Mercurial > dovecot > original-hg > dovecot-1.2
comparison NEWS @ 7391:c73d6224a96b HEAD 1.1.rc3
Released v1.1.rc3.
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Sun, 09 Mar 2008 12:51:51 +0200 |
parents | dfd811aa0418 |
children | 4607141a6bdc |
comparison
equal
deleted
inserted
replaced
7390:04297ce26b78 | 7391:c73d6224a96b |
---|---|
1 v1.1.rc3 2008-03-09 Timo Sirainen <tss@iki.fi> | |
2 | |
3 * Fixed a security hole in blocking passdbs (MySQL always. PAM, passwd | |
4 and shadow if blocking=yes) where user could specify extra fields | |
5 in the password. The main problem here is when specifying | |
6 "skip_password_check" introduced in v1.0.11 for fixing master user | |
7 logins, allowing the user to log in as anyone without a valid | |
8 password. | |
9 | |
10 - mail_privileged_group was broken in some systems (OS X, Solaris?) | |
11 | |
1 v1.1.rc2 2008-03-08 Timo Sirainen <tss@iki.fi> | 12 v1.1.rc2 2008-03-08 Timo Sirainen <tss@iki.fi> |
2 | 13 |
3 * mail_extra_groups setting was commonly used insecurely. This setting | 14 * mail_extra_groups setting was commonly used insecurely. This setting |
4 is now deprecated. Most users should switch to using | 15 is now deprecated. Most users should switch to using |
5 mail_privileged_group setting, but if you really need the old | 16 mail_privileged_group setting, but if you really need the old |