Cyrus IMAP

Cyrus IMAP 3.2.7 Release Notes¶

Download from GitHub:

https://github.com/cyrusimap/cyrus-imapd/releases/download/cyrus-imapd-3.2.7/cyrus-imapd-3.2.7.tar.gz

https://github.com/cyrusimap/cyrus-imapd/releases/download/cyrus-imapd-3.2.7/cyrus-imapd-3.2.7.tar.gz.sig

Changes since 3.2.6¶

Security fixes:¶

Fixed CVE-2021-32056: Remote authenticated users could bypass intended access restrictions on certain server annotations. Additionally, a long-standing bug in replication did not allow server annotations to be replicated. Combining these two bugs, a remote authenticated user could stall replication, requiring administrator intervention.

Build changes¶

Fixed: various symbols were missing explicit symbol visibility

Bug fixes¶

Fixed Issue #3225: xapian get_stopper() did not use the cached stoppers (thanks Дилян Палаузов)
Fixed Issue #2882: reordered HTTP auth schemes to order expected by browsers
Fixed Issue #3456: per-server annotations were unable to replicate