Dovecot update to v1.2.17 [Case 50093]

**paneller** · 05-26-2011 09:50 PM

Dovecot 1.2.x before 1.2.17 and 2.0.x before 2.0.13 does not properly handle '\0' characters in header names, which allows remote attackers to cause a denial of service (daemon crash or mailbox corruption) via a crafted e-mail message.

CVE - CVE-2011-1929 (under review)

http://www.dovecot.org/doc/NEWS-1.2
http://www.dovecot.org/doc/NEWS-2.0

**cPanelDavidG** · 05-27-2011 10:07 AM

We are in the final stages of development on supporting Dovecot 1.2.17.

**cPanelDavidG** · 07-05-2011 11:30 AM

Since 11.30 is now in all release tiers, I am closing and archiving this request. If you experience any issues with this feature, feel welcome to submit a support ticket. If there is anything you would like to see added to the product, feel welcome to create a new Feature Request thread.

**cPanelDavidG** · 07-05-2011 11:56 AM

Update: 11.30 is not yet available to STABLE users still running 11.28. Sorry for any inconvenience. This thread will remain open.

**cPanelDavidG** · 07-14-2011 10:36 AM

Version 11.30 is now in STABLE, meaning this feature is now available in all update tiers. As a result, I am closing and archiving this thread.

LinkBack

Thread Tools

Dovecot update to v1.2.17 [Case 50093]

Re: Dovecot update to v1.2.17 [Case 50093]

Re: Dovecot update to v1.2.17 [Case 50093]

Re: Dovecot update to v1.2.17 [Case 50093]

Re: Dovecot update to v1.2.17 [Case 50093]

Do not update languages on Package modify [Case 51762]

Planned for 11.34 Dovecot Trash Mail [Case 11678]

Planned for 11.34 Update IP Blocks in /etc/mailproviders/rim/ips [Case 52622]

Dovecot Trash Mail [Case 11678]

Convert standard Dovecot to cPanel Dovecot