December 2008


Courier-Auth updated to 0.62.1

Sam Varshavchik has released an update on Christmas day (go figure, what a commitment) to the Courier-Auth daemon, this release correct a couple of minor compiler warnings and errors.:

  • cryptpassword.c: Fix compiler warnings
  • checkpasswordsha1.c: Fix compiler warnings.
  • authldaplib.c (auth_ldap_enumerate): Fix typo.

I’ve tested this release without a problem and my production server is running this version at the moment without a problem.

To upgrade your courier-auth installation read “Upgrading Courier-Auth

Merry Christmas and best wishes for 2009

I wanted to wish you all a very Merry Christmas, hopefully with some nice Mac releted stuff under the tree. Also all the best for the coming year, hopefully the recession will not hit us that hard.

I’m looking forward to a new Mac mini or any new Mac on my desktop.

If you have any wishes for the new year related to the content on this site please let me know perhaps I can make them come true. So what to add or what subject to cover anything goes as long as it falls within the boundaries of my abilities.

MySQL released version 5.0.75

I know version 5.1.x has been released but there is still much debate on wether this is safe enough to use in a production environment. I haven’t fully tested it yet in all the different environments and setups I would like to (mostly due to time constraints) before I commit to this new release.

This (5.0.75) is the version that comes after 5.0.67. This is a bug and security fix release and it is available in source format only. Because this is a security fix I would urge you all to upgrade your MySQL server installation.

Check all the fixes that are listed on the release notes to see what issues are resolved.

I’ve compiled this version and did some simple tests on Leopard and Tiger and both can be compiled and installed using the instructions in the documentation set without problems

Courier-Auth updated to 0.62.0

Sam Varshavchik has released an upgrade to the Courier-Auth daemon, it’s a minor bug fix which solves the following problems:

  • authpgsqllib.c: Use PQescapeStringConn() instead of removing all apostrophes from query parameters. This fixes a potential SQL injection vulnerability if the Postgres database uses a non-Latin locale.
  • Added support for {SSHA}-encrypted passwords. Based on a patch by Zou bin .
  • Added support for {SHA512} hash function.

I’ve tested this release without a problem and my production server is running this version at the moment without a problem.

To upgrade your courier-auth installation read “Upgrading Courier-Auth

Update 10.5.6 cripples postfix again!

Thanks to Steve who commented on the update notification we quikly discovered that the update cripples postfix just like it did with 10.5.5.

The update replaces the postfix binary (so there is no more support for mysql) and changes the configuration file main.cf so that postfix no longer accepts any connection from the outside world.

To solve these issues follow this procedure:

In the file /etc/postifx/main.cf comment out or delete the following line:

inet_interfaces = localhost

To solve the problem of the replaced binary you need to go nto the postfix source directoy of the last succesfull build and run:

sudo make install

Restarted postfix again and all was fine and running again.

Sorry, I’m still looking into the issue of missing this on my test system. I’ve upgraded my production system this morning before going into the office to make sure this was the case and how to solve it. My apologies for any inconviniences this might have caused.

Next Page »