> On 18 April 2019 14:40 Benny Pedersen via dovecot wrote:
>
>
> Aki Tuomi via dovecot skrev den 2019-04-18 11:35:
>
> > * CVE-2019-10691: Trying to login with 8bit username containing
> > invalid UTF8 input causes auth process to crash if auth policy is
> > enabled. This cou
Aki Tuomi via dovecot skrev den 2019-04-18 11:35:
* CVE-2019-10691: Trying to login with 8bit username containing
invalid UTF8 input causes auth process to crash if auth policy is
enabled. This could be used rather easily to cause a DoS. Similar
crash also happens during ma
Lets try again, put wrong changelog to the mail. Sorry about this.
https://dovecot.org/releases/2.3/dovecot-2.3.5.2.tar.gz
https://dovecot.org/releases/2.3/dovecot-2.3.5.2.tar.gz.sig
Binary packages in https://repo.dovecot.org/
* CVE-2019-10691: Trying to login with 8bit username containing
https://dovecot.org/releases/2.3/dovecot-2.3.5.2.tar.gz
https://dovecot.org/releases/2.3/dovecot-2.3.5.2.tar.gz.sig
Binary packages in https://repo.dovecot.org/
* CVE-2019-7524: Missing input buffer size validation leads into
arbitrary buffer overflow when reading fts or pop3 uidl header
