projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: e941599) | patch
package/dovecot: security bump version to 2.3.7.2
authorBernd Kuhls <bernd.kuhls@t-online.de>
Wed, 28 Aug 2019 14:13:14 +0000 (16:13 +0200)
committerPeter Korsgaard <peter@korsgaard.com>
Wed, 28 Aug 2019 15:16:34 +0000 (17:16 +0200)
commit4afd405effdb56af0e09ee83ec4511deb835e630
tree314fd07cebc66fc7b7186a9989f1f051b415c9catree
parente941599f69e6b50f860cb2b704a838875247a317commit | diff
package/dovecot: security bump version to 2.3.7.2

Release notes:
https://dovecot.org/pipermail/dovecot/2019-August/116874.html

Fixes
* CVE-2019-11500: IMAP protocol parser does not properly handle NUL byte
  when scanning data in quoted strings, leading to out of bounds heap
  memory writes. Found by Nick Roessler and Rafi Rubin.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
package/dovecot/dovecot.hash diff | blob | history
package/dovecot/dovecot.mk diff | blob | history