Not a security hole. A user can crash his/her own session. As bad as issuing a
LOGOUT command. Completely pointless CVE.
On 4.12.2012, at 17.04, Moritz Muehlenhoff wrote:
> Package: dovecot
> Severity: grave
> Tags: security
> Justification: user security hole
>
> This entry from
> http://www.
On Tue, Dec 04, 2012 at 05:59:37PM +0200, Timo Sirainen wrote:
> Not a security hole. A user can crash his/her own session. As bad as issuing
> a LOGOUT command. Completely pointless CVE.
Thanks for the clarification, I'll followup on the oss-security mailing
list to get the ID rejected.
Cheers,
Package: dovecot
Severity: grave
Tags: security
Justification: user security hole
This entry from
http://www.dovecot.org/list/dovecot-news/2012-November/000235.html
was assigned CVE-2012-5620:
> imap: Fixed crash when SEARCH contained multiple KEYWORD parameters.
Fix:
http://hg.dovecot.org/dov
3 matches
Mail list logo
