[Full-disclosure] rPSA-2007-0074-1 dovecot
rPath Update Announcements
announce-noreply at rpath.com
Wed Apr 18 17:03:43 BST 2007
rPath Security Advisory: 2007-0074-1
Published: 2007-04-18
Products: rPath Linux 1
Rating: Informational
Exposure Level Classification:
Local User Deterministic Information Exposure
Updated Versions:
dovecot=/conary.rpath.com at rpl:devel//1/1.0.0-0.1-1
References:
https://issues.rpath.com/browse/RPL-1200
Description:
Previous versions of the dovecot package are vulnerable to a trivial
information exposure in which files outside the user's mail directory
could be opened if the zlib plugin was used.
Full-Disclosure is hosted and sponsored by Secunia.