CVE-2019-7524 backport patch for 2.2.33.2

Gerald Galster list+dovecot at gcore.biz
Thu Mar 28 17:11:04 EET 2019


Hello Aki,

I'm currently stuck with 2.2.33.2 as 2.2.36 still duplicates mails after pop3 deletion on a two node dsync cluster.

Therefore I've created a small patch and it seems only these two files are affected:

dovecot-2.2.36.3/src/lib-storage/index/index-pop3-uidl.c
dovecot-2.2.36.3/src/plugins/fts/fts-api.c

Please correct me if I have missed something.

Best regards
Gerald

-------------- next part --------------
A non-text attachment was scrubbed...
Name: dovecot-CVE-2019-7524-2.2.36-1-3.patch
Type: application/octet-stream
Size: 1217 bytes
Desc: not available
URL: <https://dovecot.org/pipermail/dovecot/attachments/20190328/e012c578/attachment.obj>


More information about the dovecot mailing list