[Buildroot] [PATCH 2/2] package/dovecot-pigeonhole: security bump version to 0.5.7.2

Peter Korsgaard peter at korsgaard.com
Wed Aug 28 15:16:59 UTC 2019


>>>>> "Bernd" == Bernd Kuhls <bernd.kuhls at t-online.de> writes:

 > Release notes:
 > https://dovecot.org/pipermail/dovecot/2019-August/116876.html

 > Fixes
 > * CVE-2019-11500: ManageSieve protocol parser does not properly handle
 >   NUL byte when scanning data in quoted strings, leading to out of
 >   bounds heap memory writes. Found by Nick Roessler and Rafi Rubin.

 > Signed-off-by: Bernd Kuhls <bernd.kuhls at t-online.de>

Committed, thanks.

-- 
Bye, Peter Korsgaard


More information about the buildroot mailing list