It looks like this is legacy SASLv1 code which wasn't ported. Try this
patch:
http://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/cyrus/imap/pop3d.c.diff?r1=1.129&r2=1.130
steve wright wrote:
>
> Hello,
>
> I've got a few linux systems running cyrus imap 2.1.11 source compiles & a
> few run
--On Friday, December 06, 2002 1:09 PM +1100 Rob Mueller <[EMAIL PROTECTED]>
wrote:
This is probably more a berkeley DB question, but I'm wondering if anyone
else has seen this. Every now and then we see this in our imap log.
Dec 5 20:39:47 server2 lmtpd[24962]: DBERROR db3: Unable to allocate
Christian Schulte wrote:
>
> Ken Murchison wrote:
>
> >Christian Schulte wrote:
> >
> >
> >>Ken Murchison wrote:
> >>
> >>
> >>
> >>>Christian Schulte wrote:
> >>>
> >>>
> >>>
> >>>
> Ken Murchison wrote:
>
>
>
>
>
> >Christian Schulte wrote:
> >
> >
> >
This is probably more a berkeley DB question, but I'm wondering if anyone
else has seen this. Every now and then we see this in our imap log.
Dec 5 20:39:47 server2 lmtpd[24962]: DBERROR db3: Unable to allocate 4151
bytes from mpool shared region: Cannot allocate memory
Dec 5 20:39:47 server2 lm
Carson Gaspar wrote:
>
> --On Thursday, December 05, 2002 10:22 PM +0300 Oleg Derevenetz
> <[EMAIL PROTECTED]> wrote:
>
> > When some pop3d dies with signal (i.e. SIGTERM), all incoming connections
> > to corresponding address:port are hangs. For example, if I have pop3d
>
> I can confirm that
Rob Siemborski <[EMAIL PROTECTED]> writes:
> On Tue, 3 Dec 2002, Nels Lindquist wrote:
>
>> On 3 Dec 2002 at 9:57, Steve Wright wrote:
>>
>> > The message below is forwarded from bugtraq.
>> > I've not seen any discussion of this, is an official fix available ?
>> > The "semi-exploit" shown does i
Hello,
I've got a few linux systems running cyrus imap 2.1.11 source compiles & a
few running Henrique de Moraes Holschuh's debian sid packages. I'm use
sasldb2 (cyrus sasl 2.1.9) for authentication.
I notice when my users supply the wrong password to imapd, messages are
written to syslog lik
Ken Murchison wrote:
Christian Schulte wrote:
Ken Murchison wrote:
Christian Schulte wrote:
Ken Murchison wrote:
Christian Schulte wrote:
Hi,
I am running 2_2 cvs branch with virtual domain support turned on and
everything seemd to work fine. I now wa
Hi,
> What is local_transport set to in your main.cf?
>
Local transport is not set, I thought mailbox_transport should do:
mailbox_transport = lmtp:unix:public/lmtp
Christoph Burger-Scheidlin
Yes, but since it's unreleased we don't really bother announcing that.
The patch has obviously been moved forward to the 2.2 branch as well.
-Rob
On Thu, 5 Dec 2002, Kervin Pierre wrote:
> Is 2.2 CVS builds affected by this exploit?
>
> Rob Siemborski wrote:
> > -BEGIN PGP SIGNED MESSAGE---
Christoph Burger-Scheidlin wrote:
Hi,
I have the following error in Cyrus-Postfix, that I do not know how to
fix:
Dec 5 23:03:25 Hades postfix/lmtp[16388]: 04316100F:
to=, relay=public/lmtp[public/lmtp],
delay=21490, status=deferred (host public/lmtp[public/lmtp] said: 451
4.3.0 System I/O err
Hi,
I noticed that deliver does not deliver mails if run from the shell. Is
this normal? If not, what might I try to fix that?
I am running SuSE 8.0, Postfix and Cyrus.
Thanks in Advance,
Christoph Burger-Scheidlin
### cyrus.conf
# standard standalone server implementation
START {
# do not
Is 2.2 CVS builds affected by this exploit?
Rob Siemborski wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
This is to announce the release of Cyrus IMAPd 2.0.17 and 2.1.11 on
ftp.andrew.cmu.edu.
These releases correct the pre-login buffer overflow vulnerabilities
recently mentioned on bugt
--On Thursday, December 05, 2002 4:58 PM -0500 Rob Siemborski
<[EMAIL PROTECTED]> wrote:
This isn't good enough for me to reproduce it.
I have tried both with preforking and without preforking.
I cannot get 2.1.11 to behave like this on Solaris 8.
Master didn't change since 2.1.10 so I don't
Hi,
I have the following error in Cyrus-Postfix, that I do not know how to
fix:
Dec 5 23:03:25 Hades postfix/lmtp[16388]: 04316100F:
to=<[EMAIL PROTECTED]>, relay=public/lmtp[public/lmtp],
delay=21490, status=deferred (host public/lmtp[public/lmtp] said: 451
4.3.0 System I/O error)
Dec 5 23:03:
Its the same parsing code (with one or two exceptions).
