https://dovecot.org/releases/2.3/dovecot-2.3.5.2.tar.gz https://dovecot.org/releases/2.3/dovecot-2.3.5.2.tar.gz.sig Binary packages in https://repo.dovecot.org/
* CVE-2019-7524: Missing input buffer size validation leads into
arbitrary buffer overflow when reading fts or pop3 uidl header
from Dovecot index. Exploiting this requires direct write access to
the index files.
---
Aki Tuomi
Open-Xchange oy
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Dovecot-news mailing list Dovecot-news@dovecot.org https://dovecot.org/mailman/listinfo/dovecot-news
