similar to: Dovecot release v2.3.6

<!doctype html> <html> <head> <meta charset="UTF-8"> </head> <body> <div> <br> </div> <blockquote type="cite"> <div> On 30 April 2019 21:06 @lbutlr via dovecot < <a href="mailto:dovecot@dovecot.org">dovecot@dovecot.org</a>> wrote: </div>

On 30 Apr 2019, at 07:21, Aki Tuomi via dovecot <dovecot at dovecot.org> wrote: > We are pleased to release Dovecot v2.3.6. pkg adult shows the following, not mentioned in the changes: dovecot-2.3.5.1 is vulnerable: dovecot -- json encoder crash CVE: CVE-2019-10691 WWW: https://vuxml.FreeBSD.org/freebsd/a64aa22f-61ec-11e9-85b9-a4badb296695.html (just curious) -- 'Things either

On 30/04/2019 14:21, Aki Tuomi via dovecot wrote: > https://dovecot.org/releases/2.3/dovecot-2.3.6.tar.gz Trivial but... "mail-index-transaction-update.c", line 198: void function cannot return value Thanks. -------------- next part -------------- --- ../original/src/lib-index/mail-index-transaction-update.c 2019-04-30 13:25:06.000000000 +0000 +++

No problems with 2.3.5, but when I try to compile 2.3.6 with: ./configure --with-mysql --with-ssl=openssl I get: checking for dlopen... yes checking for SSL_read in -lssl... no configure: error: Can't build with OpenSSL: libssl not found $ locate libssl /Applications/BBEdit.app/Contents/XPCServices/GitIgnoreXPCService.xpc/Contents/Frameworks/libssl.dylib /Applications/Navicat for

> On 1 May 2019, at 4:38 pm, James Brown via dovecot <dovecot at dovecot.org <mailto:dovecot at dovecot.org>> wrote: > > No problems with 2.3.5, but when I try to compile 2.3.6 with: > > ./configure --with-mysql --with-ssl=openssl > > I get: > > checking for dlopen... yes > checking for SSL_read in -lssl... no > configure: error: Can't build

Jacques A. Vidrine wrote: > On Mon, Mar 29, 2004 at 08:14:29PM +0200, Oliver Eikemeier wrote: > >>Jacques A. Vidrine wrote: >> >>>On Sun, Mar 28, 2004 at 03:44:06PM -0800, Oliver Eikemeier wrote: >>> >>>>eik 2004/03/28 15:44:06 PST >>>> >>>>FreeBSD ports repository >>>> >>>>Modified files:

Hi! cc'd to freebsd-security@ as somebody there may correct me, cc'd to secteam@ as maintaner of security/portaudit. On Sun, 28 Aug 2005 10:14:21 +0930 Ian Moore wrote: > I've just updated my acroread port to 7.0.1 & was surprised when portaudit > still listed it as a vulnerability. I think it is portaudit problem. > According to

Why wasn't there a FreeBSD security alert for Kerberos 5? Does FreeBSD use the MIT implementation? I got an email from CERT about this. See the attached message below. -- Daniel Rudy >From - Sat Sep 04 03:22:15 2004 X-UIDL: a8f31551eb03ca144862bddc8ccce266 X-Mozilla-Status: 0001 X-Mozilla-Status2: 00000000 X-Apparently-To: dcrudy@pacbell.net via 206.190.37.79; Fri, 03 Sep 2004

Hi all! I found this today on FD: http://seclists.org/fulldisclosure/2012/Aug/4

Hi, FYI, Red Hat released an advisory today about a vulnerability in Ruby. So far it doesn't appear in the VuXML, but am I correct in presuming it will soon? https://rhn.redhat.com/errata/RHSA-2006-0604.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3694 cheers, -- Joel Hatton -- Infrastructure Manager | Hotline: +61 7 3365 4417 AusCERT - Australia's national

Hi, On 8/10/06, Mark Bucciarelli <mark@gaiahost.coop> wrote: > > > There's a scary security alert from yesterday out and no port > update so I judged it to be isp-related. I looked for > ports-security list but didn't see one. > > You know, that might be a very good ideea -- e.g. have a security team and list for ports as we have one for the base distribution.

Colin, good day! Spotted two patches for x11-servers/xorg-server port: see entries for x11r6.9.0-dbe-render.diff and x11r6.9.0-cidfonts.diff at http://xorg.freedesktop.org/releases/X11R6.9.0/patches/index.html Seems like they are not applied to the xorg-server-6.9.0_5. May be it should be added to the VuXML document? There is a ports/107733 issue that incorporates these patches. May be you

i installed qmail + vpopmail + dovecot.i installed dovecot without problems.but i run telnet localhost 143 x login user password it seems to error about first_uid.and i change first_uid vpopmail_uid (89) its ok.but i dont understand first_uid.and sholud i change last_uid , first_gid ,last_guid . do you recommend it thanks everynbody ____________________________________________________

Hi, there seems to be a problem when expanding variables containing a single '%' in value in dovecot V2.3.6 having a user defined Variable in user_attrs like user_attrs = name=home=/maildir/%Ln, =myvar=path/%L{ldap:sAMAccountName} and sAMAccountName conains a '%', in my example "sonder%zeichen" leads to:

Hello, The current png-1.2.5_4 port has no more vulnerability. It has been corrected by ache@FreeBSD.org yesterday. But when i try to install the updated port to remplace the vulnerable one this is what i am told : # make install ===> png-1.2.5_4 has known vulnerabilities: >> libpng denial-of-service. Reference:

Hi! Since linux-flashplugin7 r63 is vulnerable according to http://vuxml.FreeBSD.org/7c75d48c-429b-11db-afae-000c6ec775d9.html isn't www/linux-seamonkey vulerable, too (it seems to include 7 r25)? Bye Arne __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com

Hi, Dec 5 20:24:31 dovecot: imap(xx at yy.zz,7ckWZu1CuZFVTILa): Fatal: master: service(imap): child 7292 killed with signal 6 (core dumped) Dec 5 20:24:32 dovecot: imap(xx at yy.zz,LnAlZu1COBVVTILa): Panic: file mail-index-map.c: line 549 (mail_index_map_lookup_seq_range): assertion failed: (first_uid > 0) Dec 5 20:24:32 dovecot: imap(xx at yy.zz,LnAlZu1COBVVTILa): Error: Raw backtrace:

Any reason why portaudit and its associated infrastructure was not announced to this list or security-notifications? I recently discovered it, and discovered the feature was added to bsd.port.mk in the beginning of feburary. Seeing as the security officer apparently (without announcement) no longer issues security notices (SNs) for ports, I am assuming that portaudit has replaced SNs entirely,

Am Mon, 1 Jul 2019 13:08:46 +0300 (EEST) schrieb Aki Tuomi <aki.tuomi at open-xchange.com>: > Hi, > > there seems to be a problem when expanding variables containing a > single '%' in value in dovecot V2.3.6 > > having a user defined Variable in user_attrs like > > user_attrs = name=home=/maildir/%Ln, > =myvar=path/%L{ldap:sAMAccountName} > >

I think, there is a neat exploit in the phpbb2.0.8 because I found my home page defaced one dark morning. The patch for phpBB is here. http://www.phpbb.com/downloads.php The excerpt of the log is attached. I believe the link to the described exploit is here. http://secunia.com/advisories/13239 The defacement braggen page is here filter to show the exploited FreeBSD machines that aneurysm.inc