Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

Spinning processes

Related Vulnerabilities: CVE-2006-2659  

Source

Debian Bug report logs - #368834
Spinning processes

version graph

Package: courier-mta; Maintainer for courier-mta is Markus Wanner <markus@bluegap.ch>; Source for courier-mta is src:courier (PTS, buildd, popcon).

Reported by: Stefan Hornburg <racke@linuxia.de>

Date: Thu, 25 May 2006 09:18:02 UTC

Severity: normal

Tags: fixed-upstream, security

Fixed in version courier/0.53.2-1

Done: Stefan Hornburg (Racke) <racke@linuxia.de>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to debian-bugs-dist@lists.debian.org, Stefan Hornburg (Racke) <racke@linuxia.de>:
Bug#368834; Package courier-mta. (full text, mbox, link).

Acknowledgement sent to Stefan Hornburg <racke@linuxia.de>:
New Bug report received and forwarded. Copy sent to Stefan Hornburg (Racke) <racke@linuxia.de>. (full text, mbox, link).

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Stefan Hornburg <racke@linuxia.de>
To: submit@bugs.debian.org
Cc: team@security.debian.org
Subject: Spinning processes
Date: Thu, 25 May 2006 11:05:55 +0200
package: courier-mta
tags: security

The upstream author lists in the changelog of the 0.53.2 release:

Security: Fix a bug in Courier that, under certain circumstances, may 
cause a number of processes to spin.  Backported patch for earlier versions 
of Courier: http://www.courier-mta.org/beta/patches/verp-fix/.

-- 
LinuXia Systems => http://www.linuxia.de/
Expert Interchange Consulting and System Administration
ICDEVGROUP => http://www.icdevgroup.org/
Interchange Development Team

Tags added: fixed-upstream, pending Request was from Stefan Hornburg <racke@linuxia.de> to control@bugs.debian.org. (full text, mbox, link).

Reply sent to Stefan Hornburg (Racke) <racke@linuxia.de>:
You have taken responsibility. (full text, mbox, link).

Notification sent to Stefan Hornburg <racke@linuxia.de>:
Bug acknowledged by developer. (full text, mbox, link).

Message #12 received at 368834-close@bugs.debian.org (full text, mbox, reply):

From: Stefan Hornburg (Racke) <racke@linuxia.de>
To: 368834-close@bugs.debian.org
Subject: Bug#368834: fixed in courier 0.53.2-1
Date: Wed, 31 May 2006 06:02:13 -0700
Source: courier
Source-Version: 0.53.2-1

We believe that the bug you reported is fixed in the latest version of
courier, which is due to be installed in the Debian FTP archive:

