Cyrus 2.0.17 and 2.1.11 released
Rob Siemborski
rjs3 at andrew.cmu.edu
Thu Dec 5 17:52:04 EST 2002
Yes, but since it's unreleased we don't really bother announcing that.
The patch has obviously been moved forward to the 2.2 branch as well.
-Rob
On Thu, 5 Dec 2002, Kervin Pierre wrote:
> Is 2.2 CVS builds affected by this exploit?
>
> Rob Siemborski wrote:
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > This is to announce the release of Cyrus IMAPd 2.0.17 and 2.1.11 on
> > ftp.andrew.cmu.edu.
> >
> > These releases correct the pre-login buffer overflow vulnerabilities
> > recently mentioned on bugtraq.
> >
> > All sites are encouraged to upgrade to atleast 2.0.17.
> >
> > The source is available at:
> >
> > ftp://ftp.andrew.cmu.edu/pub/cyrus/cyrus-imapd-2.0.17.tar.gz
> > ftp://ftp.andrew.cmu.edu/pub/cyrus/cyrus-imapd-2.1.11.tar.gz
> > or
> > http://ftp.andrew.cmu.edu/pub/cyrus/cyrus-imapd-2.0.17.tar.gz
> > http://ftp.andrew.cmu.edu/pub/cyrus/cyrus-imapd-2.1.11.tar.gz
> >
> > - -Rob
> >
> > - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
> > Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456
> > Research Systems Programmer * /usr/contributed Gatekeeper
> >
> >
> > -----BEGIN PGP SIGNATURE-----
> > Version: PGP 6.5.8
> > Comment: Made with pgp4pine 1.76
> >
> > iQA/AwUBPe5cGWes8cJc4y/MEQLRKgCgqcPJqh97QWM9wxdtOGgcymPeSSYAoMn1
> > L2r2xAmPRdZp+/nPHpqroAyA
> > =ShGy
> > -----END PGP SIGNATURE-----
> >
> >
>
>
>
>
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456
Research Systems Programmer * /usr/contributed Gatekeeper
More information about the Info-cyrus
mailing list