Cyrus IMAPd 2.2.13p1 & 2.3.15 Released
David R Bosso
dbosso+lists.cyrus at lsit.ucsb.edu
Wed Sep 9 13:07:31 EDT 2009
Is there a specific reason the patch for bug #3159 wasn't included? I've
been adding it locally and just wondering if should continue to do so.
Thanks.
-David
--On September 9, 2009 9:47:14 AM -0400 Ken Murchison
<murch at andrew.cmu.edu> wrote:
> I'd like to announce the releases of Cyrus IMAPd 2.2.13p1 and 2.3.15.
> These releases should both be considered production quality. These
> releases are being made at this time to fix the potential buffer
> overflow vulnerability described in CERT VU#336053:
> http://www.kb.cert.org/vuls/id/336053
>
> The 2.2.13p1 release is no different from 2.2.13 other than the buffer
> overflow fix. The 2.3.15 release contains several other non-critical
> bugfixes and feature enhancements. For full details, please see
> doc/changes.html and doc/install-upgrade.html which are included in the
> distribution.
>
> I'd personally like to thank Bron Gondwana of Fastmail.fm for finding
> and fixing the buffer overflow, as well as his numerous other
> contributions to the 2.3.15 release.
>
> URLs for these releases:
> ftp://ftp.andrew.cmu.edu/pub/cyrus/cyrus-imapd-2.2.13p1.tar.gz
> ftp://ftp.andrew.cmu.edu/pub/cyrus/cyrus-imapd-2.3.15.tar.gz
> or
> http://ftp.andrew.cmu.edu/pub/cyrus/cyrus-imapd-2.2.13p1.tar.gz
> http://ftp.andrew.cmu.edu/pub/cyrus/cyrus-imapd-2.3.15.tar.gz
>
>
> Questions and comments can be directed to
> info-cyrus at lists.andrew.cmu.edu (public list), or
> cyrus-bugs at andrew.cmu.edu.
>
> --
> Kenneth Murchison
> Systems Programmer
> Project Cyrus Developer/Maintainer
> Carnegie Mellon University
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> ----
> Cyrus Home Page: http://cyrusimap.web.cmu.edu/
> Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
More information about the Info-cyrus
mailing list