[3.3] postfixadmin: allows to delete protected aliases (CVE-2017-5930)
Affected versions:
PostfixAdmin 3.0 and 3.0.1
PostfixAdmin 2.91, 2.92 and 2.93 (which actually are 3.0 beta releases)
Older PostfixAdmin releases (2.3.x and older) are not affected.
PostfixAdmin 3.0.2 will fix this issue
References:
https://github.com/postfixadmin/postfixadmin/pull/23
http://openwall.com/lists/oss-security/2017/02/07/6
(from redmine: issue id 6837, created on 2017-02-09, closed on 2017-02-15)
- Relations:
- parent #6833 (closed)
- Changesets:
- Revision 4b15291a by Sergei Lukin on 2017-02-15T07:10:08Z:
main/postfixadmin: security upgrade to 3.0.2 - fixes #6837
CVE-2017-5930: allows to delete protected aliases
https://svn.code.sf.net/p/postfixadmin/code/trunk/CHANGELOG.TXT