> On April 30, 2019 at 12:06 PM "@lbutlr via dovecot" <dovecot@dovecot.org> > wrote: > > pkg adult shows the following, not mentioned in the changes: > > dovecot-2.3.5.1 is vulnerable: > dovecot -- json encoder crash > CVE: CVE-2019-10691 > WWW: > https://vuxml.FreeBSD.org/freebsd/a64aa22f-61ec-11e9-85b9-a4badb296695.html
https://dovecot.org/pipermail/dovecot-news/2019-April/000407.html michael