CVE-2008-4577 has been fixed in the 1.0 branch, but hasn't been released yet:
http://hg.dovecot.org/dovecot-1.0/rev/2dc3a5678fe5 I'm building packages including this fix and the FTBFS fix (#498679); let me know if it's okay to upload. Dominic. -- Dominic Hargreaves | http://www.larted.org.uk/~dom/ PGP key 5178E2A5 from the.earth.li (keyserver,web,email) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
