[Buildroot] [PATCH 2/2] package/dovecot-pigeonhole: security bump version to 0.5.7.2
Peter Korsgaard
peter at korsgaard.com
Wed Aug 28 15:16:59 UTC 2019
>>>>> "Bernd" == Bernd Kuhls <bernd.kuhls at t-online.de> writes:
> Release notes:
> https://dovecot.org/pipermail/dovecot/2019-August/116876.html
> Fixes
> * CVE-2019-11500: ManageSieve protocol parser does not properly handle
> NUL byte when scanning data in quoted strings, leading to out of
> bounds heap memory writes. Found by Nick Roessler and Rafi Rubin.
> Signed-off-by: Bernd Kuhls <bernd.kuhls at t-online.de>
Committed, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list