Bug#645327: CVE-2011-3481: Denial of service
Sven Mueller
sven at incase.de
Mon Oct 17 10:21:42 UTC 2011
I noticed that this bug got closed, as it was linked to the
cyrus-imapd-2.2 package as provided in sid (cyrus-imapd-2.4 source).
It should actually be reassigned to cyrus-imapd-2.2 source as in squeeze.
And handled, obvioously. I currently don't have the time. And I'm too
unfamiliar with git to be of much help, I fear.
Regards,
Sven
On Fri, October 14, 2011 2:05 pm, Moritz Muehlenhoff wrote:
> Package: cyrus-imapd-2.2
> Severity: grave
> Tags: security
>
> Hi,
> please see for details and a patch:
> https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-3481
> http://bugzilla.cyrusimap.org/show_bug.cgi?id=2772
> http://bugzilla.cyrusimap.org/show_bug.cgi?id=3463
>
> This is already fixed in Cyrus 2.4. BTW, you said that only Cyrus 2.2 will
> be shipped with
> Wheezy. Maybe Cyrus 2.2 should be removed from sid rather sooner than
> later, then?
>
> Cheers,
> Moritz
>
> -- System Information:
> Debian Release: 5.0.1
> Architecture: amd64 (x86_64)
> Shell: /bin/sh linked to /bin/bash
> Kernel: Linux 2.6.32-ucs44-amd64
> Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
>
>
>
> _______________________________________________
> Pkg-Cyrus-imapd-Debian-devel mailing list
> Pkg-Cyrus-imapd-Debian-devel at lists.alioth.debian.org
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-cyrus-imapd-debian-devel
>
More information about the Pkg-Cyrus-imapd-Debian-devel
mailing list