=========================================================== Ubuntu Security Notice USN-174-1 August 26, 2005 courier vulnerability CAN-2005-2151 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 5.04 (Hoary Hedgehog) The following packages are affected: courier-base The problem can be corrected by upgrading the affected package to version 0.47-3ubuntu1.1. In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: A Denial of Service vulnerability has been discovered in the Courier mail server. Due to a flawed status code check, failed DNS (domain name service) queries for SPF (sender policy framework) were not handled properly and could lead to memory corruption. A malicious DNS server could exploit this to crash the Courier server. However, SPF is not enabled by default, so you are only vulnerable if you explicitly enabled it. The Ubuntu 4.10 version of courier is not affected by this. Source archives: http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier_0.47-3ubuntu1.1.diff.gz Size/MD5: 106779 1a9b25b9a8a00e3ef25cdb0f246913bb http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier_0.47-3ubuntu1.1.dsc Size/MD5: 1204 b597835faf1ace190efe31862e565f14 http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier_0.47.orig.tar.gz Size/MD5: 6350808 361a84e497148ce557c150d3576ec24b Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier-doc_0.47-3ubuntu1.1_all.deb Size/MD5: 370214 2f491d963cff6f0443e7a386a314e5fb amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier-authdaemon_0.47-3ubuntu1.1_amd64.deb Size/MD5: 61876 de263d02b5f22d28e544d7c44a7fd0fa http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-authmysql_0.47-3ubuntu1.1_amd64.deb Size/MD5: 56580 84732b3212841e6f8287725e66546532 http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-authpostgresql_0.47-3ubuntu1.1_amd64.deb Size/MD5: 56790 36f6d95274da8147ef602bb529165f15 http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier-base_0.47-3ubuntu1.1_amd64.deb Size/MD5: 256868 a5b6772fc595d5fb405ec58cc3836343 http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-faxmail_0.47-3ubuntu1.1_amd64.deb Size/MD5: 28430 10628e477c7e9f5d9d88b4c540a8fd67 http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier-imap-ssl_3.0.8-3ubuntu1.1_amd64.deb Size/MD5: 20988 1cd30b0c20a1c49b6662251954b17edf http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier-imap_3.0.8-3ubuntu1.1_amd64.deb Size/MD5: 950426 8c1b21e6e28eb4de46d6ceb0d7febb4c http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-ldap_0.47-3ubuntu1.1_amd64.deb Size/MD5: 73698 4f6c8fbbdce0cf96eadb8367d196b581 http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-maildrop_0.47-3ubuntu1.1_amd64.deb Size/MD5: 942982 d5960e61994809c9e3affc3e42b4014b http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-mlm_0.47-3ubuntu1.1_amd64.deb Size/MD5: 122324 c228b012609b35efd9c073b82953409a http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-mta-ssl_0.47-3ubuntu1.1_amd64.deb Size/MD5: 19000 2d56a63f0560bae92d9a3ce437ec40e7 http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-mta_0.47-3ubuntu1.1_amd64.deb Size/MD5: 2157216 b8bb4e90aa5aa42fea1e3bdc48ac0683 http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-pcp_0.47-3ubuntu1.1_amd64.deb Size/MD5: 66194 487ff885cb1958bf6be0bc6194a653be http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier-pop-ssl_0.47-3ubuntu1.1_amd64.deb Size/MD5: 20792 d65da48fead292db9dcd7b76d5258e1d http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier-pop_0.47-3ubuntu1.1_amd64.deb Size/MD5: 422972 0e9ba8bb27a01c8bed8af314d2798f12 http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier-ssl_0.47-3ubuntu1.1_amd64.deb Size/MD5: 195262 c857932ff7bd5d9d89b87bb8ff2ba3d2 http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-webadmin_0.47-3ubuntu1.1_amd64.deb Size/MD5: 34116 ef1b279b0a81defbe3a6987f323bd4c7 http://security.ubuntu.com/ubuntu/pool/universe/c/courier/sqwebmail_0.47-3ubuntu1.1_amd64.deb Size/MD5: 797796 7947a2d059a1477c45d7f8267e5a27c8 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier-authdaemon_0.47-3ubuntu1.1_i386.deb Size/MD5: 55720 b29081bd370dc167bd49bb777577ce07 http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-authmysql_0.47-3ubuntu1.1_i386.deb Size/MD5: 51706 181aa889862179da1b102c24e417a605 http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-authpostgresql_0.47-3ubuntu1.1_i386.deb Size/MD5: 51808 020ba1b7d33cf285d113565a60c0c9a7 http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier-base_0.47-3ubuntu1.1_i386.deb Size/MD5: 233042 db4f3db33ee426d07efb9e26464ea8a4 