[Dovecot-news] v22.214.171.124 released
aki.tuomi at open-xchange.com
Thu Apr 18 12:35:53 EEST 2019
Lets try again, put wrong changelog to the mail. Sorry about this.
Binary packages in https://repo.dovecot.org/
* CVE-2019-10691: Trying to login with 8bit username containing
invalid UTF8 input causes auth process to crash if auth policy is
enabled. This could be used rather easily to cause a DoS. Similar
crash also happens during mail delivery when using invalid UTF8 in
From or Subject header when OX push notification driver is used.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 488 bytes
Desc: OpenPGP digital signature
More information about the Dovecot-news