Thank you for your very valuable contribution to the bandwidth.
> ____
> david parsons \bi/ So, which version of IMAP is that?
> \/
>From the CERT advisory cited in the article:
| All versions of the University of Washington IMAP server prior to the final
| (frozen, non-beta) version of imap-4.1 that support SASL server-level
| authentication are vulnerable. The vulnerability affects all University
| of Washington IMAP4rev1 servers prior to v10.234. Also, any v10.234 server
| that was distributed with Pine 4.0 or any imap-4.1.BETA is vulnerable.
The article indicates that Red Hat distributed a fix.
Debian is currently distributing IMAP version 4.4.
So, which linux distribution is still shipping an old version of IMAP?
--Paul Vojta, vojta@math.berkeley.edu
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/