Your message dated Sun, 18 Aug 2024 13:04:32 +0000
with message-id <e1sffac-00ehou...@fasolo.debian.org>
and subject line Bug#1078877: fixed in dovecot 1:2.3.21.1+dfsg1-1
has caused the Debian Bug report #1078877,
regarding dovecot: CVE-2024-23185
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
1078877: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078877
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: dovecot
Version: 1:2.3.21+dfsg1-3
Severity: important
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team <t...@security.debian.org>
Hi,
The following vulnerability was published for dovecot.
CVE-2024-23185[0].
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2024-23185
https://www.cve.org/CVERecord?id=CVE-2024-23185
[1] https://www.openwall.com/lists/oss-security/2024/08/15/4
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: dovecot
Source-Version: 1:2.3.21.1+dfsg1-1
Done: Noah Meyerhans <no...@debian.org>
We believe that the bug you reported is fixed in the latest version of
dovecot, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 1078...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Noah Meyerhans <no...@debian.org> (supplier of updated dovecot package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 17 Aug 2024 13:26:24 -0400
Source: dovecot
Architecture: source
Version: 1:2.3.21.1+dfsg1-1
Distribution: unstable
Urgency: medium
Maintainer: Dovecot Maintainers <dove...@packages.debian.org>
Changed-By: Noah Meyerhans <no...@debian.org>
Closes: 1071915 1078877
Changes:
dovecot (1:2.3.21.1+dfsg1-1) unstable; urgency=medium
.
[ Noah Meyerhans ]
* [452a10b] Move systemd unit files to /usr (Closes: #1071915)
.
[ Niels Thykier ]
* [a9caf51] Avoid unnecessary implicit requirement for `(fake)root`
.
[ Christian Göttsche ]
* [8c253d1] salsa-ci: enable build_twice job
* [47122cd] Bump to standards version 4.7.0 (no further changes)
* [4062094] Replace obsolete build-dependency pkg-config with pkgconf
* [f1221b8] Split overlong line in changelog
* [dd876aa] Annotate Debian patches
* [590287e] Fix typos in changelog
.
[ Noah Meyerhans ]
* [a212eb8] New upstream version 2.3.21.1+dfsg1
- Fix CVE-2024-23185 (Closes: #1078877)
- Fix CVE-2024-23185 (Closes: #1078877)
Checksums-Sha1:
00af090803451735ecccd12c4e15001564950451 4113 dovecot_2.3.21.1+dfsg1-1.dsc
5e047829212ae6083e3bb641b28205903a4f3eb8 1688107
dovecot_2.3.21.1+dfsg1.orig-pigeonhole.tar.gz
430f55c0cbc4b9e551d15fc77a9b4d766bfbb909 7842044
dovecot_2.3.21.1+dfsg1.orig.tar.gz
ade83fd7d1e5056c206d4ba425993e125ac97cb8 866
dovecot_2.3.21.1+dfsg1.orig.tar.gz.asc
f6fb9565d98770d64bd2d436ecf667f08932d67a 68572
dovecot_2.3.21.1+dfsg1-1.debian.tar.xz
2fb86d574b9dc2000dac7b18b4ec18172acd1030 7592
dovecot_2.3.21.1+dfsg1-1_source.buildinfo
Checksums-Sha256:
a3647cdd840955afa6d7e6fed13d90fe719cf0226cba3fbc6b1d69de80a7b97e 4113
dovecot_2.3.21.1+dfsg1-1.dsc
31b73885f770a8b5df69b89a69831596df10a823058e3dcd5be000141961b256 1688107
dovecot_2.3.21.1+dfsg1.orig-pigeonhole.tar.gz
2d90a178c4297611088bf7daae5492a3bc3d5ab6328c3a032eb425d2c249097e 7842044
dovecot_2.3.21.1+dfsg1.orig.tar.gz
261bde4ca72369238b402423a48ae417513249abd45ef8a50fdef5007920ab0d 866
dovecot_2.3.21.1+dfsg1.orig.tar.gz.asc
c979528ca51d85d4996a7d08a70d6be6489595de6428027eaab040cb50cf841e 68572
dovecot_2.3.21.1+dfsg1-1.debian.tar.xz
2f17163e93f3363a76c4805865cc740d4aa0e43add70fc983ee53f0cacef65f0 7592
dovecot_2.3.21.1+dfsg1-1_source.buildinfo
Files:
947c0bce9ed88274623cdf1dedb4e2df 4113 mail optional
dovecot_2.3.21.1+dfsg1-1.dsc
3fa3dba8fd26b170b17730410e57456a 1688107 mail optional
dovecot_2.3.21.1+dfsg1.orig-pigeonhole.tar.gz
8c4f360c7f229e4b4371b3d1953d36da 7842044 mail optional
dovecot_2.3.21.1+dfsg1.orig.tar.gz
5f163c564a64abd014ad13a766f407d7 866 mail optional
dovecot_2.3.21.1+dfsg1.orig.tar.gz.asc
c3584307d13477da75b0460219f1bfd8 68572 mail optional
dovecot_2.3.21.1+dfsg1-1.debian.tar.xz
9a36bc608dee0d40b1e30839586e2833 7592 mail optional
dovecot_2.3.21.1+dfsg1-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJFBAEBCgAvFiEE5G+E0xEKhJuZ7RJ34+c1IpshdTUFAmbB8DIRHG5vYWhtQGRl
Ymlhbi5vcmcACgkQ4+c1IpshdTV0VA//eE57It+xaQttdUJ0FZSL+2pA0+ISMj/1
UK2/on2HeeyGdI/PpXRWu9fW4xP2OzLg48+TD23YuaaXa9zIsfXRUX/6b/ORa4Pn
IQQH8G6JZ4Pn87qz/E8Z7EGf7hOd8lAxawJ+rDg4Hw1uSn7HKnl1PsAvXTfXHffG
dYkp8Y+yEQfJnYfZYvSFtE0g6eOSt6BeWDB0Ph685Obvzj2L6qWKpix7ys4xyLHZ
Pnu8w6HF70PrAKGOOzFb6jYuq8sIpTsaHuaoLHBMLHtLpBagMQFBbi5Hl9/MG6pe
fHTlxtJiSIU8jb4Tp9Yz/SB+1iGeXn6LGqk3PVLEbiSgZH+oJJNneCnYMJ2URUwO
gxNbu+bxFdWE5fUcqSp6LXY2sfdcN9SOgq/jl2hfTvzzwNodquslXtATQbqTMgw5
CA+6/QEGJ+Nbz2GWH/Rr90KLJN7AqJzgvCmYHJSv1TKUAToQWWQu2hgIvp1u+usZ
Oyktr7MclxJZnuWp/JZmtyRnq7VPgmz4OBvc3h5Tq1oXwUCJ8L+AZEDVXQr+tmvt
SQh8r2bfyShKgn8jGuxfEpBykBzS5gVYFT92+QJFFpCZkY1NK+2jm4DGVRrVJ6RY
wWWTcm+SLjrjSvRPY6HMd2Tu4UJo1dTXJRwEOjGh1JU9p0mTgaaAm2iR8x7/Q2tT
5Ir/8rXWMoI=
=p3FS
-----END PGP SIGNATURE-----
pgpx1fUKIzRc7.pgp
Description: PGP signature
--- End Message ---
