package/dovecot-pigeonhole: security bump version to 0.5.7.2 (77b2dd9a) · Commits · Arm Reference Solutions / buildroot

Commit 77b2dd9a authored Aug 28, 2019 by Bernd Kuhls Committed by Peter Korsgaard Aug 28, 2019

package/dovecot-pigeonhole: security bump version to 0.5.7.2

Release notes:
https://dovecot.org/pipermail/dovecot/2019-August/116876.html



Fixes
* CVE-2019-11500: ManageSieve protocol parser does not properly handle
  NUL byte when scanning data in quoted strings, leading to out of
  bounds heap memory writes. Found by Nick Roessler and Rafi Rubin.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

parent 4afd405e

Hide whitespace changes

Inline Side-by-side

Please register or to comment