Hello,
Jaldhar H. Vyas wrote:
On Mon, 29 May 2006, Dominic Hargreaves wrote:
severity 340008 grave
thanks
I have increased the severity of this bug as overwriting the SSL key is
data loss. This affects the recent security upgrade in sarge which makes
it especially visible.
I'd asked the original reporter about the circumstances in which this
occurs but didn't get a reply. Actually now I don't even see that
message in the bug report so he may never have received it. If so
Andrew, sorry I've ignored this bug for so long.
No worries, I cannot remember receiving any reply. I normally keep all
my Debian bugs conversations in a mail folder. So I assume your mail got
eaten by gremlins.
Is this the same problem as in #337715? If so it has been dealt with in
etch and sid but is still an issue in sarge.
It is perhaps worth reissuing this erratum having
fixed this problem. If there is interest in this I am happy to provide
the fix.
Yes please send me any information you have ASAP so we can deal with
this promptly. There is another security issue which has to be dealt
with (#369359) so the chances are very good a fix for this problem will
be accepted for sarge.
I think I worked around the problem by giving the ssl keys a different
name from the self created ones and I think this worked. In any case I
now get very cautious when upgrading dovecot. I currently use
1.0.beta8-2 and I things are working now.
regards,
Andrew
--
Andrew Maier
andrew at maier dot name
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