I don't see why it existing with literals after login would concern you if
it didn't concern you before login.
Of course, they are properly limited in 2.1.11 and 2.0.17.
-Rob
On Thu, 5 Dec 2002 [EMAIL PROTECTED] wrote:
> Hi,
>
> Regarding
Hi,
Regarding the recently announced vulnerability
http://online.securityfocus.com/archive/1/301864/2002-11-29/2002-12-05/0
Does a similar vulnerability exist with literals after login?
Thank you.
Saira Hasnain
On Thu, 5 Dec 2002, Carson Gaspar wrote:
> > When some pop3d dies with signal (i.e. SIGTERM), all incoming
> > connections to corresponding address:port are hangs. For example, if I
> > have pop3d
>
> I can confirm that the same bug exists under Solaris 8 x86 (fully patched)
> with imapd. To repro
--On Thursday, December 05, 2002 10:22 PM +0300 Oleg Derevenetz
<[EMAIL PROTECTED]> wrote:
When some pop3d dies with signal (i.e. SIGTERM), all incoming connections
to corresponding address:port are hangs. For example, if I have pop3d
I can confirm that the same bug exists under Solaris 8 x86
I'm trying to compile cyrus-imapd 2.1.11(even with
2.1.09 and 2.1.10), and when I run the tools/mkimap
during the install process where it says to, I get the
following error message:
can't open /etc/imapd.conf at (eval 1) line 15,
line 82.
every single time. I have a /etc/imapd.conf(with the
defa
On Thu, 5 Dec 2002, Oleg Derevenetz wrote:
> When some pop3d dies with signal (i.e. SIGTERM), all incoming
> connections to corresponding address:port are hangs. For example, if I
> have pop3d running on 192.168.0.1:110, and issue a command:
>
> $ kill PID_OF_THIS_POP3D
I can't duplicate this. I
I'm seeing some form of crashes as well, but I'm not getting enough
details to really report on them :( When it crashes, I have to kill
everything off including the master, and restart it.
--
Jason Fesler, <[EMAIL PROTECTED]> http://gigo.com/resume.html
"You'll finish first - or not at all" -
Hi all,
I have a problem with cyrus-imapd 2.1.11 working under Solaris 8. Imapd
was built with gcc 2.95.3 and configured with following options:
./configure --with-cyrus-prefix=/usr/local/cyrus
This is a piece of cyrus.conf file:
SERVICES {
imap1 cmd="imapd -C /usr/local/cyrus/etc/1/imapd.co
cyrus-sasl-2.1.9-1.src.rpm will not rebuild on Redhat 8
this is the error:
Remember to add `AC_PROG_LIBTOOL' to `configure.in'.
You should update your `aclocal.m4' by running aclocal.
Putting files in AC_CONFIG_AUX_DIR, `config'.
+ aclocal -I ./config -I ./cmulocal
+ automake -a
include/Makefile.
Harris Landgarten schrieb:
>
> cyrus-sasl-2.1.9-1.src.rpm will not rebuild on Redhat 8
Correct. As my website states, I don't provide cyrus sasl V2 RPMs for
RedHat > 7.x because sasl V2 is now included in >= 8.0. If you really
need version 2.1.9, you could try to upgrade the existing RPM.
Simon
Updated Debian packages of 2.1.10 with all security patches are already
available, since yesterday.
2.1.11 was uploaded to Debian unstable and will be installed today. I may
backport 2.1.11 to Debian stable soon (or not), since ALL the security fixes
have been already backported to 2.1.10-5.woody0
If you care enough to post this question to the list, then you _should_
care enough to be subscribed to the list. If you are, then you should
have seen that new distros which fix the problem were released
yesterday.
Torge Szczepanek wrote:
>
> Hi!
>
> There was a posting on the bugtraq mailing
sy.or.jp/~ume/ipv6/cyrus-imapd-2.0.17-ipv6-20021205.diff.gz
http://www.imasy.or.jp/~ume/ipv6/cyrus-imapd-2.1.11-ipv6-20021205.diff.gz
Sincerely,
--
Hajimu UMEMOTO @ Internet Mutual Aid Society Yokohama, Japan
[EMAIL PROTECTED] [EMAIL PROTECTED] ume@{,jp.}FreeBSD.org
http://www.imasy.org/~ume/
Hi!
There was a posting on the bugtraq mailing list concerning a buffer
overflow in Cyrus IMAP server.
Can somebody confirm this?
Date: Mon, 2 Dec 2002 19:56:06 +0200
From: Timo Sirainen <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: pre-login buffer overflow in Cyrus IMAP server
Message-ID:
Since this release is security related, allow me to announce here:
Updated cyrus-imapd-2.1.11-1 RPMs are available from
http://home.teleport.ch/simix/
rpm -Fvh ... is your friend.
-Simon
Rob Siemborski schrieb:
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> This is to announce the
30 matches
Mail list logo
