openSUSE Security Update: Security update for cyrus-imapd ______________________________________________________________________________ Announcement ID: openSUSE-SU-2015:1622-1 Rating: moderate References: #945841 Affected Products: openSUSE 13.1 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: This recommended update provides version 2.3.19 of cyrus-imapd * Security fix: handle urlfetch range starting outside message range * Disable use of SSLv2/SSLv3 * Support for Berkeley DB 5.x (thanks Ondrej Sury) * Support for newer glibc versions (thanks Thomas Jarosch) * Fixed bug #3465: support for perl 5.14 (thanks hsk@imb-jena.de) * Fixed bug #3640: reject NULL bytes in headers on LMTP delivery (thanks Julien Coloos) Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 13.1: zypper in -t patch openSUSE-2015-605=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 13.1 (i586 x86_64): cyrus-imapd-2.3.19-34.3.1 cyrus-imapd-debuginfo-2.3.19-34.3.1 cyrus-imapd-debugsource-2.3.19-34.3.1 cyrus-imapd-devel-2.3.19-34.3.1 perl-Cyrus-IMAP-2.3.19-34.3.1 perl-Cyrus-IMAP-debuginfo-2.3.19-34.3.1 perl-Cyrus-SIEVE-managesieve-2.3.19-34.3.1 perl-Cyrus-SIEVE-managesieve-debuginfo-2.3.19-34.3.1 References: https://bugzilla.suse.com/945841