[Kolab-devel] patches for cyrus?
Richard Bos
ml at radoeka.nl
Fri Oct 9 22:37:06 CEST 2009
Op vrijdag 09 oktober 2009 11:38:27 schreef Thomas Arendsen Hein:
> * Richard Bos <ml at radoeka.nl> [20091008 17:49]:
> > Op donderdag 08 oktober 2009 12:37:19 schreef Thomas Arendsen Hein:
> > > * Richard Bos <ml at radoeka.nl> [20091007 20:36]:
> > > > I solved it by using this patch:
> > > > --- ./cyrus-imapd-2.3.14/ptclient/afskrb.c 2008-03-24
> > > > 19:34:22.000000000 +0100
> > > > +++ ./cyrus-imapd-2.3.14.new/ptclient/afskrb.c 2009-10-07
> > > > 20:00:07.000000000 +0200
> > > > @@ -546,6 +546,7 @@
> > > > int *dsize __attribute__((unused)))
> > > > {
> > > > fatal("PTS module (afskrb) not compiled in", EC_CONFIG);
> > > > + return 0;
> > > > }
> > > >
> > > > #endif /* HAVE_AFSKRB */
> > >
> > > Please report this bug to the OpenLDAP people, unless it is already
> > > fixed in a newer version.
> >
> > Do you really mean openLDAP or do you mean cyrus?
>
> Of course, my brain is just playing tricks on me due to a cold.
Don't worry, as long as it is a lively discussion mistakes like this are
correctly quickly :)
> > > And you should use 2.3.15 (or the patch from kolab_2_2_branch)
> > > anyway to close a security issue with sieve scripts.
> >
> > I'll upgrade to 2.3.15 as soon as possible. Do you have a url to the
> > patch from kolab_2_2_branch, or a pointer to the repository / directory
> > that contains the patch?
>
> http://kolab.org/cgi-bin/viewcvs-kolab.cgi/server/imapd/Attic/CVE-2009-2632
>.patch?only_with_tag=kolab_2_2_branch
Ah! I'm in the comfortable position of using openSUSE's native cyrus spec
file (that contains a switch to enable kolab). This native package is already
equipped with the patch that you refer to above :) Even without me knowing
it, the security patch was already there!
--
Richard
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kolab.org/pipermail/devel/attachments/20091009/f304f964/attachment.html>
More information about the devel
mailing list