SUSE-SU-2016:1459-1 -- SLES cyrus-imapd, perl-Cyrus-IMAP, perl-Cyrus-SIEVE-managesieveID: oval:org.secpod.oval:def:89045322 | Date: (C)2021-08-03 (M)2023-12-07 |
Class: PATCH | Family: unix |
This update for cyrus-imapd fixes the following issues: - Previous versions of cyrus-imapd would not allow its users to disable old SSL variants that are vulnerable to attacks like BEAST and POODLE. This patch adds the configuration option "tls_versions" to remedy that issue. Note that users who upgrade an existing installation will *not* have their imapd.conf file overwritten, i.e. their IMAP server will continue to support SSLv2 and SSLv3 like before. To disable support for those protocols, edit imapd.conf manually to include tls_versions: tls1_0 tls1_1 tls1_2. New installations, however, will have an imapd.conf file that contains these settings already, i.e. newly installed IMAP servers do *not* support unsafe versions of SSL unless that support is explicitly enabled by the user. - An integer overflow vulnerability in cyrus-imapd"s urlfetch range checking code was fixed. - Support for Elliptic Curve Diffie#226;#128;#147;Hellman has been added to cyrus-imapd
Platform: |
SUSE Linux Enterprise Server 11 SP4 |
Product: |
cyrus-imapd |
perl-Cyrus-IMAP |
perl-Cyrus-SIEVE-managesieve |