21 Dec
2007
21 Dec
'07
5:24 a.m.
On Fri, 2007-12-21 at 02:44 -0800, Geert Hendrickx wrote:
On Fri, Dec 21, 2007 at 12:38:12AM +0200, Timo Sirainen wrote:
Somehow I doubt there are any Dovecot setups left that unknowingly have this problem, but it still counts as a security hole. The possibility to cause this problem exists in Dovecot v1.0.rc11 and later.
[...]
You can fix this by upgrading to v1.0.10 (to be released soon), or using this patch: http://hg.dovecot.org/dovecot-1.0/raw-rev/2cedab21cd6d
Is Dovecot 1.1.x affected as well?