I noticed that this bug got closed, as it was linked to the cyrus-imapd-2.2 package as provided in sid (cyrus-imapd-2.4 source).
It should actually be reassigned to cyrus-imapd-2.2 source as in squeeze. And handled, obvioously. I currently don't have the time. And I'm too unfamiliar with git to be of much help, I fear. Regards, Sven On Fri, October 14, 2011 2:05 pm, Moritz Muehlenhoff wrote: > Package: cyrus-imapd-2.2 > Severity: grave > Tags: security > > Hi, > please see for details and a patch: > https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-3481 > http://bugzilla.cyrusimap.org/show_bug.cgi?id=2772 > http://bugzilla.cyrusimap.org/show_bug.cgi?id=3463 > > This is already fixed in Cyrus 2.4. BTW, you said that only Cyrus 2.2 will > be shipped with > Wheezy. Maybe Cyrus 2.2 should be removed from sid rather sooner than > later, then? > > Cheers, > Moritz > > -- System Information: > Debian Release: 5.0.1 > Architecture: amd64 (x86_64) > Shell: /bin/sh linked to /bin/bash > Kernel: Linux 2.6.32-ucs44-amd64 > Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) > > > > _______________________________________________ > Pkg-Cyrus-imapd-Debian-devel mailing list > [email protected] > http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-cyrus-imapd-debian-devel > _______________________________________________ Pkg-Cyrus-imapd-Debian-devel mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-cyrus-imapd-debian-devel
