drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Pufferüberläufe in Cyrus IMAP Server
Name: |
Pufferüberläufe in Cyrus IMAP Server |
|
ID: |
FEDORA-2015-8d4b507cb0 |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 22 |
|
Datum: |
Di, 17. November 2015, 22:48 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8076 |
|
Applikationen: |
Cyrus IMAP Server |
|
Originalnachricht |
Name : cyrus-imapd Product : Fedora 22 Version : 2.4.18 Release : 1.fc22 URL : http://www.cyrusimap.org/ Summary : A high-performance mail server with IMAP, POP3, NNTP and SIEVE support Description : The cyrus-imapd package contains the core of the Cyrus IMAP server. It is a scaleable enterprise mail system designed for use from small to large enterprise environments using standards-based internet mail technologies.
A full Cyrus IMAP implementation allows a seamless mail and bulletin board environment to be set up across multiple servers. It differs from other IMAP server implementations in that it is run on "sealed" servers, where users are not normally permitted to log in and have no system account on the server. The mailbox database is stored in parts of the file system that are private to the Cyrus IMAP server. All user access to mail is through software using the IMAP, POP3 or KPOP protocols. It also includes support for virtual domains, NNTP, mailbox annotations, and much more. The private mailbox database design gives the server large advantages in efficiency, scalability and administratability. Multiple concurrent read/write connections to the same mailbox are permitted. The server supports access control lists on mailboxes and storage quotas on mailbox hierarchies.
The Cyrus IMAP server supports the IMAP4rev1 protocol described in RFC 3501. IMAP4rev1 has been approved as a proposed standard. It supports any authentication mechanism available from the SASL library, imaps/pop3s/nntps (IMAP/POP3/NNTP encrypted using SSL and TLSv1) can be used for security. The server supports single instance store where possible when an email message is addressed to multiple recipients, SIEVE provides server side email filtering.
------------------------------------------------------------------------------- - Update Information:
Update to 2.4.18, rhbz#1267871 and rhbz#1267878 ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #1267869 - CVE-2015-8076 cyrus-imapd: Out of bounds heap read in index_urlfetch https://bugzilla.redhat.com/show_bug.cgi?id=1267869 [ 2 ] Bug #1267875 - cyrus-imapd: Multiple potential buffer overflows https://bugzilla.redhat.com/show_bug.cgi?id=1267875 ------------------------------------------------------------------------------- -
This update can be installed with the "yum" update program. Use su -c 'yum update cyrus-imapd' at the command line. For more information, refer to "Managing Software with yum", available at https://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|