Dovecot release v2.3.6

@lbutlr kremels at kreme.com
Tue Apr 30 21:06:41 EEST 2019


On 30 Apr 2019, at 07:21, Aki Tuomi via dovecot <dovecot at dovecot.org> wrote:
> We are pleased to release Dovecot v2.3.6.

pkg adult shows the following, not mentioned in the changes:

dovecot-2.3.5.1 is vulnerable:
dovecot -- json encoder crash
CVE: CVE-2019-10691
WWW: https://vuxml.FreeBSD.org/freebsd/a64aa22f-61ec-11e9-85b9-a4badb296695.html


(just curious)


-- 
'Things either exist or they don't,' said Jeremy. 'I am very clear about
that. I have medicine.' --The Thief of Time




More information about the dovecot mailing list