The Cyrus team is proud to announce the immediate availability of a new version
of Cyrus IMAP: 3.4.1
This release contains a fix for CVE-2021-32056: Remote authenticated users
could bypass intended access restrictions on certain server annotations.
Additionally, a long-standing bug in replication did not allow server
annotations to be replicated. Combining these two bugs, a remote authenticated
user could stall replication, requiring administrator intervention.
Download URLs:
https://github.com/cyrusimap/cyrus-imapd/releases/download/cyrus-imapd-3.4.1/cyrus-imapd-3.4.1.tar.gz
https://github.com/cyrusimap/cyrus-imapd/releases/download/cyrus-imapd-3.4.1/cyrus-imapd-3.4.1.tar.gz.sig
Please consult the release notes and upgrade documentation before upgrading to
3.4.1:
https://www.cyrusimap.org/imap/download/release-notes/3.4/x/3.4.1.html
https://www.cyrusimap.org/imap/download/upgrade.html
And join us on Github at https://github.com/cyrusimap/cyrus-imapd to report
issues, join in the deliberations of new features for the next Cyrus IMAP
release, and to contribute to the documentation.
On behalf of the Cyrus team,
Kind regards,
ellie timoney
------------------------------------------
Cyrus: Info
Permalink:
https://cyrus.topicbox.com/groups/info/T056901c106ecfce3-M949ad8200d85f7f17efa3904
Delivery options: https://cyrus.topicbox.com/groups/info/subscription
