openSUSE Security Update : cyrus-imapd (openSUSE-2015-606)

This script is Copyright (C) 2015 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

This update provides version 2.4.18 of cyrus-imapd

- Security fix: handle urlfetch range starting outside
message range

- A bunch of cleanups and fixes to compiling

- A bunch of sieve cleanups

- Enhanced SSL/TLS configuration options

- Disable use of SSLv2/SSLv3

- Allow SQL backend for mboxlist and statuscache (thanks
Julien Coloos)

- Fixed T116: correct LIST response for domains starting
with 'inbox.'

- Fixed T76: fixed lmtpd userdeny db checks (thanks Leena
Heino)

- Fixed bug #3856: lmtpd now performs userdeny checks

- Fixed bug #3848: support charset aliases in encoded
headers

- Fixed bug #3853: disconnect_on_vanished_mailbox: release
mailbox lock before exiting (thanks Wolfgang Breyha)

- Fixed bug #3415: fixed nntpd LIST/GROUP bug

- Fixed bug #3784: no longer crash in THREAD REFERENCES
when messages reference themselves

- Fixed bug #3757: don't segfault on mailbox close with no
user

See also :

https://bugzilla.opensuse.org/show_bug.cgi?id=945844

Solution :

Update the affected cyrus-imapd packages.

Risk factor :

Medium

Family: SuSE Local Security Checks

Nessus Plugin ID: 86139 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now