please mere courier-authlib 0.61.0-1+lenny1 from debian main

Bug #309837 reported by Manny Vindiola
254
Affects Status Importance Assigned to Milestone
courier-authlib (Ubuntu)
Fix Released
Wishlist
Unassigned

Bug Description

Binary package hint: courier-authlib

please mere courier-authlib 0.61.0-1+lenny1 from debian main

CVE References

Revision history for this message
Manny Vindiola (serialorder) wrote :

package ready for merge
package builds fine in pbuilder i386
please note this fixes a security vulnerability

courier-authlib (0.61.0-1+lenny1ubuntu1) jaunty; urgency=low

  * Merge from debian unstable (LP: #309837), remaining changes:
     -debian/courier-authdaemon.init: recreate /var/run/courier/authdaemon.

 -- Manny Vindiola <email address hidden> Fri, 19 Dec 2008 16:40:29 -0500

courier-authlib (0.61.0-1+lenny1) testing-security; urgency=high

  * Non-maintainer upload by the security team
  * Fix several sql-injection vulnerabilities in authpgsqllib.c by using
    PQsetClientEncoding() and PQescapeStringConn()
    Fixes: CVE-2008-2380

 -- Steffen Joeris <email address hidden> Mon, 08 Dec 2008 13:48:12 +0000

Revision history for this message
Manny Vindiola (serialorder) wrote :

waiting for courier-authlib to reach unstable in debian

Changed in courier-authlib:
assignee: nobody → serialorder
status: New → In Progress
Revision history for this message
Luca Falavigna (dktrkranz) wrote :

Sponsored, thanks ;)

Changed in courier-authlib:
assignee: serialorder → nobody
importance: Undecided → Wishlist
status: In Progress → Fix Committed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package courier-authlib - 0.61.0-1+lenny1ubuntu1

---------------
courier-authlib (0.61.0-1+lenny1ubuntu1) jaunty; urgency=low

  * Merge from debian unstable (LP: #309837), remaining changes:
     -debian/courier-authdaemon.init: recreate /var/run/courier/authdaemon.

courier-authlib (0.61.0-1+lenny1) testing-security; urgency=high

  * Non-maintainer upload by the security team
  * Fix several sql-injection vulnerabilities in authpgsqllib.c by using
    PQsetClientEncoding() and PQescapeStringConn()
    Fixes: CVE-2008-2380

 -- Manny Vindiola <email address hidden> Fri, 19 Dec 2008 16:40:29 -0500

Changed in courier-authlib:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.