Package: dovecot
Severity: grave
Tags: security
Justification: user security hole
This entry from
http://www.dovecot.org/list/dovecot-news/2012-November/000235.html
was assigned CVE-2012-5620:
imap: Fixed crash when SEARCH contained multiple KEYWORD parameters.
Fix:
On Tue, Dec 04, 2012 at 05:59:37PM +0200, Timo Sirainen wrote:
Not a security hole. A user can crash his/her own session. As bad as issuing
a LOGOUT command. Completely pointless CVE.
Thanks for the clarification, I'll followup on the oss-security mailing
list to get the ID rejected.
Cheers,
Not a security hole. A user can crash his/her own session. As bad as issuing a
LOGOUT command. Completely pointless CVE.
On 4.12.2012, at 17.04, Moritz Muehlenhoff wrote:
Package: dovecot
Severity: grave
Tags: security
Justification: user security hole
This entry from
3 matches
Mail list logo