On 03/12/2016 12:08, Jeremiah C. Foster wrote:
On Fri, 2016-12-02 at 10:48 +0200, Aki Tuomi wrote: On 02.12.2016 10:45, Jonas Wielicki wrote: On Freitag, 2. Dezember 2016 09:00:58 CET Aki Tuomi wrote: We are sorry to report that we have a bug in dovecot, which merits a CVE. See details below. If you haven't configured any auth_policy_* settings you are ok. This is fixed with https://git.dovecot.net/dovecot/core/commit/c3d3faa4f72a676e183f3 4be960cff13 a5a725ae and https://git.dovecot.net/dovecot/core/commit/99abb1302ae693ccdfe0d 57351fd42c6 7a8612fc
Important vulnerability in Dovecot (CVE-2016-8562) Are you sure about the CVE number? According to Debian [1 1] and mitre [2 2], it's for SIEMENS something, not Dovecot.
best regards, Jonas Wielicki
2
Ups, sent wrong number, correct is CVE-2016-8652. That is the same number, no?
No, read it again. the wrong and pasted copie are 8 5 62, his revised is 8 6 52
-- Kind Regard,
Noel Butler
This Email, including any attachments, may contain legally privilegedinformation, therefore remains confidential and subject to copyright protected under international law. You may not disseminate, discuss, or reveal, any part, to anyone, without the authors express written authority to do so. If you are not the intended recipient, please notify the sender then delete all copies of this message including attachments, immediately. Confidentiality, copyright, and legal privilege are not waived or lost by reason of the mistaken delivery of this message. Only PDF [3] and ODF [4] documents accepted, please do not send proprietary formatted documents
Links:
1 https://security-tracker.debian.org/tracker/CVE-2016-8562 2 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-856 [3] http://www.adobe.com/ [4] http://en.wikipedia.org/wiki/OpenDocument