Cyrus IMAPD, Sun Java vulnerabilities
Jeff Sheltren
sheltren at cs.ucsb.edu
Fri Dec 3 15:24:37 UTC 2004
I'm not sure on Cyrus, but I don't think RedHat/Fedora has included Sun Java
in any release.
-Jeff
On 12/3/04 7:11 AM, "John Dalbec" <jpdalbec at ysu.edu> wrote:
> Do these issues apply to -legacy?
>
> 04.47.8 CVE: CAN-2004-1011, CAN-2004-1012, CAN-2004-1013,
> CAN-2004-1015
> Platform: Unix
> Title: Cyrus IMAPD Multiple Remote Vulnerabilities
> Description: Cyrus IMAPD is an IMAP daemon. It is reported to be
> vulnerable to multiple remote buffer overflow issues. Cyrus IMAPD
> versions 2.2.4 to 2.2.8 are reported to be vulnerable.
> Ref: http://security.e-matters.de/advisories/152004.html
>
> 04.47.13 CVE: CAN-2004-1029
> Platform: Cross Platform
> Title: Sun Java Plug-in Security Restriction Bypass
> Description: Java Plug-in technology, part of the Java 2 Runtime
> Environment (JRE), establishes a connection between popular browsers
> and the Java platform. It is possible to bypass the Java sandbox and
> all security restrictions imposed within Java Applets to execute
> malicious applets and gain full control. Sun Java 2 Platform, Standard
> Edition (J2SE) versions 1.4.2_01 and 1.4.2_04 are known to be
> vulnerable.
> Ref:
> http://www.idefense.com/application/poi/display?id=158&type=vulnerabilities
>
> --
> fedora-legacy-list mailing list
> fedora-legacy-list at redhat.com
> http://www.redhat.com/mailman/listinfo/fedora-legacy-list
More information about the fedora-legacy-list
mailing list