Mitigation / disable FTS and pop3-uidl plugin was Re: CVE-2019-7524: Buffer overflow when reading extension header from dovecot index files
Kevin A. McGrail
KMcGrail at PCCC.com
Thu Mar 28 16:37:25 EET 2019
On 3/28/2019 7:42 AM, Aki Tuomi via dovecot wrote:
> olution:
> Operators should update to the latest Patch Release. The only workaround
> is to disable FTS and pop3-uidl plugin.
Hi Aki, thanks for the CVE. For quick mitigation, can you confirm how
to disable these plugins and what they provide? We'd like to assess if
we are using them while we rollout the fix.
Regards,
KAM
More information about the dovecot
mailing list