=========================================================== Ubuntu Security Notice USN-87-1 February 28, 2005 cyrus21-imapd vulnerability CAN-2005-0546 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) The following packages are affected: cyrus21-imapd The problem can be corrected by upgrading the affected package to version 2.1.16-6ubuntu0.3. In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Sean Larsson discovered a buffer overflow in the IMAP "annotate" extension. This possibly allowed an authenticated IMAP client to execute arbitrary code with the privileges of the Cyrus IMAP server.