Hi Nick Generally the rule of thumb for this package is that services that do not have ssl enabled by default (and as only service) should be rejected. Do you know if that is the case for uw-imap?
I see that dovecot-imapd and courier-imap should probably be restricted as well. And cyrus imap have changed its name... // Ola On Tue, Aug 23, 2011 at 09:04:11PM -0500, Nick Daly wrote: > Hi, this bug has been unattended for 5 years now. Is there any reason > uw-imapd still conflicts with the harden-servers package? > > The Panda-IMAP website suggests that UW-IMAP 2007f has one security fix > that vanilla 2007e does not have (but perhaps that fix was packaged in > the 4 intervening years?): > > http://panda.com/imap/changes.html > > Thanks for your time, > Nick > -- > GPG: 0x4C682009 | 084E D805 31D8 5391 1D27 0DE1 9780 FD4D 4C68 2009 > > > -- --------------------- Ola Lundqvist --------------------------- / o...@debian.org Annebergsslingan 37 \ | o...@inguza.com 654 65 KARLSTAD | | http://inguza.com/ +46 (0)70-332 1551 | \ gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9 / --------------------------------------------------------------- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
