From murch at andrew.cmu.edu  Wed Sep  9 09:47:14 2009
From: murch at andrew.cmu.edu (Ken Murchison)
Date: Wed, 09 Sep 2009 09:47:14 -0400
Subject: Cyrus IMAPd 2.2.13p1 & 2.3.15 Released
Message-ID: <4AA7B1E2.9010507@andrew.cmu.edu>

I'd like to announce the releases of Cyrus IMAPd 2.2.13p1 and 2.3.15. 
These releases should both be considered production quality.  These 
releases are being made at this time to fix the potential buffer 
overflow vulnerability described in CERT VU#336053:
http://www.kb.cert.org/vuls/id/336053

The 2.2.13p1 release is no different from 2.2.13 other than the buffer 
overflow fix.  The 2.3.15 release contains several other non-critical 
bugfixes and feature enhancements.  For full details, please see 
doc/changes.html and doc/install-upgrade.html which are included in the 
distribution.

I'd personally like to thank Bron Gondwana of Fastmail.fm for finding 
and fixing the buffer overflow, as well as his numerous other 
contributions to the 2.3.15 release.

URLs for these releases:
ftp://ftp.andrew.cmu.edu/pub/cyrus/cyrus-imapd-2.2.13p1.tar.gz
ftp://ftp.andrew.cmu.edu/pub/cyrus/cyrus-imapd-2.3.15.tar.gz
or
http://ftp.andrew.cmu.edu/pub/cyrus/cyrus-imapd-2.2.13p1.tar.gz
http://ftp.andrew.cmu.edu/pub/cyrus/cyrus-imapd-2.3.15.tar.gz


Questions and comments can be directed to
info-cyrus at lists.andrew.cmu.edu (public list), or cyrus-bugs at andrew.cmu.edu.

-- 
Kenneth Murchison
Systems Programmer
Project Cyrus Developer/Maintainer
Carnegie Mellon University