On 30 Apr 2019, at 12:11, Aki Tuomi via dovecot wrote:
> On 30 April 2019 21:06 @lbutlr via dovecot < dovecot@dovecot.org> wrote:
>>
>> dovecot-2.3.5.1 is vulnerable:
>> dovecot -- json encoder crash
>> CVE: CVE-2019-10691
>
> We don't usually mention fixes for previous releases again.
Ah, I
> On April 30, 2019 at 12:06 PM "@lbutlr via dovecot"
> wrote:
>
> pkg adult shows the following, not mentioned in the changes:
>
> dovecot-2.3.5.1 is vulnerable:
> dovecot -- json encoder crash
> CVE: CVE-2019-10691
> WWW:
>
On 30 April 2019 21:06 @lbutlr via dovecot <
dovecot@dovecot.org> wrote:
On 30 Apr 2019, at 07:21, Aki Tuomi via dovecot <
dovecot@dovecot.org> wrote:
We are pleased to release Dovecot v2.3.6.
On 30 Apr 2019, at 07:21, Aki Tuomi via dovecot wrote:
> We are pleased to release Dovecot v2.3.6.
pkg adult shows the following, not mentioned in the changes:
dovecot-2.3.5.1 is vulnerable:
dovecot -- json encoder crash
CVE: CVE-2019-10691
WWW:
> On 30 April 2019 17:20 James via dovecot wrote:
>
>
> On 30/04/2019 14:21, Aki Tuomi via dovecot wrote:
>
> > https://dovecot.org/releases/2.3/dovecot-2.3.6.tar.gz
>
> Trivial but...
>
> "mail-index-transaction-update.c", line 198: void function cannot return
> value
>
>
> Thanks.
On 30/04/2019 14:21, Aki Tuomi via dovecot wrote:
https://dovecot.org/releases/2.3/dovecot-2.3.6.tar.gz
Trivial but...
"mail-index-transaction-update.c", line 198: void function cannot return
value
Thanks.
--- ../original/src/lib-index/mail-index-transaction-update.c 2019-04-30
Hi!
We are pleased to release Dovecot v2.3.6.
Tarball is available at
https://dovecot.org/releases/2.3/dovecot-2.3.6.tar.gz
https://dovecot.org/releases/2.3/dovecot-2.3.6.tar.gz.sig
Binary packages are available at https://repo.dovecot.org/
Changes
---
* CVE-2019-11494: Submission-login
Hi!
We are pleased to release Dovecot v2.3.6.
Tarball is available at
https://dovecot.org/releases/2.3/dovecot-2.3.6.tar.gz
https://dovecot.org/releases/2.3/dovecot-2.3.6.tar.gz.sig
Binary packages are available at https://repo.dovecot.org/
Changes
---
* CVE-2019-11494: Submission-login
