| 1 |
Devon <devon@×××××.org> wrote: |
| 2 |
> Ben Cressey wrote: |
| 3 |
> |
| 4 |
> > It seems I missed the post to Bugtraq since it was issued as a Courier |
| 5 |
> > vulnerability, and I didn't read carefully enough to discover that |
| 6 |
> > Courier IMAP was also affected. Certainly this is my own fault, but I |
| 7 |
> > am just astonished that without Francisco's post I might have |
| 8 |
> > overlooked this serious problem altogether. |
| 9 |
> |
| 10 |
> I couldn't find the post to the Bugtraq mailing list. I searched my |
| 11 |
> archives and the archives at MARC -- no hits for Bugtraq ID 9845. Any |
| 12 |
> searches for "courier" also yielded no hits. I also didn't see anything |
| 13 |
> posted to FD. |
| 14 |
|
| 15 |
Same here. I also checked the courier-ML and found a corresponding post |
| 16 |
by Sam Varshavchik where he announced the new version, but he did not |
| 17 |
make clear that there is a vulnerability, he just stated in his |
| 18 |
announcement: |
| 19 |
|
| 20 |
> - East Asian character sets |
| 21 |
> |
| 22 |
> Several bugs in East Asian character set support have been fixed, and |
| 23 |
> many new character set mappings have been added, including euc-jp, |
| 24 |
> ksx-1001, ISO-2022-KR, ISO-2002-JP-1 |
| 25 |
|
| 26 |
Not a very good handling by all sides :( |
| 27 |
|
| 28 |
Cheers, |
| 29 |
Juri |
| 30 |
|
| 31 |
-- |
| 32 |
Juri Haberland <juri@××××××××××.com> |
| 33 |
|
| 34 |
|
| 35 |
-- |
| 36 |
gentoo-security@g.o mailing list |
Archives