Note a local mailbox DoS vulnerability, advisory forthcoming.

author: Kris Kennaway <kris@FreeBSD.org> 2000-04-23 22:06:25 +0000
committer: Kris Kennaway <kris@FreeBSD.org> 2000-04-23 22:06:25 +0000
commit: 66368ffe6ca571f23a73228dac73e613fc1385be (patch)
tree: 9b05baf8f92a77ba2984ecf34145711a9f2e93fb /mail/imap-uw
parent: Upgrade to 1.0.6 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/mail/imap-uw/pkg-install b/mail/imap-uw/pkg-install
index 05200dccd71d..6257ca0fce8f 100644
--- a/mail/imap-uw/pkg-install
+++ b/mail/imap-uw/pkg-install
@@ -5,7 +5,7 @@ case $2 in
     POST-INSTALL)
 	;;
     PRE-INSTALL)
-	if dialog --yesno "This port is not safe to use on a system which does not\nprovide shell access to users who can retrieve mail via IMAP.\nimapd contains buffer overflows which a user can exploit\nafter they have logged into imap to get access to their\naccount on the machine. If your imap users have shell access\nanyway, this is not a significant vulnerability.\n\nDo you wish to proceed with the build?" 13 65 < ${TTY} >${TTY} 2>&1; then
+	if dialog --yesno "This port is not safe to use on a system which does not\nprovide shell access to users who can retrieve mail via IMAP.\nimapd contains buffer overflows which a user can exploit\nafter they have logged into imap to get access to their\naccount on the machine. If your imap users have shell access\nanyway, this is not a significant vulnerability.\n\nThere is also a vulnerability wherein local users can prevent\narbitrary POP2/3 mailboxes from being opened, and force IMAP\nmailboxes to only open read-only.\n\nDo you wish to proceed with the build?" 16 65 < ${TTY} >${TTY} 2>&1; then
 	    exit 0
 	else
 	    exit 1
author	Kris Kennaway <kris@FreeBSD.org>	2000-04-23 22:06:25 +0000
committer	Kris Kennaway <kris@FreeBSD.org>	2000-04-23 22:06:25 +0000
commit	66368ffe6ca571f23a73228dac73e613fc1385be (patch)
tree	9b05baf8f92a77ba2984ecf34145711a9f2e93fb /mail/imap-uw
parent	Upgrade to 1.0.6 (diff)