Cyrus 2.4.12 Released

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



We are pleased to announce the release of Cyrus IMAPd 2.4.12.

This is a security update to the 2.4.x series, containing
a fix to Secunia SA46093.  Stefan Cornelius from Secunia
Research discovered that anonymous users can appear to be
authenticated as any useri to nttpd - by just failing to
send any PASS command.

Despite the security issue forcing this release, it's
wonderful to see how many different authors are represented.
Not only the regular contributions from Bron, Greg and Ken,
but lots of bugs reported through bugzilla along with patches.

We strongly recommend that all users of the stable series upgrade
to 2.4.12, or at least apply the patch here:

http://git.cyrusimap.org/cyrus-imapd/patch/?id=77903669e04c9788460561dd0560b9c916519594

You can download via HTTP or FTP:

http://cyrusimap.org/releases/cyrus-imapd-2.4.12.tar.gz
ftp://ftp.cyrusimap.org/cyrus-imapd/cyrus-imapd-2.4.12.tar.gz

The list of reported bugs fixed can be found here:

http://cyrusimap.org/mediawiki/index.php/Bugs_Resolved_in_2.4.12

(or check the changelog for the ones that were actually FIXED in
 this release rather than closed as no-longer-present)

If you want extreme detail of all changes made, check git:

http://git.cyrusimap.org/cyrus-imapd/log/?id=cyrus-imapd-2.4.12

Regards,

Bron.
----
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/


[Index of Archives]     [Cyrus SASL]     [Squirrel Mail]     [Asterisk PBX]     [Video For Linux]     [Photo]     [Yosemite News]     [gtk]     [KDE]     [Gimp on Windows]     [Steve's Art]

  Powered by Linux