v2.3.5.1 released
Marcelo Coelho
marcelo at tpn.com.br
Thu Mar 28 13:57:34 EET 2019
Hi,
Why didn’t you apply this patch to v2.3.5.1?
commit df8addd41d87e61113de22a21a0e61506a8d74c2
Author: Stephan Bosch <stephan.bosch at dovecot.fi>
Date: Tue Mar 12 03:18:33 2019 +0100
submission-login: client-authenticate - Fix crash occurring when client disconnects during authentication.
diff --git a/src/submission-login/client-authenticate.c b/src/submission-login/client-authenticate.c
index 8b5422f833..6b70701a1a 100644
--- a/src/submission-login/client-authenticate.c
+++ b/src/submission-login/client-authenticate.c
@@ -98,6 +98,9 @@ void submission_client_auth_result(struct client *client,
container_of(client, struct submission_client, common);
struct smtp_server_cmd_ctx *cmd = subm_client->pending_auth;
+ if (subm_client->conn == NULL)
+ return;
+
subm_client->pending_auth = NULL;
i_assert(cmd != NULL);
diff --git a/src/submission-login/client.c b/src/submission-login/client.c
index 3e45e556c7..212afb92cf 100644
--- a/src/submission-login/client.c
+++ b/src/submission-login/client.c
@@ -212,6 +212,8 @@ static void client_connection_disconnect(void *context, const char *reason)
{
struct submission_client *client = context;
+ client->pending_auth = NULL;
+ client->pending_starttls = NULL;
client_disconnect(&client->common, reason);
}
> On 28 Mar 2019, at 08:41, Aki Tuomi via dovecot <dovecot at dovecot.org> wrote:
>
> https://dovecot.org/releases/2.3/dovecot-2.3.5.1.tar.gz
> https://dovecot.org/releases/2.3/dovecot-2.3.5.1.tar.gz.sig
> Binary packages in https://repo.dovecot.org/
>
> * CVE-2019-7524: Missing input buffer size validation leads into
> arbitrary buffer overflow when reading fts or pop3 uidl header
> from Dovecot index. Exploiting this requires direct write access to
> the index files.
>
> ---
> Aki Tuomi
> Open-Xchange oy
>
More information about the dovecot
mailing list