oss-sec mailing list archives
Any info on dovecot CVE-2010-0535?
From: Michael Gilbert <mgilbert () debian org>
Date: Sun, 7 Apr 2013 21:29:43 -0400
I'm in the process of reviewing some older untriaged issues in the Debian security tracker. I came across this Apple id (CVE-2010-0535) in dovecot. Being Apple advisory, there is absolutely no useful information included, but based on the text, the issue is dependent on Kerberos. I found no other dovecot CVEs involving Kerberos, so the question I have is whether this is still currently an unfixed issue affecting dovecot? Was it Apple-specific? Generally, what can be done by distro security teams about issues with no actionable information? Would Mitre be willing to nudge Apple for information? Best wishes, Mike
Current thread:
- Any info on dovecot CVE-2010-0535? Michael Gilbert (Apr 07)
- Re: Any info on dovecot CVE-2010-0535? Geoff Keating (Apr 08)