Cyrus IMAPd 2.2.13p1 & 2.3.15 Released
Simon Matter
simon.matter at invoca.ch
Wed Sep 9 16:20:33 EDT 2009
> I'd like to announce the releases of Cyrus IMAPd 2.2.13p1 and 2.3.15.
> These releases should both be considered production quality. These
> releases are being made at this time to fix the potential buffer
> overflow vulnerability described in CERT VU#336053:
> http://www.kb.cert.org/vuls/id/336053
>
> The 2.2.13p1 release is no different from 2.2.13 other than the buffer
> overflow fix. The 2.3.15 release contains several other non-critical
> bugfixes and feature enhancements. For full details, please see
> doc/changes.html and doc/install-upgrade.html which are included in the
> distribution.
>
> I'd personally like to thank Bron Gondwana of Fastmail.fm for finding
> and fixing the buffer overflow, as well as his numerous other
> contributions to the 2.3.15 release.
Hello Cyrus IMAP team,
Thanks for the new release. While upgrading our RPMs I found two small
issues:
1) Old (ancient) GCC doesn't like some of the new code. A patch to fix the
issue is attached.
2) Old (ancient) zlib doesn't have the deflateBound() function. Looks like
at least zlib >= 1.2.x is needed. Maybe the zlib detection could also
check the version of the deflateBound() function?
For those interested, the package is available in the usual place
http://www.invoca.ch/pub/packages/cyrus-imapd/
Regards,
Simon
-------------- next part --------------
A non-text attachment was scrubbed...
Name: cyrus-imapd-2.3.15-oldgcc.patch
Type: text/x-patch
Size: 1744 bytes
Desc: not available
Url : http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20090909/faa76f9a/attachment.bin
More information about the Info-cyrus
mailing list