On Freitag, 2. Dezember 2016 09:00:58 CET Aki Tuomi wrote: > We are sorry to report that we have a bug in dovecot, which merits a > CVE. See details below. If you haven't configured any auth_policy_* > settings you are ok. This is fixed with > https://git.dovecot.net/dovecot/core/commit/c3d3faa4f72a676e183f34be960cff13 > a5a725ae and > https://git.dovecot.net/dovecot/core/commit/99abb1302ae693ccdfe0d57351fd42c6 > 7a8612fc > > Important vulnerability in Dovecot (CVE-2016-8562)
Are you sure about the CVE number? According to Debian [1] and mitre [2], it’s for SIEMENS something, not Dovecot. best regards, Jonas Wielicki [1]: https://security-tracker.debian.org/tracker/CVE-2016-8562 [2]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8562
signature.asc
Description: This is a digitally signed message part.