FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

cyrus-imapd -- Remote authenticated users could bypass intended access restrictions on certain server annotations.

Affected packages
3.4.0 <= cyrus-imapd34 < 3.4.1
3.2.0 <= cyrus-imapd32 < 3.2.7

Details

VuXML ID 12156786-b18a-11eb-8cba-080027b00c2e
Discovery 2021-05-05
Entry 2021-05-10

Cyrus IMAP 3.4.1 Release Notes states:

Fixed CVE-2021-32056: Remote authenticated users could bypass intended access restrictions on certain server annotations. Additionally, a long-standing bug in replication did not allow server annotations to be replicated. Combining these two bugs, a remote authenticated user could stall replication, requiring administrator intervention.

References

CVE Name CVE-2021-32056
URL https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32056