Pegasus Mail Logo
HomeOverviewsDownloadsSupportManualsLinksFAQsContacts


Patches

Patches and occasional updates to Pegasus Mail and Mercury are provided from time to time to address problems or add minor features outside our normal development cycle. Patches do not have an installer - you need to be handy with a ZIP utility such as WinZIP to install them. In general, we recommend that only reasonably experienced users install patch versions on their systems. Patches are currently stored on our Maine, USA server only. To retrieve a patch, simply click on its link.

 

Mercury/32 v4.01c Security patch for MercuryS AUTH CRAM-MD5 vulnerability (Aug 2007, 90Kb)

 

 

This patch corrects a vulnerability in the MercuryS SMTP server where a maliciously constructed AUTH command could cause buffer overflows and potentially compromise your machine. You must be running Mercury/32 patched to v4.01b before installing this patch. All sites using MercuryS exposed to the open Internet should regard this patch as mandatory. Note: we strongly advise you to upgrade to Mercury/32 v4.52 instead of installing this patch into a v4.01 system. You MUST NOT attempt to install this patch on a v4.5 system.

 

 

 

Mercury/NLM v1.49 Security patch for MercuryS AUTH CRAM-MD5 vulnerability (Aug 2007, 90Kb)

 

 

This patch corrects a vulnerability in the MercuryS SMTP server where a maliciously constructed AUTH command could cause buffer overflows and potentially compromise your machine. All sites using MercuryS exposed to the open Internet should regard this patch as mandatory.

 

 

 

Mercury/32 v4.01c Security patch for MercuryI "literal" vulnerability (May 2007, 90Kb)

 

 

This patch corrects a vulnerability and addresses some memory leaks in the MercuryI IMAP server. You must be running Mercury/32 patched to v4.01b before installing this patch. All sites using IMAP servers exposed to the open Internet should regard this patch as mandatory. Note: we strongly advise you to upgrade to Mercury/32 v4.52 instead of installing this patch into a v4.01 system.

 

 

 

Mercury/32 Security patches for MercuryW and MercuryH (Jan 2006, 120Kb)

 

 

This patch corrects vulnerabilities in the MercuryH PH Server and MercuryW PopPass server that could result in affected systems being compromised. All sites running Mercury v4.01a, v4.01b or a v4.10 beta and using these modules should regard this upgrade as mandatory.

 

 

 

Mercury/32 V4.01a to Mercury/32 v4.01b, 1.3MB

 

 

This patch will upgrade an existing Mercury/32 v4.01a installation to v4.01b; it can only be used to ugprade from v4.01a, not from earlier versions. See the file called README.TXT in the archive for installation instructions.

 

 

 

 

Pegasus Mail v4.21a or v4.21b to Pegasus Mail v4.21c, 1.3MB

 

 

This patch will upgrade an existing Pegasus Mail v4.21a or v4.21b installation to v4.21c; it can only be used to upgrade v4.21a or v4.21b - not earlier versions: you must not attempt to use it to upgrade any earlier version of the program. See the file called README.TXT in the archive for installation instructions.

 


[ Page modified 21 Aug 2007 | Content David Harris | Design by Technology Solutions ]