>> On 2 Sep 2019, at 11.01, MK via dovecot <dovecot@dovecot.org> wrote: >> >> Good Morning List, >> >> just a short question to this vulnerability. We are using a setup with >> dovecot redirector/proxy frontend servers >> and some backend server, which store the mailboxes. >> Is it anough to update the frontend servers if I like to fix the the >> vulnerability?
>No. > >Sami Thanks. Do I understand this correct that updating the frontends fixes only the vulnerability for anonymous requests and for users logged in the vulnerability still exists if I don't update the backend servers? Oliver
