[Buildroot] [PATCH] dovecot: bump version to 2.2.29.1 (security)
Peter Korsgaard
peter at korsgaard.com
Mon Apr 24 19:19:46 UTC 2017
>>>>> "Vicente" == Vicente Olivert Riera <Vincent.Riera at imgtec.com> writes:
> Security fix:
> passdb/userdb dict: Don't double-expand %variables in keys. If dict
> was used as the authentication passdb, using specially crafted
> %variables in the username could be used to cause DoS (CVE-2017-2669)
> Full ChangeLog 2.2.29 (including CVE fix):
> https://www.dovecot.org/list/dovecot-news/2017-April/000341.html
> Full ChangeLog 2.2.29.1 (some fixes forgotten in the 2.2.29 release):
> https://www.dovecot.org/list/dovecot-news/2017-April/000344.html
> Signed-off-by: Vicente Olivert Riera <Vincent.Riera at imgtec.com>
Committed to 2017.02.x, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list