Bug#547947: CVE-2009-3235: CMU sieve buffer overflows
Henrique de Moraes Holschuh
hmh at debian.org
Tue Sep 22 20:26:14 UTC 2009
On Tue, 22 Sep 2009, Henrique de Moraes Holschuh wrote:
> Full patch for cve-2009-3235 for cyrus-imap-2.2. One hunk of bc_eval.c
> doesn't apply to the older version (no BC_BODY handling).
>
> I will commit it to the trunk in a few minutes.
SVN trunk ready for release. Unfortunately, I don't have a clean system at
hand to do the build and upload (nor am I used to svn-buildpackage, so it
would take a while to do it anyway).
Can someone else please tag, build and upload?
Also, we need the same fix to be applied to stable and old-stable...
--
"One disk to rule them all, One disk to find them. One disk to bring
them all and in the darkness grind them. In the Land of Redmond
where the shadows lie." -- The Silicon Valley Tarot
Henrique Holschuh
More information about the Pkg-Cyrus-imapd-Debian-devel
mailing list