Displaying 20 results from an estimated 3000 matches similar to: "Security hole #6: Some passdbs allowed users to log in without a valid password"
2008 Mar 09
0
v1.0.13 and v1.1.rc3 released
http://dovecot.org/releases/1.0/dovecot-1.0.13.tar.gz
http://dovecot.org/releases/1.0/dovecot-1.0.13.tar.gz.sig
http://dovecot.org/releases/1.1/rc/dovecot-1.1.rc3.tar.gz
http://dovecot.org/releases/1.1/rc/dovecot-1.1.rc3.tar.gz.sig
Note that the changes for the security hole fix were quite large. I
tested with several auth configurations myself and they seemed to work,
but it's possible I
2008 Mar 09
0
v1.0.13 and v1.1.rc3 released
http://dovecot.org/releases/1.0/dovecot-1.0.13.tar.gz
http://dovecot.org/releases/1.0/dovecot-1.0.13.tar.gz.sig
http://dovecot.org/releases/1.1/rc/dovecot-1.1.rc3.tar.gz
http://dovecot.org/releases/1.1/rc/dovecot-1.1.rc3.tar.gz.sig
Note that the changes for the security hole fix were quite large. I
tested with several auth configurations myself and they seemed to work,
but it's possible I
2016 Jan 03
2
Nouveau support for GeForce GT 730 or GTX 750 Ti?
Hi,
I'm currently use GeForce 7600 GT with nouveau driver.
This is a very old graphic card without OpenGL support.
I want to use nouveau driver in the future too.
So I'm in doubt in that that whether to buy
GeForce GT730
or
GTX 750 Ti card?
I don't want to run super 3D game applications but only:
games-adventure/pioneer <http://pioneerspacesim.net/> sometimes
and
SweetHome3D
2016 Jan 03
2
Nouveau support for GeForce GT 730 or GTX 750 Ti?
2016-01-03 19:32 GMT+01:00 Ilia Mirkin <imirkin at alum.mit.edu>:
> On Sun, Jan 3, 2016 at 1:04 PM, Csányi Pál <csanyipal at gmail.com> wrote:
>> I want to use nouveau driver in the future too.
>>
>> So I'm in doubt in that that whether to buy
>> GeForce GT730
>> So, does nouveau support these cards?
>>
>> Should I choose GTX 750 Ti or
2016 Jan 03
0
Nouveau support for GeForce GT 730 or GTX 750 Ti?
On Sun, Jan 3, 2016 at 1:04 PM, Csányi Pál <csanyipal at gmail.com> wrote:
> Hi,
>
> I'm currently use GeForce 7600 GT with nouveau driver.
> This is a very old graphic card without OpenGL support.
Well, I wouldn't say *without* but... crappy :) The nv30 driver leaves
a lot to be desired, and it doesn't handle some fairly common cases in
more recent software.
>
2008 Nov 17
0
ManageSieve SECURITY hole: virtual users can edit scripts of other virtual users (all versions)
Hello,
While updating the ManageSieve implementation to the latest draft
specification I noticed a major omission in the way script names are
handled. Essentially, script names are directly appended to the sieve
storage directory path and suffixed with '.sieve'. This does not take
the use of '../' in script names into account. Therefore, clever virtual
users that know the
2008 Nov 17
0
ManageSieve SECURITY hole: virtual users can edit scripts of other virtual users (all versions)
Hello,
While updating the ManageSieve implementation to the latest draft
specification I noticed a major omission in the way script names are
handled. Essentially, script names are directly appended to the sieve
storage directory path and suffixed with '.sieve'. This does not take
the use of '../' in script names into account. Therefore, clever virtual
users that know the
2008 Feb 16
0
v1.1.beta16 released
http://dovecot.org/releases/1.1/beta/dovecot-1.1.beta16.tar.gz
http://dovecot.org/releases/1.1/beta/dovecot-1.1.beta16.tar.gz.sig
If all goes well, I'll release v1.1.rc1 in a couple of days. Now's a
good time to start testing v1.1 :)
Changes since beta15:
- Squat is finally working and supports expunging messages from it.
I've been stress testing it and can't find any problems
2008 Mar 04
2
v1.0.11 released
http://dovecot.org/releases/1.0/dovecot-1.0.11.tar.gz
http://dovecot.org/releases/1.0/dovecot-1.0.11.tar.gz.sig
* mail_extra_groups setting was commonly used insecurely. This setting
is now deprecated. Most users should switch to using
mail_privileged_group setting, but if you really need the old
functionality use mail_access_groups instead.
