--------------------------------------------------------------------- Fedora Update Notification FEDORA-2004-489 2004-12-01 --------------------------------------------------------------------- Product : Fedora Core 2 Name : cyrus-imapd Version : 2.2.10 Release : 1.fc2 Summary : A high-performance mail server with IMAP, POP3, NNTP and SIEVE support. Description : The cyrus-imapd package contains the core of the Cyrus IMAP server. It is a scaleable enterprise mail system designed for use from small to large enterprise environments using standards-based internet mail technologies. A full Cyrus IMAP implementation allows a seamless mail and bulletin board environment to be set up across multiple servers. It differs from other IMAP server implementations in that it is run on "sealed" servers, where users are not normally permitted to log in. The mailbox database is stored in parts of the filesystem that are private to the Cyrus IMAP server. All user access to mail is through software using the IMAP, POP3, or KPOP protocols. TLSv1 and SSL are supported for security. --------------------------------------------------------------------- Update Information: Fix several buffer overflow problems that could be used as an exploit. Fixes the following security advisories: CAN-2004-1011 CAN-2004-1012 CAN-2004-1013 CAN-2004-1015 --------------------------------------------------------------------- * Tue Nov 30 2004 John Dennis <jdennis@xxxxxxxxxx> 2.2.10-1.fc2 - update to Simon Matter's 2.2.10 RPM, fixes bug #139382, security advisories: CAN-2004-1011 CAN-2004-1012 CAN-2004-1013 CAN-2004-1015 * Wed Nov 24 2004 Simon Matter <simon.matter@xxxxxxxxx> - updated to 2.2.10 * Tue Nov 23 2004 Simon Matter <simon.matter@xxxxxxxxx> - updated to 2.2.9 * Fri Nov 19 2004 Simon Matter <simon.matter@xxxxxxxxx> - changed scripts to use runuser instead of su if available * Thu Nov 18 2004 Simon Matter <simon.matter@xxxxxxxxx> - changed requirement for file >= 3.35-1 from BuildPrereq to Requires, fixes RedHat's bug #124991 - added acceptinvalidfrom patch to fix RedHat's bug #137705 * Mon Oct 04 2004 Dan Walsh <dwalsh@xxxxxxxxxx> 2.2.6-2.FC3.6 - Change cyrus init scripts and cron job to use runuser instead of su * Fri Aug 06 2004 John Dennis <jdennis@xxxxxxxxxx> 2.2.6-2.FC3.5 - remove obsoletes tag, fixes bugs #127448, #129274 * Wed Aug 04 2004 John Dennis <jdennis@xxxxxxxxxx> - replace commas in release field with dots, bump build number * Tue Aug 03 2004 Simon Matter <simon.matter@xxxxxxxxx> - fixed symlinks for x86_64, now uses the _libdir macro reported by John Dennis, fixes RedHat's bug #128964 - removed obsoletes tag, fixes RedHat's bugs #127448, #129274 * Mon Aug 02 2004 John Dennis <jdennis@xxxxxxxxxx> 2.2.6-2,FC3,3 - fix bug #128964, lib symlinks wrong on x86_64 * Thu Jul 29 2004 Simon Matter <simon.matter@xxxxxxxxx> - updated to 2.2.8 * Thu Jul 29 2004 Simon Matter <simon.matter@xxxxxxxxx> - updated autocreate and autosieve patches - made authorization a compile time option - added sieve-bc_eval patch * Tue Jul 27 2004 Simon Matter <simon.matter@xxxxxxxxx> - updated to 2.2.7 - modified autocreate patch or 2.2.7 - removed snmpargs patch which was needed for RedHat 6.2 * Tue Jul 13 2004 Simon Matter <simon.matter@xxxxxxxxx> - added mboxlist / mboxname patches from CVS * Tue Jul 06 2004 Simon Matter <simon.matter@xxxxxxxxx> - updated rmquota+deletemailbox patch * Sat Jul 03 2004 John Dennis <jdennis@xxxxxxxxxx> - 2.2.6-2,FC3,1 - bring up to date with Simon Matter's latest upstream rpm 2.2.6-2 - comment out illegal tags Packager, Vendor, Distribution build for FC3 * Wed Jun 30 2004 Simon Matter <simon.matter@xxxxxxxxx> - added quota patches from CVS * Fri Jun 25 2004 Simon Matter <simon.matter@xxxxxxxxx> - updated autocreate patch * Fri Jun 18 2004 Simon Matter <simon.matter@xxxxxxxxx> - updated to 2.2.6 * Fri Jun 11 2004 Simon Matter <simon.matter@xxxxxxxxx> - updated autocreate and autosieve patches * Tue Jun 01 2004 Simon Matter <simon.matter@xxxxxxxxx> - updated autocreate, autosieve and rmquota patches - fixed rmquota patch to build on gcc v3.3.x - added lmtp_sieve patch * Sat May 29 2004 Simon Matter <simon.matter@xxxxxxxxx> - updated to 2.2.5 * Fri May 28 2004 Simon Matter <simon.matter@xxxxxxxxx> - updated to 2.2.5 pre-release * Mon May 24 2004 Simon Matter <simon.matter@xxxxxxxxx> - added hash patch to fix a sig11 problem - added noncritical typo patch * Fri May 21 2004 Simon Matter <simon.matter@xxxxxxxxx> - include OutlookExpress seenstate patch - fixed allnumeric patch * Thu May 20 2004 Simon Matter <simon.matter@xxxxxxxxx> - don't enable cyrus-imapd per default - rename fetchnews to cyrfetchnews to avoid namespace conflicts with leafnode - replace fetchnews with cyrfetchnews in man pages - replace master with cyrus-master in man pages * Tue May 18 2004 Simon Matter <simon.matter@xxxxxxxxx> - updated to 2.2.4 --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ 282783d2fff47052ce9af7943439b831 SRPMS/cyrus-imapd-2.2.10-1.fc2.src.rpm 084cd190d2e698d59a9ed03f45151f42 x86_64/cyrus-imapd-2.2.10-1.fc2.x86_64.rpm e7a68608d3c73f9f013b28702566c2c9 x86_64/cyrus-imapd-murder-2.2.10-1.fc2.x86_64.rpm 7c0d7fe1769923f59f06414145b87fa0 x86_64/cyrus-imapd-nntp-2.2.10-1.fc2.x86_64.rpm 50fcbdfe08e215597afa16a3ca04f83a x86_64/cyrus-imapd-devel-2.2.10-1.fc2.x86_64.rpm bbe82aeb7ada7220ce0b162b433e6c03 x86_64/perl-Cyrus-2.2.10-1.fc2.x86_64.rpm 2ebeb131a6eb52ccdb0706700f7e4d60 x86_64/cyrus-imapd-utils-2.2.10-1.fc2.x86_64.rpm f0790e11402477fdc507a11ddc8a75d8 i386/cyrus-imapd-2.2.10-1.fc2.i386.rpm d75e163a9659ed0a352c1e9753bbf93f i386/cyrus-imapd-murder-2.2.10-1.fc2.i386.rpm 43fc9f5476305e8a9b4b86f66236eba8 i386/cyrus-imapd-nntp-2.2.10-1.fc2.i386.rpm d8c5813b05ab337aa419af14a9d5e470 i386/cyrus-imapd-devel-2.2.10-1.fc2.i386.rpm 1c638111d73229546980b9419fddda18 i386/perl-Cyrus-2.2.10-1.fc2.i386.rpm c686870df1f217d40b0f288b78a07bd3 i386/cyrus-imapd-utils-2.2.10-1.fc2.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- -- John Dennis <jdennis@xxxxxxxxxx>
