On Fri, 2009-09-11 at 12:20 +0200, Maciej Polewczyński wrote:
I have problem with deliver dying with signal 11. I'm using postfix + dovecot devliver. If mailbox have many (100+) redirects in sieve or many other sieve rules deliver died. I have tested this in debian etch + dovecot 1.1.18 (compiled from sources) and debian lenny + dovecot 1.1.13 from backports.
Interestingly enough this is because of the security hole in Cyrus libsieve that was recently found: https://bugzilla.redhat.com/show_bug.cgi?id=521010
And even more interesting is that I found at least one other really simple buffer overflow from the libsieve code. Wonder why I hadn't checked the libsieve code properly earlier..
So, Dovecot's fixes are here:
http://hg.dovecot.org/dovecot-sieve-1.1/rev/4577c4e1130d http://hg.dovecot.org/dovecot-sieve-1.1/rev/049f22520628
I'll make new Dovecot Sieve releases and report the other new bug to Cyrus people..