Pegasus Mail Logo
HomeOverviewsDownloadsSupportManualsLinksFAQsContacts


Patches

Patches and occasional updates to Pegasus Mail and Mercury are provided from time to time to address problems or add minor features outside our normal development cycle. Patches do not have an installer - you need to be handy with a ZIP utility such as WinZIP to install them. In general, we recommend that only reasonably experienced users install patch versions on their systems. To retrieve a patch, simply click on its link.

 

Mercury/32 v4.72 MercuryX offline startup patch (July 2010, 58Kb)

 

 

This patch corrects a problem in the MercuryX Scheduling Module released with Mercury v4.72 which would prevent other modules from coming online at startup if the scheduling module was unconfigured. If you do not load the MercuryX module, you do not need to install this patch. This patch can only be installed into Mercury v4.72 systems.

 

 

 

Mercury/32 v4.01c Security patch for MercuryS AUTH CRAM-MD5 vulnerability (Aug 2007, 90Kb)

 

 

This patch corrects a vulnerability in the MercuryS SMTP server where a maliciously constructed AUTH command could cause buffer overflows and potentially compromise your machine. You must be running Mercury/32 patched to v4.01b before installing this patch. All sites using MercuryS exposed to the open Internet should regard this patch as mandatory. Note: we strongly advise you to upgrade to Mercury/32 v4.52 instead of installing this patch into a v4.01 system. You MUST NOT attempt to install this patch on a v4.5 system.

 

 

 

Mercury/NLM v1.49 Security patch for MercuryS AUTH CRAM-MD5 vulnerability (Aug 2007, 90Kb)

 

 

This patch corrects a vulnerability in the MercuryS SMTP server where a maliciously constructed AUTH command could cause buffer overflows and potentially compromise your machine. All sites using MercuryS exposed to the open Internet should regard this patch as mandatory.

 

 

 

Mercury/32 v4.01c Security patch for MercuryI "literal" vulnerability (May 2007, 90Kb)

 

 

This patch corrects a vulnerability and addresses some memory leaks in the MercuryI IMAP server. You must be running Mercury/32 patched to v4.01b before installing this patch. All sites using IMAP servers exposed to the open Internet should regard this patch as mandatory. Note: we strongly advise you to upgrade to Mercury/32 v4.52 instead of installing this patch into a v4.01 system.

 


[ Page modified 15 July 2010 | Content © David Harris | Design by Technology Solutions ]