First published: Thu May 19 2011(Updated: )
Dovecot has released version 1.2.17 [1] and 2.0.13 [2] to address a potential crash, and possibly mailbox corruption, when dovecot parsed header names that contained NUL characters. This was due to a pointer possibly pointing past allocated memory. An upstream patch [3] is available. [1] <a href="http://dovecot.org/pipermail/dovecot/2011-May/059086.html">http://dovecot.org/pipermail/dovecot/2011-May/059086.html</a> [2] <a href="http://dovecot.org/pipermail/dovecot/2011-May/059085.html">http://dovecot.org/pipermail/dovecot/2011-May/059085.html</a> [3] <a href="http://hg.dovecot.org/dovecot-1.1/rev/3698dfe0f21c">http://hg.dovecot.org/dovecot-1.1/rev/3698dfe0f21c</a>
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Dovecot Dovecot | =1.2.2 | |
Dovecot Dovecot | =1.2.7 | |
Dovecot Dovecot | =1.2.4 | |
Dovecot Dovecot | =1.2.9 | |
Dovecot Dovecot | =1.2.11 | |
Dovecot Dovecot | =1.2.1 | |
Dovecot Dovecot | =1.2.13 | |
Dovecot Dovecot | =1.2.8 | |
Dovecot Dovecot | =1.2.16 | |
Dovecot Dovecot | =1.2.6 | |
Dovecot Dovecot | =1.2.5 | |
Dovecot Dovecot | =1.2.10 | |
Dovecot Dovecot | =1.2.14 | |
Dovecot Dovecot | =1.2.3 | |
Dovecot Dovecot | =1.2.0 | |
Dovecot Dovecot | =1.2.15 | |
Dovecot Dovecot | =1.2.12 | |
Dovecot Dovecot | =2.0.9 | |
Dovecot Dovecot | =2.0-beta1 | |
Dovecot Dovecot | =2.0.7 | |
Dovecot Dovecot | =2.0.12 | |
Dovecot Dovecot | =2.0.4 | |
Dovecot Dovecot | =2.0.2 | |
Dovecot Dovecot | =2.0.1 | |
Dovecot Dovecot | =2.0.10 | |
Dovecot Dovecot | =2.0.11 | |
Dovecot Dovecot | =2.0.8 | |
Dovecot Dovecot | =2.0.3 | |
Dovecot Dovecot | =2.0.0 | |
Dovecot Dovecot | =2.0.5 | |
Dovecot Dovecot | =2.0.6 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.