-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 This message is to announce the release of Cyrus IMSPd 1.6a4 and 1.7a on ftp.andrew.cmu.edu
These releases correct a recently discovered buffer overflow vulnerability, as well as clean up a significant amount of buffer handling throughout the code. I'd like to thank Cyrus Daboo for the time he spent cleaning up a great deal of the code, and Felix Lindner of n.runs for alerting us to the vulnerability. All sites are urged to upgrade as soon as possible. The distribution is available at: ftp://ftp.andrew.cmu.edu/pub/cyrus/cyrus-imspd-v1.6a4.tar.gz ftp://ftp.andrew.cmu.edu/pub/cyrus/cyrus-imspd-v1.7a.tar.gz and http://ftp.andrew.cmu.edu/pub/cyrus/cyrus-imspd-v1.6a4.tar.gz http://ftp.andrew.cmu.edu/pub/cyrus/cyrus-imspd-v1.7a.tar.gz - -Rob - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456 Research Systems Programmer * /usr/contributed Gatekeeper -----BEGIN PGP SIGNATURE----- Version: PGP 6.5.8 Comment: Made with pgp4pine 1.76 iQA/AwUBP9oWLmes8cJc4y/MEQLINgCeJKZ8lEI9I2eGI26/bwFS8TbTSpEAoL5N guQ7DY7iuHeEZo8rWWAH7HrO =fZrU -----END PGP SIGNATURE-----
