oss-sec mailing list archives

Re: Critical Dovecot and Pigeonhole vulnerability

From: Larry Rosenman <ler () FreeBSD org>
Date: Wed, 28 Aug 2019 11:19:53 -0500

On 08/28/2019 11:17 am, Hanno Böck wrote:

On Wed, 28 Aug 2019 15:06:23 +0300
Aki Tuomi <aki.tuomi () dovecot fi> wrote:

Please find patches attached for dovecot 2.3.7 and pigeonhole 0.5.7


It seems Pigeonhole doesn't have a new release yet as far as I can see:
https://pigeonhole.dovecot.org/download.html

So this needs to be manually patched for now? Any ETA for a new release
here?

pigeonhole 0.5.7.2 has the fix.


--
Larry Rosenman                     http://people.freebsd.org/~ler
Phone: +1 214-642-9640                 E-Mail: ler () FreeBSD org
US Mail: 5708 Sabbia Dr, Round Rock, TX 78665-2106

Current thread:

Critical Dovecot and Pigeonhole vulnerability Aki Tuomi (Aug 28)
- Re: Critical Dovecot and Pigeonhole vulnerability Hanno Böck (Aug 28)
  - Message not available
    - Re: Critical Dovecot and Pigeonhole vulnerability Hanno Böck (Aug 28)
    - Re: Critical Dovecot and Pigeonhole vulnerability aki . tuomi (Aug 28)
  - Re: Critical Dovecot and Pigeonhole vulnerability Larry Rosenman (Aug 28)