Dovecot release v2.2.36.4

Aki Tuomi via dovecot Wed, 28 Aug 2019 05:15:16 -0700

Hi!

We are pleased to release Dovecot release v2.2.36.4


Tarball is available at

https://dovecot.org/releases/2.2/dovecot-2.2.36.4.tar.gz
https://dovecot.org/releases/2.2/dovecot-2.3.36.4.tar.gz.sig

Binary packages are available at https://repo.dovecot.org/

Changes
-------
* CVE-2019-11500: IMAP protocol parser does not properly handle NUL byte
  when scanning data in quoted strings, leading to out of bounds heap
  memory writes. Found by Nick Roessler and Rafi Rubin.

---
Aki Tuomi
Open-Xchange oy

signature.asc
Description: OpenPGP digital signature

Dovecot release v2.2.36.4

Reply via email to