> On 9/1/21 7:20 AM, ellie timoney wrote: > >> This CVE affects all previous releases of Cyrus IMAP. Corresponding >> fixes have been applied to the cyrus-imapd-2.4 and cyrus-imapd-2.5 >> branches. If you are still running 2.4 or 2.5 you should consider >> applying these patches. > > Hello. > > I'd like a clarification on the status of 2.5 support. > Was a release not made because this CVE is not considered that dangerous? > Or will there be no more such releases (even for serious security > fixes), as 2.5 support is coming to an end? > Hi, For our 2.4 RPMs I've taken the patches from here: https://github.com/cyrusimap/cyrus-imapd/commits/cyrus-imapd-2.4 I guess for 2.5 you could do the same. Regards, Simon ------------------------------------------ Cyrus: Info Permalink: https://cyrus.topicbox.com/groups/info/T3dde0a2352462975-Md296b07815bc279ef1952c5a Delivery options: https://cyrus.topicbox.com/groups/info/subscription