courier-base_0.53.2-1_i386.deb
  to pool/main/c/courier/courier-base_0.53.2-1_i386.deb
courier-doc_0.53.2-1_all.deb
  to pool/main/c/courier/courier-doc_0.53.2-1_all.deb
courier-faxmail_0.53.2-1_i386.deb
  to pool/main/c/courier/courier-faxmail_0.53.2-1_i386.deb
courier-imap-ssl_4.1.1-1_i386.deb
  to pool/main/c/courier/courier-imap-ssl_4.1.1-1_i386.deb
courier-imap_4.1.1-1_i386.deb
  to pool/main/c/courier/courier-imap_4.1.1-1_i386.deb
courier-ldap_0.53.2-1_i386.deb
  to pool/main/c/courier/courier-ldap_0.53.2-1_i386.deb
courier-maildrop_0.53.2-1_i386.deb
  to pool/main/c/courier/courier-maildrop_0.53.2-1_i386.deb
courier-mlm_0.53.2-1_i386.deb
  to pool/main/c/courier/courier-mlm_0.53.2-1_i386.deb
courier-mta-ssl_0.53.2-1_i386.deb
  to pool/main/c/courier/courier-mta-ssl_0.53.2-1_i386.deb
courier-mta_0.53.2-1_i386.deb
  to pool/main/c/courier/courier-mta_0.53.2-1_i386.deb
courier-pcp_0.53.2-1_i386.deb
  to pool/main/c/courier/courier-pcp_0.53.2-1_i386.deb
courier-pop-ssl_0.53.2-1_i386.deb
  to pool/main/c/courier/courier-pop-ssl_0.53.2-1_i386.deb
courier-pop_0.53.2-1_i386.deb
  to pool/main/c/courier/courier-pop_0.53.2-1_i386.deb
courier-ssl_0.53.2-1_i386.deb
  to pool/main/c/courier/courier-ssl_0.53.2-1_i386.deb
courier-webadmin_0.53.2-1_i386.deb
  to pool/main/c/courier/courier-webadmin_0.53.2-1_i386.deb
courier_0.53.2-1.diff.gz
  to pool/main/c/courier/courier_0.53.2-1.diff.gz
courier_0.53.2-1.dsc
  to pool/main/c/courier/courier_0.53.2-1.dsc
courier_0.53.2.orig.tar.gz
  to pool/main/c/courier/courier_0.53.2.orig.tar.gz
sqwebmail_0.53.2-1_i386.deb
  to pool/main/c/courier/sqwebmail_0.53.2-1_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 368834@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Stefan Hornburg (Racke) <racke@linuxia.de> (supplier of updated courier package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Fri, 26 May 2006 21:53:56 +0200
Source: courier
Binary: courier-mlm courier-ldap courier-faxmail courier-pcp courier-maildrop courier-imap courier-mta-ssl courier-pop-ssl courier-base sqwebmail courier-ssl courier-pop courier-mta courier-webadmin courier-imap-ssl courier-doc
Architecture: source i386 all
Version: 0.53.2-1
Distribution: unstable
Urgency: low
Maintainer: Stefan Hornburg (Racke) <racke@linuxia.de>
Changed-By: Stefan Hornburg (Racke) <racke@linuxia.de>
Description: 
 courier-base - Courier Mail Server - Base system
 courier-doc - Courier Mail Server - Additional documentation
 courier-faxmail - Courier Mail Server - Faxmail gateway
 courier-imap - Courier Mail Server - IMAP server
 courier-imap-ssl - Courier Mail Server - IMAP over SSL
 courier-ldap - Courier Mail Server - LDAP support
 courier-maildrop - Courier Mail Server - Mail delivery agent
 courier-mlm - Courier Mail Server - Mailing list manager
 courier-mta - Courier Mail Server - ESMTP daemon
 courier-mta-ssl - Courier Mail Server - ESMTP over SSL
 courier-pcp - Courier Mail Server - PCP server
 courier-pop - Courier Mail Server - POP3 server
 courier-pop-ssl - Courier Mail Server - POP3 over SSL
 courier-ssl - Courier Mail Server - SSL/TLS Support
 courier-webadmin - Courier Mail Server - Web-based administration frontend
 sqwebmail  - Courier Mail Server - Webmail server
Closes: 284958 336662 353963 367873 368834 368998
Changes: 
 courier (0.53.2-1) unstable; urgency=low
 .
   * new upstream release (fixes bug that, under certain circumstances, may
     cause a number of processes to spin, Closes: #368834, CVE-2006-2659)
   * /var/run/courier no longer part of courier-base, moved to
     courier-authdaemon
   * logcheck file updates (Closes: #284958)
   * added couriertls messages to logcheck files (Closes: #353963, thanks
     to Martin Krafft <madduck@debian.org> for the report)
   * added Portuguese translation of Debconf templates (Closes: #336662,
     thanks to Miguel Figueiredo <elmig@debianpt.org>)
   * updated French translation of Debconf templates (Closes: #367873,
     thanks to Christian Perrier <bubulle@debian.org>)
   * updated Dutch translation of Debconf templates (Closes: #368998,
     thanks to Kurt de Bree <kdebree@telenet.be)
Files: 
 caeec708d7a51bb84a41d1f29d4a4a0d 1196 mail optional courier_0.53.2-1.dsc
 82c64ae808cb060f4afb016a9bee0895 10524724 mail optional courier_0.53.2.orig.tar.gz
 2ccb95cb8ae0696d8eb449a9779d3281 118235 mail optional courier_0.53.2-1.diff.gz
 689f3f53a203530784071776e3a328d5 350808 doc optional courier-doc_0.53.2-1_all.deb
 47eac7397a9bae7aaef5bdc231b93ad4 217916 mail optional courier-base_0.53.2-1_i386.deb
 300ebafcba7bc8224e90305c21836fd6 952602 mail optional courier-maildrop_0.53.2-1_i386.deb
 8a97b6b3b2dd1092fea38fec1221422c 112764 mail optional courier-mlm_0.53.2-1_i386.deb
 1b5a5f51b3a3ae97981a9134eef9e6b6 1367724 mail extra courier-mta_0.53.2-1_i386.deb
 54dff38aaf0d9aef8d8042dd8015b50c 30414 mail optional courier-faxmail_0.53.2-1_i386.deb
 113d94edea1a6551bb70356bb30e7ff0 40216 mail optional courier-webadmin_0.53.2-1_i386.deb
 280278cb02e3afd30516515cb2909678 806702 mail optional sqwebmail_0.53.2-1_i386.deb
 c5bf220e48669f02d874dd426c38d499 61336 mail optional courier-pcp_0.53.2-1_i386.deb
 8506b726f77e13e701fb4ddf09e8828c 48782 mail extra courier-pop_0.53.2-1_i386.deb
 a6d156cbb1e4ea52f9f6378704d598b5 33948 mail optional courier-ldap_0.53.2-1_i386.deb
 1f90eeb0033a00f1316f3632fd35a9f2 212586 mail optional courier-ssl_0.53.2-1_i386.deb
 2cbe0234adb5626b5d9cdd8408b51e03 20708 mail extra courier-mta-ssl_0.53.2-1_i386.deb
 a05a8abe134ff131a1e3c5df1e520890 22202 mail optional courier-pop-ssl_0.53.2-1_i386.deb
 32dfb941dfe5219eb0cd7c8a17661f1f 583814 mail extra courier-imap_4.1.1-1_i386.deb
 51a81e42e87de683a62b8896331aa5c9 22430 mail extra courier-imap-ssl_4.1.1-1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFEfZDwjgVfE5tya3ERAlfVAJ9wxYKRSt6wtOs8cemqLsTIREaKnACePV7W
lTXxMIflB6NPf3QIV0ZWU/U=
=7yiP
-----END PGP SIGNATURE-----

Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Mon, 25 Jun 2007 04:36:07 GMT) (full text, mbox, link).

Send a report that this bug log contains spam.

Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Wed Jun 19 14:05:07 2019; Machine Name: buxtehude

Debian Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started