1e91555584
Fixes the following security issue:
* CVE-2019-7524: Missing input buffer size validation leads into
arbitrary buffer overflow when reading fts or pop3 uidl header
from Dovecot index. Exploiting this requires direct write access to
the index files.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit e3c53aa8a1
)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 lines
392 B
Plaintext
6 lines
392 B
Plaintext
# Locally computed after checking signature
|
|
sha256 d78f9d479e3b2caa808160f86bfec1c9c7b46344d8b14b88f5fa9bbbf8c7c33f dovecot-2.3.5.1.tar.gz
|
|
sha256 a363b132e494f662d98c820d1481297e6ae72f194c2c91b6c39e1518b86240a8 COPYING
|
|
sha256 dc626520dcd53a22f727af3ee42c770e56c97a64fe3adb063799d8ab032fe551 COPYING.LGPL
|
|
sha256 52b8c95fabb19575281874b661ef7968ea47e8f5d74ba0dd40ce512e52b3fc97 COPYING.MIT
|