On Fri, 2007-12-21 at 02:44 -0800, Geert Hendrickx wrote: > On Fri, Dec 21, 2007 at 12:38:12AM +0200, Timo Sirainen wrote: > > Somehow I doubt there are any Dovecot setups left that unknowingly have > > this problem, but it still counts as a security hole. The possibility to > > cause this problem exists in Dovecot v1.0.rc11 and later. > > > > [...] > > > > You can fix this by upgrading to v1.0.10 (to be released soon), or using > > this patch: http://hg.dovecot.org/dovecot-1.0/raw-rev/2cedab21cd6d > > > > Is Dovecot 1.1.x affected as well?
Yes. http://hg.dovecot.org/dovecot/raw-rev/9e75e67420b4
signature.asc
Description: This is a digitally signed message part
