CVE-2019-7524 backport patch for 2.2.33.2 - dovecot - dovecot.org

newer
Regression ACL & namespace prefix

CVE-2019-7524 backport patch for 2.2.33.2

older
CVE-2019-7524: Buffer overflow...

Gerald Galster

28 Mar 2019 28 Mar '19

5:11 p.m.

Hello Aki,

I'm currently stuck with 2.2.33.2 as 2.2.36 still duplicates mails after pop3 deletion on a two node dsync cluster.

Therefore I've created a small patch and it seems only these two files are affected:

dovecot-2.2.36.3/src/lib-storage/index/index-pop3-uidl.c dovecot-2.2.36.3/src/plugins/fts/fts-api.c

Please correct me if I have missed something.

Best regards Gerald

Attachments:

dovecot-CVE-2019-7524-2.2.36-1-3.patch (application/octet-stream — 1.2 KB)

Reply

Sign in to reply online Use email software

Show replies by date

Aki Tuomi

28 Mar 28 Mar

6:13 p.m.

Reply

Sign in to reply online Use email software

2096

Age (days ago)

2096

Last active (days ago)

1 comments

2 participants

tags

participants (2)

Aki Tuomi
Gerald Galster