Cyrus IMSPd 1.6a4 and 1.7a Released
secabeen at pobox.com
Fri Dec 12 15:12:11 EST 2003
Rob Siemborski <rjs3 at andrew.cmu.edu> writes:
> This message is to announce the release of Cyrus IMSPd 1.6a4 and 1.7a on
> These releases correct a recently discovered buffer overflow
> vulnerability, as well as clean up a significant amount of buffer handling
> throughout the code. I'd like to thank Cyrus Daboo for the time he spent
> cleaning up a great deal of the code, and Felix Lindner of n.runs for
> alerting us to the vulnerability.
> All sites are urged to upgrade as soon as possible.
> The distribution is available at:
Do you have a patch for the vulnerability?
Ted Cabeen http://www.pobox.com/~secabeen ted at impulse.net
Check Website or Keyserver for PGP/GPG Key BA0349D2 secabeen at pobox.com
"I have taken all knowledge to be my province." -F. Bacon secabeen at cabeen.org
"Human kind cannot bear very much reality."-T.S.Eliot cabeen at netcom.com
More information about the Info-cyrus