[Dovecot-news] v2.3.5.1 released

Aki Tuomi aki.tuomi at open-xchange.com
Thu Mar 28 13:41:05 EET 2019

Binary packages in https://repo.dovecot.org/

    * CVE-2019-7524: Missing input buffer size validation leads into
      arbitrary buffer overflow when reading fts or pop3 uidl header
      from Dovecot index. Exploiting this requires direct write access to
      the index files.

Aki Tuomi
Open-Xchange oy

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <https://dovecot.org/pipermail/dovecot-news/attachments/20190328/2bcc6d1b/attachment.sig>

More information about the Dovecot-news mailing list