| Release | Version |
|---|---|
| jessie | 0.73.1-1.6 |
| stretch | 0.76.3-5+deb9u1 |
| buster | 1.0.6-1 |
| bullseye | 1.0.16-3 |
| bookworm | 1.0.16-3 |
| sid | 1.0.16-3.2 |
| Bug | jessie | stretch | buster | bullseye | bookworm | sid | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-38084 | vulnerable (no DSA, postponed) | vulnerable (no DSA, postponed) | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable | An issue was discovered in the POP3 component of Courier Mail Server b ... |
| Bug | jessie | stretch | buster | bullseye | bookworm | sid | Description |
|---|---|---|---|---|---|---|---|
| CVE-2005-1308 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | SqWebMail allows remote attackers to inject arbitrary web script or HT ... |
| CVE-2004-2313 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | Inter7 SqWebMail 3.4.1 through 3.6.1 generates different error message ... |
| Bug | Description |
|---|---|
| CVE-2006-2659 | libs/comverp.c in Courier MTA before 0.53.2 allows attackers to cause ... |
| CVE-2005-3532 | authpam.c in courier-authdaemon for Courier Mail Server 0.37.3 through ... |
| CVE-2005-2820 | Cross-site scripting (XSS) vulnerability in SqWebMail 5.0.4 allows rem ... |
| CVE-2005-2769 | Cross-site scripting (XSS) vulnerability in SqWebMail 5.0.4 and possib ... |
| CVE-2005-2724 | Cross-site scripting (XSS) vulnerability in SqWebMail 5.0.4 allows rem ... |
| CVE-2005-2151 | spf.c in Courier Mail Server does not properly handle DNS failures whe ... |
| CVE-2004-0777 | Format string vulnerability in the auth_debug function in Courier-IMAP ... |
| CVE-2004-0591 | Cross-site scripting (XSS) vulnerability in the print_header_uc functi ... |
| CVE-2004-0224 | Multiple buffer overflows in (1) iso2022jp.c or (2) shiftjis.c for Cou ... |
| CVE-2003-0040 | SQL injection vulnerability in the PostgreSQL auth module for courier ... |
| CVE-2002-1311 | Courier sqwebmail before 0.40.0 does not quickly drop privileges after ... |
| CVE-2002-0914 | Double Precision Courier e-mail MTA allows remote attackers to cause a ... |
| DSA / DLA | Description |
|---|---|
| DSA-1101 | courier - programming error |
| DSA-917-1 | courier - programming error |
| DSA-820-1 | courier - missing input sanitising |
| DSA-793-1 | courier - missing input sanitising |
| DSA-784-1 | courier - programming error |
| DSA-533 | courier - cross-site scripting |
| DSA-247 | courier-ssl - missing input sanitizing |
| DSA-197 | courier - buffer overflow |