Bug 140617

Summary: cyrus-imapd needs security update
Product: [Fedora] Fedora Reporter: Troels Arvin <troels>
Component: cyrus-imapdAssignee: John Dennis <jdennis>
Status: CLOSED DUPLICATE QA Contact: Brian Brock <bbrock>
Severity: medium Docs Contact:
Priority: medium    
Version: 3Keywords: Security
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2006-02-21 19:07:15 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Troels Arvin 2004-11-23 20:53:45 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.5)
Gecko/20041111 Firefox/1.0

Description of problem:
According to two recent postings on the Cyrus Imapd announcement
mailing list, there are security-related bug-fixes in the latest (two)
releases of Cyrus IMAPd:
http://article.gmane.org/gmane.mail.imap.cyrus.announce/44
http://article.gmane.org/gmane.mail.imap.cyrus.announce/42


Version-Release number of selected component (if applicable):
2.2.6-2

How reproducible:
Always

Steps to Reproduce:
See above mentioned links to mailing list announcements.

Additional info:
Comment 1 Troels Arvin 2004-11-23 21:00:58 UTC 
By the way: If you agree that a cyrus-imapd update is relevant, then
it would be nice to take care of bug #138569 as well.
Comment 2 John Dennis 2004-11-23 22:41:47 UTC 
Thanks for the report.

Closing as a duplicate of bug #139382. You may not be able to see this
bug since its a security bug, I'm not sure, FWIW we've been on top of
this since the CVE's were opened.

Bug #138569 was closed because it appeared to be a glitch in the build
system that couldn't be reproduced. When the new rpms's are build for
the security updates I'll verify the missing link problem didn't
magically reappear. 

Updates should appear in the next couple of days. FWIW, the day after
tomorrow begins a 4 day holiday weekend here in the states so if you
don't see the update pushed immediately that may be why.

*** This bug has been marked as a duplicate of 139382 ***
Comment 3 Red Hat Bugzilla 2006-02-21 19:07:15 UTC 
Changed to 'CLOSED' state since 'RESOLVED' has been deprecated.