for procmail to deliver not directly into the mbox file but delivering with the dovecot deliver program. Do you think this is a good concept? For testing I use the commands discussed below. Currently I'm having a problem that deliver doesn't recognize the
2007 Mar 01
7
1.0.rc25 released
http://dovecot.org/releases/dovecot-1.0.rc25.tar.gz http://dovecot.org/releases/dovecot-1.0.rc25.tar.gz.sig Instead of having "Should v1.0 be released already" discussion, how about having "What's still missing from wiki.dovecot.org and how could it be improved" discussion? And what should the wiki exported to doc/ directory in the tarball look like? * If time moves
2007 Mar 01
7
1.0.rc25 released
http://dovecot.org/releases/dovecot-1.0.rc25.tar.gz http://dovecot.org/releases/dovecot-1.0.rc25.tar.gz.sig Instead of having "Should v1.0 be released already" discussion, how about having "What's still missing from wiki.dovecot.org and how could it be improved" discussion? And what should the wiki exported to doc/ directory in the tarball look like? * If time moves
2014 Jun 28
2
Procmail to Sieve translation
Hello, I'm trying to move from procmail to dovecot sieve. I found the translation script at http://www.dovecot.org/tools/procmail2sieve.pl It works well except the following use cases: * ^From:.*myemail at mydomain.com.* | formail -I"X-Priority: 2 (high)" -I"X-mydomain-com-seen: yes" | $SENDMAIL -oi \ myemail at mydomain2.com \ myemail at mydomain3.com :0c *
2012 Apr 23
8
v2.1.5 released
http://dovecot.org/releases/2.1/dovecot-2.1.5.tar.gz http://dovecot.org/releases/2.1/dovecot-2.1.5.tar.gz.sig A few announcements first: I'm now going to start being more strict about not answering Dovecot questions sent to me privately (especially support requests, but also bug reports, feature requests, etc). Often those questions could be answered by other people in the mailing list as
2012 Apr 23
8
v2.1.5 released
http://dovecot.org/releases/2.1/dovecot-2.1.5.tar.gz http://dovecot.org/releases/2.1/dovecot-2.1.5.tar.gz.sig A few announcements first: I'm now going to start being more strict about not answering Dovecot questions sent to me privately (especially support requests, but also bug reports, feature requests, etc). Often those questions could be answered by other people in the mailing list as
2015 Aug 04
2
Dovecot sieve pigeonhole permission
Hello, I'm running dovecot in a classical vmail.vmail setup with pigeonhole and LMTP. Permission worked well in the initial setup but currently (maybe after Fedora 22 update) I'm having the following permission issue: lmtp(root): Error: 7fPZFOL9wFXePQAABcdabc: sieve: binary open: failed to open: open(/etc/dovecot/sieve_after.svbin) failed: Permission denied (euid=9999(vmail)
2015 Aug 05
1
Dovecot sieve pigeonhole permission
On 05.08.2015 13:06, Steffen Kaiser wrote: > On Tue, 4 Aug 2015, Gerhard Wiesinger wrote: > >> >> I'm running dovecot in a classical vmail.vmail setup with pigeonhole >> and LMTP. Permission worked well in the initial setup but currently >> (maybe after Fedora 22 update) I'm having the following permission >> issue: >> >> lmtp(root):
2014 Jun 29
1
Dovecot and remote SASL Client via TLS
Hello, Is it possible to configure Dovecot as SASL client for central authentication (also remotely via TCP/TLS)? Following use case: IMAP server (host 1) <=> Windows Domain Controller and /etc/shadow authenticator via pam (host2) Should work as: IMAP server (host 1) <=> SASL Client via TLS <=> Network <=> SASL Server via TLS <=> Local SASL via pam <=>
2015 Dec 03
8
v2.2.20 release candidate released
http://dovecot.org/releases/2.2/rc/dovecot-2.2.20.rc1.tar.gz http://dovecot.org/releases/2.2/rc/dovecot-2.2.20.rc1.tar.gz.sig v2.2.20 probably will be released tomorrow or maybe during weekend. + Added mailbox { autoexpunge=<time> } setting. See http://wiki2.dovecot.org/MailboxSettings for details. + ssl_options: Added support for no_ticket + imap/pop3/managesieve-login: Added
2015 Dec 03
8
v2.2.20 release candidate released
http://dovecot.org/releases/2.2/rc/dovecot-2.2.20.rc1.tar.gz http://dovecot.org/releases/2.2/rc/dovecot-2.2.20.rc1.tar.gz.sig v2.2.20 probably will be released tomorrow or maybe during weekend. + Added mailbox { autoexpunge=<time> } setting. See http://wiki2.dovecot.org/MailboxSettings for details. + ssl_options: Added support for no_ticket + imap/pop3/managesieve-login: Added
2006 Jul 05
2
Procmail patch for dovecot delivery
Hello! As discussed in the previous thread about "Dovecot deliver logging problem and procmail" I have made a small patch for procmail to deliver through dovecot's deliver program (or any other delivery program). So Procmail does not write the mailboxes directly any more. So delivery is done through pipes and an external program which can deliver the files. Since dovecot's
2014 Jan 06
1
Dovecot quoting problem?
Hello Timo, I think the following commit makes problems: http://hg.dovecot.org/dovecot-2.2/rev/68a8b650578e # Doesn't work A01 LIST "" ~/Mail/Gesendet # OK with quoted mailbox A02 LIST "" "~/Mail/Gesendet" Details: imap * PREAUTH [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS