site_archiver@lists.apple.com Delivered-To: security-announce@lists.apple.com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2010-11-15-1 Mac OS X Server v10.6.5 (10H575) Mac OS X Server v10.6.5 (10H575) is now available and addresses the following: Dovecot CVE-ID: CVE-2010-4011 Available for: Mac OS X Server v10.6 through v10.6.5 (10H574) Impact: A user may receive mail intended for other users Description: A memory aliasing issue in Dovecot's handling of user names exists in Mac OS X Server v10.6.5 (10H574). On systems configured with Dovecot as a mail server, a user may receive mail that was intended for other users. This issue is addressed through improved memory management. Dovecot is only provided with Mac OS X Server systems. This issue only affects systems running Mac OS X Server v10.6.5 (10H574). This issue does not affect the Dovecot open source project. Mac OS X Server v10.6.5 (10H575) may be obtained from the Software Update pane in System Preferences, or Apple's Software Downloads web site: http://www.apple.com/support/downloads/ For Mac OS X v10.6.4 - v 10.6.5 (10H574) The download file is named: MacOSXServerUpd10.6.5.dmg Its SHA-1 digest is: 0688ed0f2b17e3fdce3147d442dcd4beb5ffc002 For Mac OS X v10.6 - v10.6.3 The download file is named: MacOSXServerUpdCombo10.6.5.dmg Its SHA-1 digest is: f3d57085b455c4830e7b5e97ea63b0a81722e5f3 The build number after installing this update is 10H575 or later. Mac OS X Server v10.6.5 (10H575) contains all security fixes released in Mac OS X Server v10.6.5 (10H574) on November 10, 2010. Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (Darwin) iQEcBAEBAgAGBQJM4brsAAoJEGnF2JsdZQeelggIAJ8EX8Br0A4AG0DVgndKr2Zp A4vzU9p4Xv+wWShdSLulPKdrXEbsfsM4SRMwN/UG+gOItRdQ6LD7s283zFiPt26p 0P6AG9sYjgnblRVW5UayhMhYDdL+memFV3bECbPUg8nfhyTa+wh2P2Gu3RVpe1SO xGCQXbliwP4MIXYsPmPcX4w2x6STGA69aD6BUBx5LsK9HO6WN4DRrQUFn/j9xWOT SPJy9IvIsirPzBF0dQsie5DKD2j8Cv2CMZkUAvxt3I0iL0svDnNCSF4BndtgKrUD jxx7h6iPW2lUtgqtmR4lDNcFDK4zRDuDfazQwlNh7uNaQAoUTpd5O8b7Ys5d9SQ= =5QLj -----END PGP SIGNATURE----- _______________________________________________ Do not post admin requests to the list. They will be ignored. Security-announce mailing list (Security-announce@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/security-announce/site_archiver%40lis... This email sent to site_archiver@lists.apple.com