Le 07/06/2019 à 07:08, Xavier Guimard a écrit : > Package: release.debian.org > Severity: normal > User: [email protected] > Usertags: unblock > > Please unblock package cyrus-imapd > > Hi all, > > Cyrus-Imapd is vulnerable to remote arbitrary code execution via CalDAV > (CVE-2019-11356, tagged high). Fix is very trivial. > > The proposed debdiff includes also a missing dependency that closes > #872238. > > Cheers, > Xavier
Complement: I patched Cyrus-Imapd quickly since patch was easy to backport, that's why Security Team didn't open a RC bug on this CVE. However, this update should be considered as a RC-related unblock. Cheers, Xavier
