It seems like the patch mentioned before does not directly apply in
the code at squeeze-update branch on git repository, so I modified it a
little.
Sadly, I cannot really make it work, it seems to be doing what is
needed, but if I try a:
openssl s_client -connect example.com:1234 -ssl3
It
On 10/16/14 06:19, Thijs Kinkhorst wrote:
On Wed, October 15, 2014 16:30, Henrik Langos wrote:
Here's the patch:
http://www.dovecot.org/pipermail/dovecot/2014-October/098244.html
There is also a statement that pop/imap might be harder/impossible to
exploit but I wouldn't buy that just yet:
Package: dovecot-common
Version: 1:1.2.15-7
Severity: grave
Tags: security squeeze upstream
Justification: user security hole
Hi there,
I guess everybody knows by now that CVE-2014-3566 changes the status
of SSLv3 from mostly-obsolete to mostly-broken.
Unfortunately dovecot previous to 2.1
On Wed, October 15, 2014 14:07, Henrik Langos wrote:
There is a simple one line patch available for dovecot 2.0.
Maybe a similar way exists for 1.2.
Do you have a pointer to this patch?
Thijs
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe.
On Wed, October 15, 2014 16:30, Henrik Langos wrote:
Hi Thijs,
On 10/15/14 14:26, Thijs Kinkhorst wrote:
On Wed, October 15, 2014 14:07, Henrik Langos wrote:
There is a simple one line patch available for dovecot 2.0.
Maybe a similar way exists for 1.2.
Do you have a pointer to this patch?
5 matches
Mail list logo
