Accepted cyrus21-imapd 2.1.16-10ubuntu1 (source)
Martin Pitt
martin.pitt at canonical.com
Tue Nov 23 12:10:02 CST 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Tue, 23 Nov 2004 08:53:14 +0100
Source: cyrus21-imapd
Binary: cyrus21-doc cyrus21-admin cyrus21-murder cyrus21-common cyrus21-imapd cyrus21-clients cyrus21-dev cyrus21-pop3d libcyrus-imap-perl21
Architecture: source
Version: 2.1.16-10ubuntu1
Distribution: hoary
Urgency: low
Maintainer: Henrique de Moraes Holschuh <hmh at debian.org>
Changed-By: Martin Pitt <martin.pitt at canonical.com>
Description:
cyrus21-admin - Cyrus mail system (administration tool)
cyrus21-clients - Cyrus mail system (test clients)
cyrus21-common - Cyrus mail system (common files)
cyrus21-dev - Cyrus mail system (developer files)
cyrus21-doc - Cyrus mail system (documentation files)
cyrus21-imapd - Cyrus mail system (IMAP support)
cyrus21-murder - Cyrus mail system (proxies and aggregator)
cyrus21-pop3d - Cyrus mail system (POP3 support)
libcyrus-imap-perl21 - Interface to Cyrus imap client imclient library
Changes:
cyrus21-imapd (2.1.16-10ubuntu1) hoary; urgency=low
.
* SECURITY UPDATE: fix several potential buffer overflows
* imap/imapd.c:
- cmd_fetch(), cmd_partial(): fixed insufficient checking of the command
string: the command "body[p"/"BODY[P" was recognized as
"body.peek"/"BODY.PEEK" which caused an incrementation of the command
buffer pointer beyond the allocated memory
- fixed two incarnations of "flag[nflags++] = xstrdup(...)"; the value of
nflags within functions called by xstrdup() is undefined and different
gcc versions handle this differently
* Note: this version is not vulnerable to CAN-2004-1011
* References:
CAN-2004-1012, CAN-2004-1013
http://security.e-matters.de/advisories/152004.html
Files:
87b1a7caae3a42efc498f00af0050928 1038 mail extra cyrus21-imapd_2.1.16-10ubuntu1.dsc
e728cbff752774eca4d7c65214851743 256616 mail extra cyrus21-imapd_2.1.16-10ubuntu1.diff.gz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFBo3ugDecnbV4Fd/IRApOXAJoDQuphQsu3avH5sJpx8LrUoSKk7wCeJFFh
xHsEENSlVR0A6k3s1TIHdY0=
=53ch
-----END PGP SIGNATURE-----
Accepted:
cyrus21-imapd_2.1.16-10ubuntu1.diff.gz
to pool/main/c/cyrus21-imapd/cyrus21-imapd_2.1.16-10ubuntu1.diff.gz
cyrus21-imapd_2.1.16-10ubuntu1.dsc
to pool/main/c/cyrus21-imapd/cyrus21-imapd_2.1.16-10ubuntu1.dsc
More information about the hoary-changes
mailing list