-
Sat Aug 08 2020 Michal Hlavinka <mhlavink@redhat.com> - 1:2.3.8-2.2
- fix CVE-2020-12100 resource exhaustion via deeply nested MIME parts (#1866755)
- fix CVE-2020-12673 out of bound reads in dovecot NTLM implementation (#1866760)
- fix CVE-2020-12674 crash due to assert in RPA implementation (#1866767)
-
Fri Jun 05 2020 Michal Hlavinka <mhlavink@redhat.com> - 1:2.3.8-2.1
- fix CVE-2020-10957: malformed NOOP commands leads to DoS (#1840353)
-
Thu Jan 09 2020 Michal Hlavinka <mhlavink@redhat.com> - 1:2.3.8-2
- fix default attributes for ghost files
-
Tue Nov 19 2019 Michal Hlavinka <mhlavink@redhat.com> - 1:2.3.8-1
- dovecot updated to 2.3.8 with pigeonhole updated to 0.5.8 (#1653117)
-
Thu Aug 29 2019 Michal Hlavinka <mhlavink@redhat.com> - 1:2.2.36-10
- fix CVE-2019-11500: IMAP protocol parser does not properly handle NUL byte
when scanning data in quoted strings, leading to out of bounds heap
memory writes (#1741788)
-
Fri Aug 23 2019 Michal Hlavinka <mhlavink@redhat.com> - 1:2.2.36-9
- reset errno before iterating through users (#1630410)
-
Mon Jun 17 2019 Michal Hlavinka <mhlavink@redhat.com> - 1:2.2.36-8
- fix CVE-2019-3814: improper certificate validation (#1674370)
-
Fri Jun 14 2019 Michal Hlavinka <mhlavink@redhat.com> - 1:2.2.36-7
- do not print error message when restorecon is not present
during install (#1626395)
- change default config to use minimal UID = 1000 (#1630410)
-
Mon Jun 10 2019 Michal Hlavinka <mhlavink@redhat.com> - 1:2.2.36-6
- use OpenSSl implementation of HMAC, disable CRAM-MD5 when FIPS is enabled (#1618749)
-
Tue Oct 16 2018 Michal Hlavinka <mhlavink@redhat.com> - 1:2.2.36-5
- make key not that bigger (#1618714)