[Buildroot] [PATCH] package/dovecot: security bump to version

Peter Korsgaard peter at korsgaard.com
Fri Apr 5 15:29:09 UTC 2019

>>>>> "Peter" == Peter Korsgaard <peter at korsgaard.com> writes:

 > Fixes the following security issue:
 >  * CVE-2019-7524: Missing input buffer size validation leads into
 >    arbitrary buffer overflow when reading fts or pop3 uidl header
 >    from Dovecot index. Exploiting this requires direct write access to
 >    the index files.

 > Signed-off-by: Peter Korsgaard <peter at korsgaard.com>

Committed to 2019.02.x (and the corresponding dovecot-pigeonhole bump), thanks.

Bye, Peter Korsgaard

More information about the buildroot mailing list