Bug#930107: unblock: cyrus-imapd/3.0.8-6
Le 07/06/2019 à 07:08, Xavier Guimard a écrit :
> Package: release.debian.org
> Severity: normal
> User: release.debian.org@packages.debian.org
> Usertags: unblock
>
> Please unblock package cyrus-imapd
>
> Hi all,
>
> Cyrus-Imapd is vulnerable to remote arbitrary code execution via CalDAV
> (CVE-2019-11356, tagged high). Fix is very trivial.
>
> The proposed debdiff includes also a missing dependency that closes
> #872238.
>
> Cheers,
> Xavier
Complement: I patched Cyrus-Imapd quickly since patch was easy to
backport, that's why Security Team didn't open a RC bug on this CVE.
However, this update should be considered as a RC-related unblock.
Cheers,
Xavier
Reply to: