-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 uw-imap (whose maintainer, AFAICS, has yet to respond to reply to Corinna's message) is vulnerable to remote overflow of a buffer in the IMAP server leading to execution of arbitrary code.
The only solution is to upgrade to 2004g (current Cygwin release is 2002e!). http://www.washington.edu/imap/ http://www.gentoo.org/security/en/glsa/glsa-200510-10.xml http://bugs.gentoo.org/show_bug.cgi?id=108206 http://www.idefense.com/application/poi/display?id=313&type=vulnerabilities Yaakov -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (Cygwin) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDS+UDpiWmPGlmQSMRAk/IAKCFn7jmnna71J0tuRkijPWh/8XSAwCeIg5g B0LWX4bMcNQ4ABXAWZQQkng= =zDZ4 -----END PGP SIGNATURE-----