Hi,

On 09:00 Tue 11 Apr     , Salvatore Bonaccorso wrote:
> So the problem is present, and was a quite bad mistake on my end. Aki
> tracked it down, and although the patch applies back to 2.2.10 the
> vulnerability itself was only introduced with
> https://github.com/dovecot/core/commit/a3783f8a3c9cd816b51e77a922f82301512fcf22
> and thus not back to 2.2.10.

git describe --contains d28ac272af22913188bbd6a71833560ad26b2e6c
2.2.26~369

So, it's only Stretch that's currently affected. Aki, just to make sure, 
there's no need to cherry-pick anything more than 21d083ff for 2.2.27 to 
be fixed, right?

Regards,
Apollon

Reply via email to