[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#802331: jessie-pu: package cyrus-imapd-2.4/2.4.17+nocaldav-1

On Thu, Mar 24, 2016, at 20:51, Adam D. Barratt wrote:
> On Thu, 2016-03-24 at 10:16 +0100, Ondřej Surý wrote:
> > And the patches...
> 
> Thanks.
> 
> While I'm generally more comfortable (happier's not really the right
> word) with the changes, it looks like some of the changes aren't applied
> in unstable - particularly the disabling of TLS compression and the
> fixes for the CVEs; is that correct, or am I missing something?

Hmm, I though that 2.4.18 upstream version included both, which is true
for TLS-configuration.patch, CVE-2011-3208.patch and
CVE-2015-8076.patch, but it looks like CVE-2015-8077.patch and
CVE-2015-8078.patch:

Thanks for noticing that, I completely forgot about #804182, so I am
doing build right now and will upload in couple of minutes.

Cheers,
-- 
Ondřej Surý <ondrej@sury.org>
Knot DNS (https://www.knot-dns.cz/) – a high-performance DNS server
Reply to: