[Dovecot-news] Pigeonhole release v0.5.7.2

Aki Tuomi aki.tuomi at dovecot.fi
Wed Aug 28 15:06:02 EEST 2019


We are pleased to release Pigeonhole release v0.5.7.2

Tarball is available at


Binary packages are available at https://repo.dovecot.org/

* CVE-2019-11500: ManageSieve protocol parser does not properly handle
NUL byte
  when scanning data in quoted strings, leading to out of bounds heap
  memory writes. Found by Nick Roessler and Rafi Rubin.

Aki Tuomi
Open-Xchange oy

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 484 bytes
Desc: OpenPGP digital signature
URL: <https://dovecot.org/pipermail/dovecot-news/attachments/20190828/f8102c12/attachment.sig>

More information about the Dovecot-news mailing list