ALT-PU-2021-1979-1
Package cyrus-imapd updated to version 3.2.7-alt1 for branch p9 in task 274230.
Closed vulnerabilities
Published: 2021-05-05
BDU:2021-04683
Уязвимость аннотации сервера почтового сервера Cyrus IMAP, связанная с неправильным присвоением разрешений для критичного ресурса, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.3)
Vector: AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
References:
Published: 2021-05-10
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2021-32056
Cyrus IMAP before 3.2.7, and 3.3.x and 3.4.x before 3.4.1, allows remote authenticated users to bypass intended access restrictions on server annotations and consequently cause replication to stall.
Severity: MEDIUM (4.3)
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
References:
- https://cyrus.topicbox.com/groups/announce/T056901c106ecfce3/cyrus-imap-3-4-1-released
- https://cyrus.topicbox.com/groups/announce/T056901c106ecfce3/cyrus-imap-3-4-1-released
- https://cyrus.topicbox.com/groups/announce/T126392718bc29d6b/cyrus-imap-3-2-7-released
- https://cyrus.topicbox.com/groups/announce/T126392718bc29d6b/cyrus-imap-3-2-7-released
- FEDORA-2022-d45bcc5447
- FEDORA-2022-d45bcc5447
- FEDORA-2022-c30b1a8aa3
- FEDORA-2022-c30b1a8aa3
- https://www.cyrusimap.org/imap/download/release-notes/3.2/x/3.2.7.html
- https://www.cyrusimap.org/imap/download/release-notes/3.2/x/3.2.7.html
- https://www.cyrusimap.org/imap/download/release-notes/3.4/x/3.4.1.html
- https://www.cyrusimap.org/imap/download/release-notes/3.4/x/3.4.1.html