Information on source package courier

Available versions

ReleaseVersion
buster1.0.6-1
bullseye1.0.16-3
bookworm1.0.16-3
sid1.0.16-3.2

Open issues

BugbusterbullseyebookwormsidDescription
CVE-2021-38084vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerableAn issue was discovered in the POP3 component of Courier Mail Server b ...

Open unimportant issues

BugbusterbullseyebookwormsidDescription
CVE-2005-1308vulnerablevulnerablevulnerablevulnerableSqWebMail allows remote attackers to inject arbitrary web script or HT ...
CVE-2004-2313vulnerablevulnerablevulnerablevulnerableInter7 SqWebMail 3.4.1 through 3.6.1 generates different error message ...

Resolved issues

BugDescription
CVE-2006-2659libs/comverp.c in Courier MTA before 0.53.2 allows attackers to cause ...
CVE-2005-3532authpam.c in courier-authdaemon for Courier Mail Server 0.37.3 through ...
CVE-2005-2820Cross-site scripting (XSS) vulnerability in SqWebMail 5.0.4 allows rem ...
CVE-2005-2769Cross-site scripting (XSS) vulnerability in SqWebMail 5.0.4 and possib ...
CVE-2005-2724Cross-site scripting (XSS) vulnerability in SqWebMail 5.0.4 allows rem ...
CVE-2005-2151spf.c in Courier Mail Server does not properly handle DNS failures whe ...
CVE-2004-0777Format string vulnerability in the auth_debug function in Courier-IMAP ...
CVE-2004-0591Cross-site scripting (XSS) vulnerability in the print_header_uc functi ...
CVE-2004-0224Multiple buffer overflows in (1) iso2022jp.c or (2) shiftjis.c for Cou ...
CVE-2003-0040SQL injection vulnerability in the PostgreSQL auth module for courier ...
CVE-2002-1311Courier sqwebmail before 0.40.0 does not quickly drop privileges after ...
CVE-2002-0914Double Precision Courier e-mail MTA allows remote attackers to cause a ...

Security announcements

DSA / DLADescription
DSA-1101courier - programming error
DSA-917-1courier - programming error
DSA-820-1courier - missing input sanitising
DSA-793-1courier - missing input sanitising
DSA-784-1courier - programming error
DSA-533courier - cross-site scripting
DSA-247courier-ssl - missing input sanitizing
DSA-197courier - buffer overflow

Search for package or bug name: Reporting problems