Stefan Esser discovered several security related problems in the Cyrus IMAP daemon. Due to a bug in the command parser it is possible to access memory beyond the allocated buffer in two places which could lead to the execution of arbitrary code. For the stable distribution (woody) these problems have been fixed in version 1.5.19-9.2 For the unstable distribution (sid) these problems have been fixed in version 2.1.17-1. We recommend that you upgrade your cyrus-imapd package immediately.
Stefan Esser discovered several security related problems in the Cyrus IMAP daemon. Due to a bug in the command parser it is possible to access memory beyond the allocated buffer in two places which could lead to the execution of arbitrary code.
For the stable distribution (woody) these problems have been fixed in version 1.5.19-9.2
For the unstable distribution (sid) these problems have been fixed in version 2.1.17-1.
We recommend that you upgrade your cyrus-imapd package immediately.
MD5 checksums of the listed files are available in the original advisory.