[Buildroot] [PATCH] package/dovecot: security bump to version

Peter Korsgaard peter at korsgaard.com
Fri Apr 26 13:06:30 UTC 2019

>>>>> "Peter" == Peter Korsgaard <peter at korsgaard.com> writes:

 > Fixes the following security issue:
 > * CVE-2019-10691: Trying to login with 8bit username containing
 >   invalid UTF8 input causes auth process to crash if auth policy is
 >   enabled. This could be used rather easily to cause a DoS. Similar
 >   crash also happens during mail delivery when using invalid UTF8 in
 >   From or Subject header when OX push notification driver is used.

 > https://dovecot.org/pipermail/dovecot-news/2019-April/000406.html

 > Signed-off-by: Peter Korsgaard <peter at korsgaard.com>

Committed to 2019.02.x, thanks.

Bye, Peter Korsgaard

More information about the buildroot mailing list