Bug#802331: jessie-pu: package cyrus-imapd-2.4/2.4.17+nocaldav-1
On Thu, Mar 24, 2016, at 21:23, Adam D. Barratt wrote:
> On Thu, 2016-03-24 at 21:14 +0100, Ondřej Surý wrote:
> > On Thu, Mar 24, 2016, at 20:51, Adam D. Barratt wrote:
> > > On Thu, 2016-03-24 at 10:16 +0100, Ondřej Surý wrote:
> > > > And the patches...
> > >
> > > Thanks.
> > >
> > > While I'm generally more comfortable (happier's not really the right
> > > word) with the changes, it looks like some of the changes aren't applied
> > > in unstable - particularly the disabling of TLS compression and the
> > > fixes for the CVEs; is that correct, or am I missing something?
> >
> > Hmm, I though that 2.4.18 upstream version included both, which is true
> > for TLS-configuration.patch, CVE-2011-3208.patch and
> > CVE-2015-8076.patch, but it looks like CVE-2015-8077.patch and
> > CVE-2015-8078.patch:
>
> In terms of the TLS changes, the 2.4.18 currently in unstable appears to
> include the compression disabling in imtest/imtest.c but not the changes
> in imap/tls.c afaict.
$ patch -p1 --dry-run -i /tmp/TLS-configuration.patch
checking file imap/tls.c
Reversed (or previously applied) patch detected! Assume -R? [n]
Apply anyway? [n]
Skipping patch.
6 out of 6 hunks ignored
checking file lib/imapoptions
Reversed (or previously applied) patch detected! Assume -R? [n]
Apply anyway? [n]
Skipping patch.
2 out of 2 hunks ignored
Or do you have anything else on mind and I just can't see it?
Cheers,
--
Ondřej Surý <ondrej@sury.org>
Knot DNS (https://www.knot-dns.cz/) – a high-performance DNS server
Reply to: