Patrick Cheong Shu Yang discovered that courier-authdaemon, the authentication daemon of the Courier Mail Server, grants access to accounts that are already deactivated. For the old stable distribution (woody) this problem has been fixed in version 0.37.3-2.8. For the stable distribution (sarge) this problem has been fixed in version 0.47-4sarge4. For the unstable distribution (sid) this problem has been fixed in version 0.47-12. We recommend that you upgrade your courier packages.
Patrick Cheong Shu Yang discovered that courier-authdaemon, the authentication daemon of the Courier Mail Server, grants access to accounts that are already deactivated.
For the old stable distribution (woody) this problem has been fixed in version 0.37.3-2.8.
For the stable distribution (sarge) this problem has been fixed in version 0.47-4sarge4.
For the unstable distribution (sid) this problem has been fixed in version 0.47-12.
We recommend that you upgrade your courier packages.
MD5 checksums of the listed files are available in the original advisory.