Cyrus IMSPd 1.6a5 and 1.7a Released

Rob Siemborski rjs3 at
Mon Jan 19 12:48:37 EST 2004

This message is to announce the release of Cyrus IMSPd 1.6a4 and 1.7a on

This release corrects an error in literal parsing that results in a
potentially exploitable heap overflow.  As is often the case after a
security vulnerability is found, increased code auditing finds another
one, as is the case here.

All sites are urged to upgrade as soon as possible.


Rob Siemborski | Andrew Systems Group * Research Systems Programmer
PGP:0x5CE32FCC | Cyert Hall 207 * rjs3 at * 412.268.7456
Version: 3.12
GCS/IT/CM/PA d- s+: a-- C++++$ ULS++++$ P+++$ L+++ E W+ N(-) o? K- w-- O-
M-- V-- PS+ PE+ Y+ PGP+ t+@ 5+++ X- R@ tv-- b+ DI+++ D++ G e++ h+ r- y?

More information about the Info-cyrus mailing list