CVE-2019-11500: Critical vulnerability in Dovecot and Pigeonhole

Daniel Lange DLange at debian.org
Fri Aug 30 18:38:10 EEST 2019


Am 30.08.19 um 10:00 schrieb Christian Balzer via dovecot:
> When upgrading on Debian Stretch with the security fix packages all
> dovecot processes get killed and then restarted despite having
> "shutdown_clients = no" set.

This is systemd doing its "magic" (kill all control group processes), 
see https://dovecot.org/pipermail/dovecot/2016-June/104546.html
for a potential fix.


More information about the dovecot mailing list