cyrus-imapd - buffer overflow

Timo Sirainen discovered a buffer overflow in the Cyrus IMAP server,
which could be exploited by a remote attacker prior to logging in. A
malicious user could craft a request to run commands on the server under
the UID and GID of the cyrus server.

For the current stable distribution (woody) this problem has been
fixed in version 1.5.19-9.1.

For the old stable distribution (potato) this problem has been fixed
in version 1.5.19-2.2.

For the unstable distribution (sid) this problem has been
fixed in version 1.5.19-9.10. Current cyrus21-imapd packages are not
vulnerable.

We recommend that you upgrade your cyrus-imapd package.