- mbox: Dropped some of the physical size
2008 Mar 04
2
v1.0.11 released
http://dovecot.org/releases/1.0/dovecot-1.0.11.tar.gz
http://dovecot.org/releases/1.0/dovecot-1.0.11.tar.gz.sig
* mail_extra_groups setting was commonly used insecurely. This setting
is now deprecated. Most users should switch to using
mail_privileged_group setting, but if you really need the old
functionality use mail_access_groups instead.
- mbox: Dropped some of the physical size
2009 Dec 15
1
Configure deliver to add ', S=<size>' to maildir message name
Hi,
I want to use the zlib plugin to compress my mail storage. According to
the wiki, only messages with size attribute in the message id should by
compressed. If I added the size part, dovecot assumes it is a new message.
While dovecot undertands the ',S=<size>' attribute (IMAP shows that
size), I could not configure deliver to add the size to message name.
I'm using
2013 Aug 08
1
multiple passdbs and auth sockets
I have a few systems which run dovecot 1.x as the authentication backend
for Postfix, with multiple auth { } sections like this one, each one
with a different passdb and its own socket:
auth ldap-10 {
passdb ldap {
args = /etc/dovecot/dovecot-ldap-10.conf
}
socket listen {
client {
path = /var/spool/postfix/private/auth-10
mode = 0666
}
}
}
I need multiple
2012 Mar 12
1
No passdbs specified in configuration file with passdb/userdb in protocol sections
hi-
i have a configuration in which i'm using different passdb/userdb settings for each of imap, lmtp and smtp [without getting too far off on a tangent, this is so ldap group membership can be used to independently control authorization for receiving [lmtp], retrieving [imap], and sending [smtp/postfix] of email. each passdb/userdb uses a different search filter.]
when i use this as my
2008 Jun 16
1
dovecot-auth assertion failed
Hello,
I have been running some tests on a new Dovecot v1.0.13 server and have seen the following message appear in the logs a few times. It appears to occur when there are a lot of requests being sent to the LDAP servers from both Dovecot and Sendmail (I am guessing about this, since I have also seen "Server busy" messages regarding LDAP auth).
dovecot: auth(default): file db-ldap.c:
2011 Jun 16
1
1.0.14 error on Windows-XP
Hi...
Tinc v1.0.13 works fine on Windows XP but Tinc v1.0.14 shows only an error
message (tinc -n xxx -d5 -D). The error message is "System command
'setpriority' failed. Command not found"...
Any suggestions ?
Kind regards,
Michael
2011 May 22
1
Problem connecting between debian and Ubuntu
Hi,
I've two computers, one with Debian the other with Ubuntu.
The Debian computer has v1.0.14, the Ubuntu v1.0.11. They
do not manage to connect with error "wrong keylength": the
Ubuntu computer sends a 512 byte key to the Debian computer
which expects a 256 byte key.
Is it expected ?
Is there a configuration option somewhere that I've set
differently on
2011 Oct 26
1
Tinc CPU usage
Hi, I'm using Tinc v1.0.11 on Ubuntu 10.04 and seeing high CPU usage (up
to 30%) on what I wouldn't consider high traffic levels.
The traffic is application server to database server connections and
multicast communication for session-replication on the application server.
I'm running the tinc daemons in switch mode, to support the multicast. I
have tried settings:
TunnelServer =
2015 Feb 14
1
auth: Fatal: No passdbs specified in configuration file
Hi,
I upgraded to 20150213 (f10725a5eed8+). I chose LDAP as the authentication
source for Dovecot.
Compilation succeeds. Starting dovecot from command line :
/usr/local/sbin/dovecot -c /usr/local/etc/dovecot/
The error log contains :
"dovecot: auth: Fatal: No passdbs specified in configuration file. PLAIN
mechanism needs one"
It works properly with Dovecot 2.0.9.
Any clues or
2008 May 13
1
Problem with odfWeave: Unescaped '<' not allowed in attributes values
Dear R users,
I am having a problem with odfWeave: when I run
odfWeave('notes.odt', 'notes_out.odt')
I get a bunch of errors that start with "Unescaped '<' not allowed in
attributes values" in post-processing:
<snip>
...
'content_1.xml' has been Sweaved
Removing content.xml
Post-processing the contents
Unescaped '<' not
2012 Oct 26
1
Overlapping userdb/passdbs
I have an ldap server for which each entry includes the email address and
the username portion of the email address for authentication.
Authentication works by username if the username is unique among all the
entries. I need to now add some users which must authenticate even if the
username is not unique. I figured one way to do this would be to add a
second user/pass db which puts further