Package: release.debian.org
Severity: normal
I just uploaded this package to unstable. Here is the changelog:
* New upstream release (Closes: #587036,#597529)
* Updated policy version to 3.9.1.0 (no changes needed)
* [SECURITY] Fixes two bugs with acls which could have allowed a user to
gain improper access or admin rights to shared mailboxes.
(Closes: #599521)
* Warn that the generated SSL certificate will expire in 365 days. Thanks
Phillip Weis. (Closes: #576455)
* Wherever the path to sendmail is given as /usr/lib/sendmail, change to
/usr/sbin/sendmail. (Closes: #570814,#595671)
The main point of the upload was that the new upstream version 1.2.15
fixes a potential security problem with ACLs as described in #599521.
Some other trivial changes were also made. An extra line of output was
added to debian/dovecot-common.postint in response to #576455. Any
instances of /usr/lib/sendmail were changed to /usr/sbin/sendmail (See
debian/patches/sendmail-path.patch in the source.) Hopefully this won't
be a problem for you.
--
Jaldhar H. Vyas <jald...@debian.org>
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
