Path to this page:
Next | Query returned 2 messages, browsing 1 to 10 | previous
CVS Commit History:
2008-09-05 13:55:45 by Geert Hendrickx | Files touched by this commit (10) | |
Log message:
Pullup ticket 2518 - requested by martti
security update for postfix
- pkgsrc/mail/postfix/Makefile 1.219, 1.220
- pkgsrc/mail/postfix/distinfo 1.119
- pkgsrc/mail/postfix/patches/patch-aa 1.21
- pkgsrc/mail/postfix/patches/patch-ag 1.25
- pkgsrc/mail/postfix/patches/patch-ai 1.22
- pkgsrc/mail/postfix-current/Makefile 1.100, 1.101
- pkgsrc/mail/postfix-current/distinfo 1.46
- pkgsrc/mail/postfix-current/patches/patch-aa 1.19
- pkgsrc/mail/postfix-current/patches/patch-ag 1.17
- pkgsrc/mail/postfix-current/patches/patch-ai 1.20
Module Name: pkgsrc
Committed By: ghen
Date: Fri Aug 22 20:29:55 UTC 2008
Modified Files:
pkgsrc/mail/postfix: Makefile
pkgsrc/mail/postfix-current: Makefile
Log message:
Add some (http) mirrors.
---
Module Name: pkgsrc
Committed By: martti
Date: Thu Sep 4 08:25:20 UTC 2008
Modified Files:
pkgsrc/mail/postfix: Makefile distinfo
pkgsrc/mail/postfix/patches: patch-aa patch-ag patch-ai
Log message:
Updated mail/postfix to 2.5.5
Postfix 2.4 and later, on Linux kernel 2.6, is vulnerable to a
denial of service attack by a local user. There is no breach of
data confidentiality or data integrity. This problem was found by
the Postfix author during routine source code maintenance.
An on-line version of this announcement is available at
http://www.postfix.org/announcements/20080902.html
---
Module Name: pkgsrc
Committed By: martti
Date: Thu Sep 4 08:25:31 UTC 2008
Modified Files:
pkgsrc/mail/postfix-current: Makefile distinfo
pkgsrc/mail/postfix-current/patches: patch-aa patch-ag patch-ai
Log message:
Updated mail/postfix-current to 2.6.20080903
Postfix 2.4 and later, on Linux kernel 2.6, is vulnerable to a
denial of service attack by a local user. There is no breach of
data confidentiality or data integrity. This problem was found by
the Postfix author during routine source code maintenance.
An on-line version of this announcement is available at
http://www.postfix.org/announcements/20080902.html
|
2008-08-18 11:46:08 by Tyler R. Retzlaff | Files touched by this commit (2) | |
Log message:
pullup ticket #2495 - requested by martti
postfix: update package for security fixes
revisions pulled up:
pkgsrc/mail/postfix/Makefile 1.218
pkgsrc/mail/postfix/distinfo 1.118
Module Name: pkgsrc
Committed By: martti
Date: Mon Aug 18 07:13:41 UTC 2008
Modified Files:
pkgsrc/mail/postfix: Makefile distinfo
Log message:
Updated mail/postfix to 2.5.4
20080804
Bugfix: dangling pointer in vstring_sprintf_prepend().
File: util/vstring.c.
20080814
Security: some systems have changed their link() semantics,
and will hardlink a symlink, contrary to POSIX and XPG4.
Sebastian Krahmer, SuSE. File: util/safe_open.c.
The solution introduces the following incompatible change:
when the target of mail delivery is a symlink, the parent
directory of that symlink must now be writable by root only
(in addition to the already existing requirement that the
symlink itself is owned by root). This change will break
legitimate configurations that deliver mail to a symbolic
link in a directory with less restrictive permissions.
|
Next | Query returned 2 messages, browsing 1 to 10 | previous