mail/dovecot: upgrade to 2.3.5.1.
rP497015
Actions

Description

mail/dovecot: upgrade to 2.3.5.1.

CVE-2019-7524: Missing input buffer size validation leads into arbitrary buffer overflow when reading fts or pop3 uidl header from Dovecot index. Exploiting this requires direct write access to the index files.

MFH: 2019Q1
Security: CVE-2019-7524

Provenance

ler	Authored on

Parents

rP497014: vuxml: Document mail/dovecot buffer overflow.

Branches

Unknown

Tags

Unknown

Path

Size

head/

mail/

dovecot/