CVE-2016-8562 in dovecot
Jonas Wielicki
jonas at wielicki.name
Fri Dec 2 08:45:53 UTC 2016
On Freitag, 2. Dezember 2016 09:00:58 CET Aki Tuomi wrote:
> We are sorry to report that we have a bug in dovecot, which merits a
> CVE. See details below. If you haven't configured any auth_policy_*
> settings you are ok. This is fixed with
> https://git.dovecot.net/dovecot/core/commit/c3d3faa4f72a676e183f34be960cff13
> a5a725ae and
> https://git.dovecot.net/dovecot/core/commit/99abb1302ae693ccdfe0d57351fd42c6
> 7a8612fc
>
> Important vulnerability in Dovecot (CVE-2016-8562)
Are you sure about the CVE number? According to Debian [1] and mitre [2], it’s
for SIEMENS something, not Dovecot.
best regards,
Jonas Wielicki
[1]: https://security-tracker.debian.org/tracker/CVE-2016-8562
[2]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8562
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part.
URL: <http://dovecot.org/pipermail/dovecot/attachments/20161202/5ecfd064/attachment.sig>
More information about the dovecot
mailing list