dovecot-[0-9]* denial-of-service

To: tech-pkg%NetBSD.org@localhost
Subject: dovecot-[0-9]* denial-of-service
From: "D'Arcy J.M. Cain" <darcy%NetBSD.org@localhost>
Date: Mon, 11 Apr 2016 11:29:32 -0400

Try again with the correct mailing list name.

I have two questions.  First, is that perhaps too broad a stroke?  Is
it reasonable to make every version of dovecot, now and in the future,
subject to such an entry?  Would something more surgical be better?

Second, the reference is to a thread on a mailing list.  This is just
chatter discussing whether there is a vulnerability or not.  There is
no reference to an official bug report.

Hmmm.  I guess I have one question and one comment, not two questions.

The entry was made almost a year ago and there have been updates since
then specifically mentioning items that might have dealt with this but
without an actual reference to a bug report we can't tell if this is
fixed or not or even if it was a problem in the first place.


-- 
D'Arcy J.M. Cain <darcy%NetBSD.org@localhost>
http://www.NetBSD.org/ IM:darcy%Vex.Net@localhost

Follow-Ups:
- Re: dovecot-[0-9]* denial-of-service
  - From: netbsd.org
- Re: dovecot-[0-9]* denial-of-service
  - From: Benny Siegert

Prev by Date: Re: math/coinmp does not like pkg-config -> pkgconf transition
Next by Date: Re: dovecot-[0-9]* denial-of-service
Previous by Thread: compiling gcc5 (and others?) on MacOSX
Next by Thread: Re: dovecot-[0-9]* denial-of-service
Indexes:

Home | Main Index | Thread Index | Old Index