2 Dec
2016
2 Dec
'16
10:48 a.m.
On 02.12.2016 10:45, Jonas Wielicki wrote:
On Freitag, 2. Dezember 2016 09:00:58 CET Aki Tuomi wrote:
We are sorry to report that we have a bug in dovecot, which merits a CVE. See details below. If you haven't configured any auth_policy_* settings you are ok. This is fixed with https://git.dovecot.net/dovecot/core/commit/c3d3faa4f72a676e183f34be960cff13 a5a725ae and https://git.dovecot.net/dovecot/core/commit/99abb1302ae693ccdfe0d57351fd42c6 7a8612fc
Important vulnerability in Dovecot (CVE-2016-8562) Are you sure about the CVE number? According to Debian 1 and mitre 2, it’s for SIEMENS something, not Dovecot.
best regards, Jonas Wielicki
Ups, sent wrong number, correct is CVE-2016-8652.
Aki