Secure imap and pop3 server
8f461376e7
have resulted in excessive CPU usage or a crash due to running out of stack memory. CVE-2020-12673: Dovecot's NTLM implementation does not correctly check message buffer size, which leads to reading past allocation which can lead to crash. CVE-2020-10967: lmtp/submission: Issuing the RCPT command with an address that has the empty quoted string as local-part causes the lmtp service to crash. CVE-2020-12674: Dovecot's RPA mechanism implementation accepts zero-length message, which leads to assert-crash later on. |
||
---|---|---|
.gitignore | ||
dovecot-1.0.beta2-mkcert-permissions.patch | ||
dovecot-1.0.rc7-mkcert-paths.patch | ||
dovecot-2.0-defaultconfig.patch | ||
dovecot-2.1-privatetmp.patch | ||
dovecot-2.1.4-postreleasefix.patch | ||
dovecot-2.1.10-waitonline.patch | ||
dovecot-2.2-80ed82a93c1a.patch | ||
dovecot-2.2.20-initbysystemd.patch | ||
dovecot-2.2.22-systemd_w_protectsystem.patch | ||
dovecot-2.3.0.1-libxcrypt.patch | ||
dovecot.conf.5 | ||
dovecot.init | ||
dovecot.pam | ||
dovecot.spec | ||
dovecot.sysconfig | ||
dovecot.tmpfilesd | ||
prestartscript | ||
sources |