Downloads

Download Dovecot 2.3.5.2

By admin
Spread the love

Dovecot is a mail server with support for imap, pop3, ipv6, ssl and tls, and is partly under an MIT and partly under a Lgplv2.1 license. Maildir, mbox and the self-developed dbox format can be used to store mail messages. In addition, MTAs such as Postfix 2.3+ and Exim 4.64+ can perform their smtp authentication process at Dovecot without any intermediate steps. The developers have released version 2.3.5.2 with the following announcement:

Version 2.3.5.2 released

  • CVE-2019-10691: Trying to login with 8bit username containing invalid UTF8 input causes auth process to crash if auth policy is enabled. This could be used rather easily to cause a DoS. Similar crash also happens during mail delivery when using invalid UTF8 in From or Subject header when OX push notification driver is used.

Version 2.3.5.1 released

  • CVE-2019-7524: Missing input buffer size validation leads into arbitrary buffer overflow when reading fts or pop3 uidl header from Dovecot index. Exploiting this requires direct write access to the index files.

Version number 2.3.5.2
Release status Final
Operating systems Linux, BSD, macOS, Solaris, UNIX
Website dovecot
Download
License type Conditions (GNU/BSD/etc.)
You might also like
News

Rumor: Apple is working on its own applications based on a large language model

News

EU Council determines position on security requirements for digital products

News

Samsung develops first GDDR7 chips, mentions bandwidths of up to 32Gbit/s per pin

News

Logitech acquires stream controller maker Loupedeck

News

Anticheat FaceIT gets Linux version, enables Steam Deck support

News

Rumor: EU starts investigation into Microsoft for including Teams with Office