Package: postfix Version: 2.3.8-2etch1 Severity: grave Tags: security Justification: renders a DSA ineffective
The DSA 1629-1 upgrade of postfix is treated as a downgrade by dpkg and apt, and thus the upgrade won't happen unless the user takes unusual action (instructing them to proceed with a downgrade): dpkg - warning: downgrading postfix from 2.3.8-2+b1 to 2.3.8-2etch1. Preparing to replace postfix 2.3.8-2+b1 (using .../postfix_2.3.8-2etch1_i386.deb) ... -- System Information: Debian Release: 4.0 APT prefers stable APT policy: (990, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.23.1-bytemark-uml Locale: LANG=fi_FI.UTF-8, LC_CTYPE=fi_FI.UTF-8 (charmap=UTF-8) Versions of packages postfix depends on: ii adduser 3.102 Add and remove users and groups ii debconf [debconf-2.0] 1.5.11etch2 Debian configuration management sy ii dpkg 1.13.25 package maintenance system for Deb ii libc6 2.3.6.ds1-13etch7 GNU C Library: Shared libraries ii libdb4.3 4.3.29-8 Berkeley v4.3 Database Libraries [ ii libsasl2-2 2.1.22.dfsg1-8 Authentication abstraction library ii libssl0.9.8 0.9.8c-4etch3 SSL shared libraries ii lsb-base 3.1-23.2etch1 Linux Standard Base 3.1 init scrip ii netbase 4.29 Basic TCP/IP networking system ii ssl-cert 1.0.14 Simple debconf wrapper for openssl Versions of packages postfix recommends: ii emacs21 [mail-re 21.4a+1-3etch1 The GNU Emacs editor ii mailx [mail-read 1:8.1.2-0.20050715cvs-1 A simple mail user agent ii mutt [mail-reade 1.5.13-1.1etch1 text-based mailreader supporting M -- debconf information excluded -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]