18 Apr
2019
18 Apr
'19
2:40 p.m.
Aki Tuomi via dovecot skrev den 2019-04-18 11:35:
* CVE-2019-10691: Trying to login with 8bit username containing invalid UTF8 input causes auth process to crash if auth policy is enabled. This could be used rather easily to cause a DoS. Similar crash also happens during mail delivery when using invalid UTF8 in From or Subject header when OX push notification driver is used.
can this aswell crash dovecot policy service so check policy service on postfix tempfails ?