--------------------------------------------------------------------- Fedora Legacy Test Update Notification FEDORALEGACY-2006-170411 Bugzilla https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=170411 2006-03-15 --------------------------------------------------------------------- Name : imap Versions : rh7.3: imap-2001a-10.3.legacy Versions : rh9: imap-2001a-18.2.legacy Versions : fc1: imap-2002d-3.2.legacy Summary : Server daemons for IMAP and POP network mail protocols. Description : The imap package provides server daemons for both the IMAP (Internet Message Access Protocol) and POP (Post Office Protocol) mail access protocols. The POP protocol uses a "post office" machine to collect mail for users and allows users to download their mail to their local machine for reading. The IMAP protocol allows a user to read mail on a remote machine without downloading it to their local machine. --------------------------------------------------------------------- Update Information: An updated imap package that fixes a buffer overflow issue is now available. The imap package provides server daemons for both the IMAP (Internet Message Access Protocol) and POP (Post Office Protocol) mail access protocols. A buffer overflow flaw was discovered in the way the c-client library parses user supplied mailboxes. If an authenticated user requests a specially crafted mailbox name, it may be possible to execute arbitrary code on a server that uses the library. The Common Vulnerabilities and Exposures project has assigned the name CVE-2005-2933 to this issue. All users of imap should upgrade to these updated packages, which contain a backported patch and are not vulnerable to this issue. --------------------------------------------------------------------- Changelogs rh73: * Mon Mar 06 2006 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 2001a-10.3.legacy - Replaced CVE-2005-2933 patch with the one from RHEL21 for consistency's sake * Wed Oct 12 2005 Ville Herva <vherva@xxxxxxxxxx> 2001a-10.2.legacy - Added security patch for CAN-2005-2933 rh9: * Mon Mar 06 2006 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 2001a-18.2.legacy - Added security patch for CVE-2005-2933 fc1: * Mon Mar 06 2006 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 1:2002d-3.2.legacy - Added patch for CVE-2005-2933 --------------------------------------------------------------------- This update can be downloaded from: http://download.fedoralegacy.org/ (sha1sums) rh7.3: a516bdac39c9b3946a51e2aa1b2c525418405097 redhat/7.3/updates-testing/i386/imap-2001a-10.3.legacy.i386.rpm 7492a4f5a96f61a50bc1d486004a991407fb8a93 redhat/7.3/updates-testing/i386/imap-devel-2001a-10.3.legacy.i386.rpm eb6df42d990be3bbf408b9c9cfe759d4ac31d82f redhat/7.3/updates-testing/SRPMS/imap-2001a-10.3.legacy.src.rpm rh9: dd3d1a3bac748d1db5643a76a86c02568abec7d2 redhat/9/updates-testing/i386/imap-2001a-18.2.legacy.i386.rpm d7986d8efea12260ebb0613bb6cd486d72ef4ac1 redhat/9/updates-testing/i386/imap-devel-2001a-18.2.legacy.i386.rpm aef5ef7d054ff02b594bcb2ba564bfbb4778f00b redhat/9/updates-testing/SRPMS/imap-2001a-18.2.legacy.src.rpm fc1: 369fb568801a2d2865a55b2ceabab87e496d8705 fedora/1/updates-testing/i386/imap-2002d-3.2.legacy.i386.rpm 967a77fbc8a4d2dcc3fdfac8b715d7a84537c0c0 fedora/1/updates-testing/i386/imap-devel-2002d-3.2.legacy.i386.rpm 43b5221927cbeb9c2f3387f6a4b8f46f66d4d77d fedora/1/updates-testing/SRPMS/imap-2002d-3.2.legacy.src.rpm --------------------------------------------------------------------- Please test and comment in bugzilla.
Attachment:
signature.asc
Description: OpenPGP digital signature
-- fedora-legacy-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-legacy-list