[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Cyrus21/ Vulnerability

Hello All!
At least some of you have heared about the cyrus security advisory: http://www.debian.org/security/2004/dsa-597 

There is written:
Stable-Distribution (Woody): Version 1.5.19-9.2 solved.
Unstable-Distribution (Sid): Version 2.1.17-1 solved.

Sarge? I looked to the changelog after aptin': Nope. Nothing.

Even if you apt the sarge sec updates:
deb http://security.debian.org/ testing/updates main contrib non-free

My solution:
1.) #cat /etc/apt/sources.list

deb ftp://ftp.de.debian.org/debian/ testing main non-free contrib
deb-src ftp://ftp.de.debian.org/debian/ testing main non-free contrib

deb ftp://ftp.de.debian.org/debian/ sid main non-free contrib
deb-src ftp://ftp.de.debian.org/debian/ sid main non-free contrib

2.) cat /etc/apt/apt.conf.d/default-release
APT::Default-Release "testing";
3.) apt-get install cyrus21-imapd/unstable cyrus21-common/unstable cyrus21-admin/unstable cyrus21-clients/unstable cyrus21-doc/unstable cyrus21-murder/unstable cyrus21-pop3d/unstable libcyrus-imap-perl21/unstable perl/unstable perl-base/unstable perl-modules/unstable libperl5.8/unstable
Ummm. I had to update perl to the sarge version. Not nice because perl is freezd in sarge, or? 

Any better ideas to solve the problem?

rgds,
j.

--
Andreas John
net-lab GmbH
Luisenstrasse 30b
63067 Offenbach
Tel: +49 69 85700331

http://www.net-lab.net
Reply to: