-
uw-imap (8:2007f~dfsg-5ubuntu0.19.04.2) disco-security; urgency=medium
* SECURITY UPDATE: Argument injection.
- debian/patches/2013_disable_rsh.patch: Disable access to IMAP mailboxes
through running imapd over rsh, and therefore ssh. Code using the library
can enable it with tcp_parameters() after making sure that the IMAP
server name is sanitized.
- CVE-2018-19518
-- Eduardo Barretto <email address hidden> Thu, 17 Oct 2019 11:13:52 -0300
-
uw-imap (8:2007f~dfsg-5ubuntu0.19.04.1) disco; urgency=medium
* 2014_openssl1.1.1_sni.patch (new): Use SNI when building
with OpenSSL 1.1.1 / TLSv1.3 support, since some servers
(e.g., imap.gmail.com, imap.mail.att.net) require SNI on
TLSv1.3 to pass certificate verification. (LP: #1834340)
* debian/control.in.in: Update maintainer that lasts build.
-- Mauricio Faria de Oliveira <email address hidden> Fri, 09 Aug 2019 11:51:00 -0300
-
uw-imap (8:2007f~dfsg-5build1) bionic; urgency=high
* No change rebuild against openssl1.1.
-- Dimitri John Ledkov <email address hidden> Mon, 05 Feb 2018 23:29:28 +0000
