Detections
Analytics

Fedora Core 6 : dovecot-1.0-1.rc15.fc6 (2006-1396)

high Nessus Plugin ID 24064

Synopsis

The remote Fedora Core host is missing a security update.

Description

- Tue Nov 21 2006 Petr Rockai <prockai at redhat.com> - 1.0-1.rc15

 - update to latest upstream, fixes a few bugs, plus a security vulnerability (#216510, CVE-2006-5973)

 - Tue Oct 10 2006 Petr Rockai <prockai at redhat.com> - 1.0-0.3.rc7

 - fix few inconsistencies in specfile, fixes #198940

 - Wed Oct 4 2006 Petr Rockai <prockai at redhat.com> - 1.0-0.2.rc7

 - fix default paths in the example mkcert.sh to match configuration defaults (fixes #183151)

 - Sun Oct 1 2006 Jesse Keating <jkeating at redhat.com> - 1.0-0.1.rc7

 - rebuilt for unwind info generation, broken in gcc-4.1.1-21

 - Fri Sep 22 2006 Petr Rockai <prockai at redhat.com> - 1.0-0.rc7

 - update to latest upstream release candidate, should fix occasional hangs and mbox issues... INBOX.
 namespace is still broken though

 - do not run over symlinked certificates in new locations on upgrade

 - Tue Aug 15 2006 Petr Rockai <prockai at redhat.com> - 1.0-0.rc2.2

 - include /var/lib/dovecot in the package, prevents startup failure on new installs

 - Mon Jul 17 2006 Petr Rockai <prockai at redhat.com> - 1.0-0.rc2.1

 - reenable inotify and see what happens

 - Thu Jul 13 2006 Petr Rockai <prockai at redhat.com> - 1.0-0.rc2

 - update to latest upstream release candidate

 - disable inotify for now, doesn't build -- this needs fixing though

 - Wed Jul 12 2006 Jesse Keating <jkeating at redhat.com>
 - 1.0-0.beta8.2.1

 - rebuild

 - Thu Jun 8 2006 Petr Rockai <prockai at redhat.com> - 1.0-0.beta8.2

 - put back pop3_uidl_format default that got lost in the beta2->beta7 upgrade (would cause pop3 to not work at all in many situations)

 - Thu May 4 2006 Petr Rockai <prockai at redhat.com> - 1.0-0.beta8.1

 - upgrade to latest upstream beta release (beta8)

 - contains a security fix in mbox handling

 - Thu May 4 2006 Petr Rockai <prockai at redhat.com> - 1.0-0.beta7.1

 - upgrade to latest upstream beta release

 - fixed BR 173048

 - Fri Mar 17 2006 Petr Rockai <prockai at redhat.com> - 1.0-0.beta2.8

 - fix sqlite detection in upstream configure checks, second part of #182240

 - Wed Mar 8 2006 Bill Nottingham <notting at redhat.com> - 1.0-0.beta2.7

 - fix scriplet noise some more

 - Mon Mar 6 2006 Jeremy Katz <katzj at redhat.com> - 1.0-0.beta2.6

 - fix scriptlet error (mitr, #184151)

 - Mon Feb 27 2006 Petr Rockai <prockai at redhat.com> - 1.0-0.beta2.5

 - fix #182240 by looking in lib64 for libs first and then lib

 - fix comment #1 in #182240 by copying over the example config files to documentation directory

 - Fri Feb 10 2006 Jesse Keating <jkeating at redhat.com> - 1.0-0.beta2.4.1

 - bump again for double-long bug on ppc(64)

 - Thu Feb 9 2006 Petr Rockai <prockai at redhat.com> - 1.0-0.beta2.4

 - enable inotify as it should work now (#179431)

 - Tue Feb 7 2006 Jesse Keating <jkeating at redhat.com>
 - 1.0-0.beta2.3.1

[plus 220 lines in the Changelog]

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

Update the affected dovecot and / or dovecot-debuginfo packages.

See Also

http://www.nessus.org/u?3b9ff09a

Plugin Details

Severity: High

ID: 24064

File Name: fedora_2006-1396.nasl

Version: 1.15

Type: local

Agent: unix

Published: 1/17/2007

Updated: 1/11/2021

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Vulnerability Information

CPE: p-cpe:/a:fedoraproject:fedora:dovecot, p-cpe:/a:fedoraproject:fedora:dovecot-debuginfo, cpe:/o:fedoraproject:fedora_core:6

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list

Patch Publication Date: 12/18/2006

Reference Information

FEDORA: 2006-1396