> | All versions of the University of Washington IMAP server prior to the final
> | (frozen, non-beta) version of imap-4.1 that support SASL server-level
> | authentication are vulnerable. The vulnerability affects all University
> | of Washington IMAP4rev1 servers prior to v10.234. Also, any v10.234 server
> | that was distributed with Pine 4.0 or any imap-4.1.BETA is vulnerable.
>
> The article indicates that Red Hat distributed a fix.
>
> Debian is currently distributing IMAP version 4.4.
>
> So, which linux distribution is still shipping an old version of IMAP?
And, I might add, it is NOT a Linux bug AFAIK, it is an IMAP bug and other
operating systems running that version of IMAP would be affected as well.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/