Advisories » MGASA-2019-0219

Updated cyrus-imapd packages fix security vulnerability

Publication date: 10 Aug 2019
Modification date: 09 Aug 2019
Type: security
Affected Mageia releases : 6 , 7
CVE: CVE-2019-11356

Description

Updated cyrus-imapd package fixes security vulnerability:

It was discovered that cyrus-imapd had a buffer overflow in CalDAV request
handling triggered by a long iCalendar property name (CVE-2019-11356).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=25134
• https://access.redhat.com/errata/RHSA-2019:1771
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11356

SRPMS

6/core

• cyrus-imapd-2.5.11-1.1.mga6

7/core

• cyrus-imapd-2.5.11-7.1.mga7