[CLSA-2026:1779119949] cyrus-imapd: Fix of CVE-2024-34055
Type:
security
Severity:
Moderate
Release date:
2026-05-19 00:34:02 UTC
Description:
- fix CVE-2024-34055: denial of service via memory exhaustion using oversized IMAP literals and command arguments - disable cassandane test runner on x86_64 and aarch64 due to multiple unrelated mock-environment issues (imaptest binary SIGSEGV, slow file I/O, alarm scheduling races); cunit which exercises the CVE fix continues to run on all arches
Updated packages:
  • cyrus-imapd-3.4.1-7.el9.tuxcare.els1.x86_64.rpm
    sha:2050d6f0bff3a0ca691935a6e10154ed4d8a00c9185e7deba1818e5a47ed99b7
  • cyrus-imapd-devel-3.4.1-7.el9.tuxcare.els1.x86_64.rpm
    sha:e20674922ab4aa4e51caca2755e620524b6ebf5aefe12184b6fb49636a6fd967
  • cyrus-imapd-doc-extra-3.4.1-7.el9.tuxcare.els1.noarch.rpm
    sha:dec5a2c3b7aed99ecfcdb59c45761cc73f7137cae014bd2ba58d3534e774006e
  • cyrus-imapd-libs-3.4.1-7.el9.tuxcare.els1.i686.rpm
    sha:6405f091c1506b843b49c2ffefd8b9613cd64df01ff29642944c109d742e62c8
  • cyrus-imapd-libs-3.4.1-7.el9.tuxcare.els1.x86_64.rpm
    sha:14a47b95d2b6cb8cc5db5fd34e990f27ac9c4ffbd7cb41cac4cf5a90258e9aa0
  • cyrus-imapd-utils-3.4.1-7.el9.tuxcare.els1.x86_64.rpm
    sha:63ebc594c74de7848e8637c5b1556fef7176bc37daf602e77df833e0d25a865f
  • cyrus-imapd-virusscan-3.4.1-7.el9.tuxcare.els1.x86_64.rpm
    sha:4fd87b9ae4e71002cfaf04664f3043ad5eac24c7d2415beb4a9d768d1f2b61cf
  • perl-Cyrus-3.4.1-7.el9.tuxcare.els1.x86_64.rpm
    sha:66e32ba73b7a4881ab1815502348cbc153bd61191ce08a30474b99a8a95fa680
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.