Bug#547947: closed by Henrique de Moraes Holschuh <hmh at debian.org> (Bug#547947: fixed in cyrus-imapd-2.2 2.2.13-17)
Giuseppe Iuculano
giuseppe at iuculano.it
Wed Sep 23 10:35:55 UTC 2009
Hi,
Debian Bug Tracking System ha scritto:
> This is an automatic notification regarding your Bug report
> which was filed against the cyrus-imapd-2.2 package:
>
> #547947: CVE-2009-3235: CMU sieve buffer overflows
>
> It has been closed by Henrique de Moraes Holschuh <hmh at debian.org>.
Upstream patch is incomplete, in sieve/bc_eval.c after increasing scount it is
better to use snprintf to avoid buffer overruns. Attached is the debdiff I used
for stable-security
Cheers,
Giuseppe.
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: cyrus-imapd-2.2_2.2.13-14+lenny3.debdiff
URL: <http://lists.alioth.debian.org/pipermail/pkg-cyrus-imapd-debian-devel/attachments/20090923/4a98e454/attachment-0001.txt>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-cyrus-imapd-debian-devel/attachments/20090923/4a98e454/attachment-0001.pgp>
More information about the Pkg-Cyrus-imapd-Debian-devel
mailing list