similar to: [gentoo-announce] [ GLSA 200803-25 ] Dovecot: Multiple vulnerabilities

Attached is a security alert from Gentoo pertaining to clam antivirus. It seems that as of this morning, FreeBSD's ports still contain the affected version. Thank in advance, Tom Veldhouse -------------- next part -------------- An embedded message was scrubbed... From: Tim Yamin <plasmaroo@gentoo.org> Subject: [gentoo-announce] [ GLSA 200402-07 ] Clamav 0.65 DoS vulnerability Date:

Hi The FreeBSD port has been updated for the DoS vulnerability but the version is still the same. See: http://www.freebsd.org/cgi/cvsweb.cgi/ports/security/clamav/ David Peall Systems Administrator Western Cape Schools' Network http://www.wcsn.org.za/ PO Box 44460, Claremont 7735, Cape Town Fax +27 (021) 683-6766, Helpdesk +27 (021) 674-9140 > -----Original Message----- > From:

Has Centos been tested for this yet? -------- Original Message -------- Subject: [Full-disclosure] [ GLSA 200507-05 ] zlib: Buffer overflow Date: Wed, 06 Jul 2005 16:23:20 +0200 From: Thierry Carrez <koon at gentoo.org> Organization: Gentoo Linux To: gentoo-announce at lists.gentoo.org CC: full-disclosure at lists.grok.org.uk, bugtraq at securityfocus.com, security-alerts at

Greetings, Peter and the Security Officers team, There is a minor security vulnerability in cvs prior 1.11.10, as described in CAN-2003-0977: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0977 On December 10th, 2003, itojun has imported cvs 1.11.10 into NetBSD, as the follows: http://mail-index.netbsd.org/source-changes/2003/12/10/0025.html

I have just upgraded from 1.0.7 to 1.0.13. I read the comments in the example .conf file and it seemed what I needed to enable dotlock access to mailboxes in /var/spool/mail (writable by 'mail' group) was "mail_privileged_group = mail" so I removed the "mail_extra_groups = mail" that I had in 1.0.7 and added "mail_privileged_group = mail", but I got errors

Hi all, I use FreeBSD for severals years and this Project now have a possibility the full security update (src) with freebsd-update, is really great for Release users but is break for Stable user. Ok !!! Exist a possibility for apply manual patch and compile issue, but for me problem existe in fix kernel issue in stable branch because is require a update for last stable and this

Hi Guys, I've been trying to get this to work for 3 days now, but no luck. I have Dovecot set with an Active Directory back-end. Everything is working properly but I can't get user specific quotas.I tried with both 1.0.13 and 1.0-rc7. All users have the same quota which is set in dovecot.conf dovecot -n # 1.0.13: /usr/local/etc/dovecot.conf Warning: mail_extra_groups setting was often

mail_extra_groups=mail setting is often used insecurely to give Dovecot access to create dotlocks to /var/mail directory. If you don't use mboxes in /var/mail, make sure this setting is cleared. If you do use /var/mail mboxes and Dovecot gives permission errors without it, do one of the following (in the preferred order): a) Upgrade to v1.0.11 and use the new mail_privileged_group setting

mail_extra_groups=mail setting is often used insecurely to give Dovecot access to create dotlocks to /var/mail directory. If you don't use mboxes in /var/mail, make sure this setting is cleared. If you do use /var/mail mboxes and Dovecot gives permission errors without it, do one of the following (in the preferred order): a) Upgrade to v1.0.11 and use the new mail_privileged_group setting

"Warning: mail_extra_groups setting was often used insecurely so it is now deprecated, use mail_access_groups or mail_privileged_group instead" I use the following: mail_extra_groups = mail nogroup Because I have the real and virtual accounts. What's the correct way to replace the above line? It seems that mail_privileged_group only accepts one group, but I need two. Any

what do I miss here: wbinfo -u / -g -/ -pPt works [2019/09/05 17:15:25.963590, 1] ../source3/librpc/crypto/gse.c:658(gse_get_server_auth_token) gss_accept_sec_context failed with [ Miscellaneous failure (see text): Failed to find cifs/SAMBA.noras.intra at NORAS.INTRA(kvno 54) in keytab MEMORY:cifs_srv_keytab (aes256-cts-hmac-sha1-96)] [2019/09/05 17:15:25.963681, 1]

Am 05.09.19 um 17:37 schrieb Stefan G. Weichinger via samba: > Am 05.09.19 um 17:19 schrieb Stefan G. Weichinger via samba: >> >> what do I miss here: > > update: maybe the reboot of the clients helped ... looks better now > > > Access works, but I still get [2019/09/05 17:49:41.888422, 1] ../source3/librpc/crypto/gse.c:658(gse_get_server_auth_token)

On 05/09/2019 16:50, Stefan G. Weichinger via samba wrote: > Am 05.09.19 um 17:37 schrieb Stefan G. Weichinger via samba: >> Am 05.09.19 um 17:19 schrieb Stefan G. Weichinger via samba: >>> what do I miss here: >> update: maybe the reboot of the clients helped ... looks better now >> >> >> > Access works, but I still get > > [2019/09/05

Hello, I am trying to configure my dovecot folowing this guide: http://www.w3style.co.uk/virtual-domains-with-exim-and-dovecot I append the output of dovecot -n below. I created /etc/vmail/my-domain.de/user containing: test-user:{PLAIN}test:1002:100::/home/test-user:: No I try to login: telnet 127.0.0.1 143 Trying 127.0.0.1... Connected to 127.0.0.1. Escape character is '^]'. * OK This

Last night Dovecot stopped, and the last message in the log was: Fatal: write() failed to info log: Interrupted system call Would you please advise? *** # dovecot -n # 1.1.6: /usr/local/etc/dovecot.conf Warning: mail_extra_groups setting was often used insecurely so it is now deprecated, use mail_access_groups or mail_privileged_group instead # OS: FreeBSD 6.4-PRERELEASE i386 log_path:

Howdy, Today I installed the new version of Apple OSX 10.6. Besides that it deleted the dovecot user, things went quite smooth. As far as I can tell it is running as it used to. However, I can't login to my account. It used to work fine with PAM taking the username and password from my osx installation. Now it doesn't allow me to login anymore. I have read on a website that apple

Hello, I'm trying to migrate a legacy system to Dovecot in which I need to support mbox format storage with the following parameters: Inbox is in: /var/spool/mail/%u Additional mail folders are stored in: /var/spool/mail2/%u (i.e. Spam, Sent, Trash, Drafts, etc.) /var/spool/mail and /var/spool/mail2 are configured with the same permissions. (Read/write/execute user root,

Hello all! I am using a dovecot-server since several weeks - and am really impressed about this server (after using courier and cyrus). I tried to install the sieve-plugin now (CentOS RPM) and configured sieve like described in your WIKI (and on several other pages). Unfortunately I can not connect to port 2000 (sieve-administration?!) nor are there any messages regarding sieve in the logs.

Hi all, I've got a virtual hosting environment, where each user lives in /home/domain/homes/user, and the mailbox is Maildir within that directory. I've been running into a permissions problem, because it seems Dovecot doesn't get the users group membership (which seems odd, but I'm not confident enough of my comprehension of Dovecot to call say it looks like a bug). In

Hello! Always reproducible pine vs dovecot-imap-mbox.gz scene has weird errors. - Initial message is OK: [Folder "SAVE.gz" opened with 211 messages READONLY] - Some mails at the end are listed correctly, others are listed with empty sender/size/subject (just numbering). - All mails have no bodies. Full header command produces total blank screen. Even before any error message.