-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Hi,
Recently there's a security report about qmail-tls being
affected by the STARTTLS vulnerability found by Wietse Venema.
http://www.vupen.com/english/advisories/2011/0612
I just want to confirm if qmail-ldap is vulnerable too.
The patch seems to be trivial
http://inoa.net/qmail-tls/vu555316.patch
I can see that qmail-ldap uses a diferent flush() function,
but it would be great to listen from upstream. :)
Kind regards,
- --
Felipe Augusto van de Wiel <felipe.w...@complexopequenoprincipe.org.br>
Tecnologia da Informação (TI) - Complexo Pequeno Príncipe
http://www.pequenoprincipe.org.br/ T: +55 41 3310 1747
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iQIcBAEBCgAGBQJN0n8TAAoJECCPPxLgxLxPR+oP/2WjJfGBaRyNm7hfLnRiPm4y
/ckpVCdHN5V41pLHQD/04YsECc88puHa/cTS2CGbrnXBMaEreCaM67E9VSx4UYpx
+wR3ol+EtFN29BaiAjOIT6xCSZDk/nKbh21106BOeMB5GikJWGjDTJLi9+K5VGNB
1EfLFuegb7Wxi9SIrZg3J+YD7eNPOSf0VYfHAeso7yV9Adv4Tg0iBxJTH+hv3wZ4
VNsckn5G82XFfPhC9BRfJ4zD23OAxtjP9qhAkqJcQn8hJgDQzKmHfxklzitwAE/R
frY8+YBXvAR676oIgMf2FtXpUSfVhLo/zQOxYgoVliTA3SSnsbK3fmuRkynZ4Xv6
JQ/zMosxSwd+2zp+05+4MpkPsR0ChSYfqQlBIlopQf42bg+qjyRBd7QImuzO2O+Y
gl19QdUbQRIfTIuKWP0Quzs2sXp2wuPkZEEwxeLj/1Say0MG2uLr96q4MAfVPc9n
2wqF1Y8fRzEm8WwxkgaJRaycN6TQnKwJiffWUz9/mvKgq4HRFvp8rPm1VUiZBwp/
8Og8eyPMY8uT9j4d0fAWMtMkU6bMoOZOq8mSHHU3C3ZNuRuGeulstaz2ffTiozST
5bJeTo1NU4cFXWHlIrtLaCHVs2pbxAY0iIVzfOC9b9wF575g8acL+WycADjpTXe0
GR35PdNieht9FFiSZ/pZ
=qAi0
-----END PGP SIGNATURE-----
