On 04.01.2021 14:02, Dan Malm wrote:
> On 2021-01-04 13:03, Aki Tuomi wrote:
>> Vulnerable version: 2.2.26-2.3.11.3
>> Fixed version: 2.3.13
> No fix for 2.2.36?
>
Hi
Probably not fixed - my heart's been broken to - but this solutions
"imap_hibernate_timeout = 0" probably save you...
--
Maciej Mi
On 4. Jan 2021, at 14.29, Marc Roos wrote:
>
>
> This also applies when you have users seperated at os level?
Yes, that doesn't make a difference. Only whether hibernation is enabled.
> -Original Message-
> Sent: 04 January 2021 13:03
> To: dovecot-n...@dovecot.org; dovecot@dovecot.org
> On 04/01/2021 15:02 Dan Malm wrote:
>
>
> On 2021-01-04 13:03, Aki Tuomi wrote:
> > Vulnerable version: 2.2.26-2.3.11.3
> > Fixed version: 2.3.13
>
> No fix for 2.2.36?
>
> --
> BR/Mvh. Dan Malm, Systems Engineer, One.com
We have not made fix for 2.2.36 as it's EOLed.
Aki
I guess redhat will backport it.
-Original Message-
Sent: 04 January 2021 14:02
To: dovecot@dovecot.org
Subject: Re: CVE-2020-24386: IMAP hibernation allows accessing other
peoples mail
On 2021-01-04 13:03, Aki Tuomi wrote:
> Vulnerable version: 2.2.26-2.3.11.3
> Fixed v
On 2021-01-04 13:03, Aki Tuomi wrote:
> Vulnerable version: 2.2.26-2.3.11.3
> Fixed version: 2.3.13
No fix for 2.2.36?
--
BR/Mvh. Dan Malm, Systems Engineer, One.com
This also applies when you have users seperated at os level?
-Original Message-
Sent: 04 January 2021 13:03
To: dovecot-n...@dovecot.org; dovecot@dovecot.org
Subject: CVE-2020-24386: IMAP hibernation allows accessing other peoples
mail
Open-Xchange Security Advisory 2021-01-04
Produ
