[Bug 550258] [NEW] Sync cyrus-imapd-2.2 2.2.13-19 (universe) from Debian testing (main)

Michael Bienia michael at bienia.de
Sun Mar 28 14:51:48 BST 2010


Public bug reported:

Please sync cyrus-imapd-2.2 2.2.13-19 (universe) from Debian testing
(main)

Explanation of the Ubuntu delta and why it can be dropped:
The Debian package builds with db4.7 so the patch to build with db4.6 isn't
needed anymore.

Changelog entries since current lucid version 2.2.13-16ubuntu1:

cyrus-imapd-2.2 (2.2.13-19) unstable; urgency=low

  * Switch to BerkeleyDB 4.7, the version OpenLDAP uses.
  * Add patch by Cristian Rigamonti to fix logcheck rules for "defaultbc
    doesn't exist" error message. (Closes: #511030)
  * Update Vietnamese debconf translation, thanks Clytie Siddall.
    (Closes: #548052)
  * Upload to unstable for the libkrb transition.

 -- Christoph Berg <myon at debian.org>  Sat, 23 Jan 2010 23:35:21 +0100

cyrus-imapd-2.2 (2.2.13-18) experimental; urgency=low

  [ Henrique de Moraes Holschuh ]
  * sieve/bc_eval.c (0025-upstream-fix-cve-2009-3235.dpatch):
    update for completeness to match the patch used by the security-team:
    use snprintf for scount, to future-proof against "int" larger than
    64 bits.

  [ Christoph Berg ]
  * Add myself to Uploaders.
  * Upgrade to use BerkeleyDB 4.8. (Closes: #421942)
  * Convert to use quilt, and update the patch headers to use clean paths.
    (Closes: #563303)
  * Add patch by Mathieu Parent to fix conflicting getline definition.
    (Closes: #552865)

 -- Christoph Berg <myon at debian.org>  Fri, 22 Jan 2010 22:16:02 +0100

cyrus-imapd-2.2 (2.2.13-17) unstable; urgency=high

  * Security Update: CVE-2009-3235:
    Multiple stack-based buffer overflows in the Sieve parsing code,
    patches taken from upstream CVS (closes: #547947)

 -- Henrique de Moraes Holschuh <hmh at debian.org>  Tue, 22 Sep 2009
17:17:17 -0300

** Affects: cyrus-imapd-2.2 (Ubuntu)
     Importance: Wishlist
         Status: Confirmed

** Changed in: cyrus-imapd-2.2 (Ubuntu)
   Importance: Undecided => Wishlist

** Changed in: cyrus-imapd-2.2 (Ubuntu)
       Status: New => Confirmed

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2009-3235

-- 
Sync cyrus-imapd-2.2 2.2.13-19 (universe) from Debian testing (main)
https://bugs.launchpad.net/bugs/550258
You received this bug notification because you are a member of Ubuntu
Package Archive Administrators, which is a direct subscriber.



More information about the ubuntu-archive mailing list