2 Sep
2019
2 Sep
'19
12:51 p.m.
On 2 Sep 2019, at 11.01, MK via dovecot dovecot@dovecot.org wrote:
Good Morning List,
just a short question to this vulnerability. We are using a setup with dovecot redirector/proxy frontend servers and some backend server, which store the mailboxes. Is it anough to update the frontend servers if I like to fix the the vulnerability?
No.
Sami
Thanks. Do I understand this correct that updating the frontends fixes only the vulnerability for anonymous requests and for users logged in the vulnerability still exists if I don't update the backend servers?
Oliver