CVE-2022-45935: Apache James server: Temporary File Information Disclosure

Description: Usage of temporary files with insecure permissions by the Apache James server allows an attacker with local access to access private user data in transit. Vulnerable components includes the SMTP stack and IMAP APPEND command. This issue affects Apache James server version 3.7.2 an

CVE-2022-45787: Apache James MIME4J: Temporary File Information Disclosure in MIME4J TempFileStorageProvider

Severity: low Description: Unproper laxist permissions on the temporary files used by MIME4J TempFileStorageProvider may lead to information disclosure to other local users. This issue affects Apache James MIME4J version 0.8.8 and prior versions. We recommend users to upgrade the version of Li

[ANNOUNCE] Apache James MIME4J 0.8.8 released

The Apache James (https://james.apache.org) community is pleased to announce the availability of Apache James MIME4J 0.8.9 library. Apache James MIME4J is a library for parsing and and building MIME messages, written in plain Java. Read more about this release: https://james.apache.org/james

[PASS] Re: Call for vote: Apache James MIME4J 0.8.9

Hello, With 3 upvotes, all of them binding, this vote passes. I will proceed with release next steps. Best regards, Benoit TELLIER On 30/12/2022 14:19, Benoit TELLIER wrote: Hi, I would like to propose a new vote for 0.8.9 release of the Apache James MIME4J library. You can find:  - The

[PASS] Re: Call for vote: Apache James JSPF 1.0.3

Hello, With 3 upvotes, all of them binding, this vote passes. I will proceed with release next steps. Best regards, Benoit TELLIER On 30/12/2022 14:23, Benoit TELLIER wrote: Hi, I would like to propose a new vote for 1.0.3 release of the Apache James JSPF library. You can find:  - The m

[PASS] Re: Call for vote: Apache James 3.7.3

Hello, With 3 upvotes, all of them binding, this vote passes. I will proceed with release next steps. Best regards, Benoit TELLIER On 30/12/2022 17:19, Benoit TELLIER wrote: Hi, I would like to propose a new vote for 3.7.3 release of the Apache James server. You can find:  - The maven r

[james-mime4j] branch master updated: [RELEASE] Bump changelog, readme, to 0.8.9 (#83)

This is an automated email from the ASF dual-hosted git repository. btellier pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/james-mime4j.git The following commit(s) were added to refs/heads/master by this push: new 26c8c38f [RELEASE] Bump changelog, readm

[jira] [Closed] (JAMES-3873) James 3.7.2 release' zip is missing lib folder

[ https://issues.apache.org/jira/browse/JAMES-3873?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Benoit Tellier closed JAMES-3873. - Resolution: Fixed Should be fixed for upcoming 3.7.3. Needs to recompile after release > Ja

svn commit: r59154 - /release/james/server/3.7.3/

Author: btellier Date: Fri Jan 6 03:39:59 2023 New Revision: 59154 Log: Fix 3.7.3 release materials Added: release/james/server/3.7.3/james-server-cassandra-app.zip (with props) release/james/server/3.7.3/james-server-cassandra-app.zip.asc (with props) release/james/server/3.7.3/