Project

General

Profile

Bug #6835

Bug #6833: postfixadmin: allows to delete protected aliases (CVE-2017-5930)

[3.5] postfixadmin: allows to delete protected aliases (CVE-2017-5930)

Added by Alicha CH almost 2 years ago. Updated almost 2 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Security
Target version:
Start date:
02/09/2017
Due date:
% Done:

100%

Estimated time:
Affected versions:
Security IDs:

Description

Affected versions:

PostfixAdmin 3.0 and 3.0.1

PostfixAdmin 2.91, 2.92 and 2.93 (which actually are 3.0 beta releases)

Older PostfixAdmin releases (2.3.x and older) are not affected.

PostfixAdmin 3.0.2 will fix this issue

References:

https://github.com/postfixadmin/postfixadmin/pull/23
http://openwall.com/lists/oss-security/2017/02/07/6

Associated revisions

Revision d1260370 (diff)
Added by Sergei Lukin almost 2 years ago

main/postfixadmin: security upgrade to 3.0.2 - fixes #6835

CVE-2017-5930: allows to delete protected aliases

https://svn.code.sf.net/p/postfixadmin/code/trunk/CHANGELOG.TXT

History

#1 Updated by Sergei Lukin almost 2 years ago

  • Status changed from New to Resolved
  • % Done changed from 0 to 100

#2 Updated by Alicha CH almost 2 years ago

  • Category set to Security
  • Status changed from Resolved to Closed

Also available in: Atom PDF