Login
Newsletter
Werbung

Sicherheit: Preisgabe von Informationen in notmuch
Aktuelle Meldungen Distributionen
Name: Preisgabe von Informationen in notmuch
ID: FEDORA-2012-3315
Distribution: Fedora
Plattformen: Fedora 15
Datum: So, 18. März 2012, 10:58
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1103
Applikationen: notmuch

Originalnachricht

Name        : notmuch
Product : Fedora 15
Version : 0.5
Release : 5.fc15
URL : http://notmuchmail.org/
Summary : System for indexing, searching, and tagging email
Description :
Fast system for indexing, searching, and tagging email. Even if you
receive 12000 messages per month or have on the order of millions of
messages that you've been saving for decades, Notmuch will be able to
quickly search all of it.

Notmuch is not much of an email program. It doesn't receive messages
(no POP or IMAP support). It doesn't send messages (no mail composer,
no network code at all). And for what it does do (email search) that
work is provided by an external library, Xapian. So if Notmuch
provides no user interface and Xapian does all the heavy lifting, then
what's left here? Not much.

-------------------------------------------------------------------------------
-
Update Information:

CVE-2011-1103: tag information disclosure flaw
-------------------------------------------------------------------------------
-
ChangeLog:

* Wed Mar 7 2012 Karel Klíč <kklic@redhat.com> - 0.5-5
- Added patch for CVE-2011-1103: tag information disclosure flaw
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #800036 - CVE-2011-1103 notmuch: tag information disclosure flaw
https://bugzilla.redhat.com/show_bug.cgi?id=800036
-------------------------------------------------------------------------------
-

This update can be installed with the "yum" update program. Use
su -c 'yum update notmuch' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung