Commit Graph

1 Commits

Author SHA256 Message Date
2cb5006e53 - update to 2.3.7.2
* CVE-2019-11500: IMAP protocol parser does not properly handle
    NUL byte when scanning data in quoted strings, leading to out
    of bounds heap memory writes. Found by Nick Roessler and Rafi
    Rubin.
- update pigeonhole to 0.5.7.2
  * CVE-2019-11500: ManageSieve protocol parser does not properly
    handle NUL byte when scanning data in quoted strings, leading
    to out of bounds heap memory writes. Found by Nick Roessler and
    Rafi Rubin.
- refreshed patches to apply cleanly again:
  dovecot-2.3.0-better_ssl_defaults.patch
  dovecot-2.3.0-dont_use_etc_ssl_certs.patch

OBS-URL: https://build.opensuse.org/package/show/server:mail/dovecot23?expand=0&rev=52
2019-08-28 17:07:06 +00:00