Mailinglist Archive: opensuse-security (232 mails)

< Previous Next >
Re: [suse-security-announce] SUSE Security Summary Report SUSE-SR:2005:023
  • From: Frank Steiner <fsteiner-mail1@xxxxxxxxxxxxxx>
  • Date: Mon, 17 Oct 2005 10:25:21 +0200
  • Message-id: <43535FF1.1040008@xxxxxxxxxxxxxx>
Marcus Meissner wrote

- imap-lib crashes in client library

The client part of the University of Washington IMAP implementation
is prone to a buffer overflow while parsing mailbox names. This
bug can probably be exploited by a remote attacker to execute
arbitrary code with the privileges of the user running the affected
mail client. (CAN-2005-2933). The 'imapd' that is included in the
"imap" package itself is not affected by this problem.

This problem affects all SUSE Linux based products.

Trying to update imap-lib-2002d-61.i586.rpm for SuSE 9.0 tells me

Needs Dependency:

I don't find any reference to "" in ARCHIVES.gz for SuSE 9.0.
Am I missing sth?


Dipl.-Inform. Frank Steiner Web:
Lehrstuhl f. Bioinformatik Mail:
LMU, Amalienstr. 17 Phone: +49 89 2180-4049
80333 Muenchen, Germany Fax: +49 89 2180-99-4049
* Rekursion kann man erst verstehen, wenn man Rekursion verstanden hat. *

< Previous Next >