このコンテンツは選択した言語では利用できません。
1.32. cyrus-imapd
1.32.1. RHSA-2009:1116: Important security update
Important
This update has already been released (prior to the GA of this release) as the security errata RHSA-2009:1116
This update has been rated as having important security impact by the Red Hat Security Response Team.
The cyrus-imapd packages contain a high-performance mail server with IMAP, POP3, NNTP, and SIEVE support.
It was discovered that the Cyrus SASL library (cyrus-sasl) does not always reliably terminate output from the sasl_encode64() function used by programs using this library. The Cyrus IMAP server (cyrus-imapd) relied on this function's output being properly terminated. Under certain conditions, improperly terminated output from sasl_encode64() could, potentially, cause cyrus-imapd to crash, disclose portions of its memory, or lead to SASL authentication failures. (CVE-2009-0688)
Users of cyrus-imapd are advised to upgrade to these updated packages, which resolve this issue. After installing the update, cyrus-imapd will be restarted automatically.
1.32.2. RHBA-2009:1120: bug fix update
Note
This update has already been released (prior to the GA of this release) as FASTRACK errata RHBA-2009:1120
The cyrus-imapd package contains a high-performance mail server with IMAP, POP3, NNTP and SIEVE support.
These updated cyrus-imapd packages provide fixes for the following bugs:
- attempting to connect to the update server failed and resulted in the following error messages being logged to /var/log/maillog:
connect(192.168.11.110) failed: Invalid argument couldn't connect to MUPDATE server [IP address]: no connection to server FATAL: error connecting with MUPDATE server
These updated packages correct this problem so that connecting to the update server now works as expected. (BZ#326511) - on systems with 64-bit architectures, cyrus-imapd experienced a segmentation fault when replication was enabled. (BZ#484377)
In addition, these updated cyrus-imapd packages provide the following enhancement:
- more detailed information has been added to the ctl_cyrusdb(8) man page, which explains how to perform operations common to Cyrus databases. (BZ#463230)
Users are advised to upgrade to these updated cyrus-imapd packages, which resolve these issues and add this enhancement.