http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-faxmail_0.47-3ubuntu1.1_i386.deb Size/MD5: 28440 f2f30753cd5b77ca443dd609bf4b6640 http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier-imap-ssl_3.0.8-3ubuntu1.1_i386.deb Size/MD5: 21000 91262b5dd89d2f2e2c3c6b8f3ca9b3ee http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier-imap_3.0.8-3ubuntu1.1_i386.deb Size/MD5: 925154 a19438bf0affca4f39e4834144ce6f57 http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-ldap_0.47-3ubuntu1.1_i386.deb Size/MD5: 67124 45d40251a45b6e1eb022c07a5c0ac96c http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-maildrop_0.47-3ubuntu1.1_i386.deb Size/MD5: 916614 e2ae94557cc43a0fccfdede6b494847f http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-mlm_0.47-3ubuntu1.1_i386.deb Size/MD5: 117024 7e13101fce208ee36ad295cc96f58b8c http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-mta-ssl_0.47-3ubuntu1.1_i386.deb Size/MD5: 19000 6b98ae4bf01a0b755ce36ee8450df913 http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-mta_0.47-3ubuntu1.1_i386.deb Size/MD5: 2051398 54785d8358798e01c1e7cd75a0179f87 http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-pcp_0.47-3ubuntu1.1_i386.deb Size/MD5: 59412 659165ad7435919cae62087ea67a61c8 http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier-pop-ssl_0.47-3ubuntu1.1_i386.deb Size/MD5: 20798 a8511ba4003d0a98910780f9c6a81b51 http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier-pop_0.47-3ubuntu1.1_i386.deb Size/MD5: 414710 0661fbb59d4822bbaa89cd76ed0faec3 http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier-ssl_0.47-3ubuntu1.1_i386.deb Size/MD5: 191648 703725b68576be2e0e2dde7365c89b56 http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-webadmin_0.47-3ubuntu1.1_i386.deb Size/MD5: 33930 a3ba2eafbada47a29bbbe0c348abcb4f http://security.ubuntu.com/ubuntu/pool/universe/c/courier/sqwebmail_0.47-3ubuntu1.1_i386.deb Size/MD5: 764474 77a7807c6dc4b29c65226b4116a0ab60 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier-authdaemon_0.47-3ubuntu1.1_powerpc.deb Size/MD5: 62180 026f930d9aeda05abe3c96c4a5134576 http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-authmysql_0.47-3ubuntu1.1_powerpc.deb Size/MD5: 57404 eaf62404759ff0a9b51aec53085c5937 http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-authpostgresql_0.47-3ubuntu1.1_powerpc.deb Size/MD5: 57596 8263e0f917a29040aefc369b6d03dee0 http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier-base_0.47-3ubuntu1.1_powerpc.deb Size/MD5: 251108 002164890ff6fa38aa38250769f6e865 http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-faxmail_0.47-3ubuntu1.1_powerpc.deb Size/MD5: 28440 64937b2ca6bfd5ea6991f20b1643e08c http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier-imap-ssl_3.0.8-3ubuntu1.1_powerpc.deb Size/MD5: 21002 bff8911a3e3f3a170af82e0bf6b4d3d4 http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier-imap_3.0.8-3ubuntu1.1_powerpc.deb Size/MD5: 1066812 d89d19a6f329b0616cc11fa5cb50493d http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-ldap_0.47-3ubuntu1.1_powerpc.deb Size/MD5: 74626 0c9d8caf59d0690736c5cb78d86c4736 http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-maildrop_0.47-3ubuntu1.1_powerpc.deb Size/MD5: 1059480 e526ec1ecbc8450f04f01570a94fc6e2 http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-mlm_0.47-3ubuntu1.1_powerpc.deb Size/MD5: 128576 1e5ebe65797acf318b908d97ce72e598 http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-mta-ssl_0.47-3ubuntu1.1_powerpc.deb Size/MD5: 19004 cfe16a1f74132bde222846531c846627 http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-mta_0.47-3ubuntu1.1_powerpc.deb Size/MD5: 2381060 51e095bc967480104ae0eed642f0bbcc http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-pcp_0.47-3ubuntu1.1_powerpc.deb Size/MD5: 66298 73ae71988e6f4eac389849f2ccc93928 http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier-pop-ssl_0.47-3ubuntu1.1_powerpc.deb Size/MD5: 20794 fbc719659328c0364592cdb053c307e4 http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier-pop_0.47-3ubuntu1.1_powerpc.deb Size/MD5: 478786 ec23e9d7a4ec7a3147ed5ee3dd56d1c9 http://security.ubuntu.com/ubuntu/pool/main/c/courier/courier-ssl_0.47-3ubuntu1.1_powerpc.deb Size/MD5: 196272 d0f53bb2e6e062953614af0c8b9c8c29 http://security.ubuntu.com/ubuntu/pool/universe/c/courier/courier-webadmin_0.47-3ubuntu1.1_powerpc.deb Size/MD5: 34308 eca6058c39efaca3b818cd826e768782 http://security.ubuntu.com/ubuntu/pool/universe/c/courier/sqwebmail_0.47-3ubuntu1.1_powerpc.deb Size/MD5: 860430 5f8aecef0639b6be5738509811f8de29
Attachment:
signature.asc
Description: Digital signature