Hi! We are pleased to release Pigeonhole release v0.5.7.2 Tarball is available at https://pigeonhole.dovecot.org/releases/2.3/dovecot-2.3-pigeonhole-0.5.7.2.tar.gz https://pigeonhole.dovecot.org/releases/2.3/dovecot-2.3-pigeonhole-0.5.7.2.tar.gz.sig Binary packages are available at https://repo.dovecot.org/ Changes ------- * CVE-2019-11500: ManageSieve protocol parser does not properly handle NUL byte ? when scanning data in quoted strings, leading to out of bounds heap ? memory writes. Found by Nick Roessler and Rafi Rubin. --- Aki Tuomi Open-Xchange oy -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 484 bytes Desc: OpenPGP digital signature URL: <https://dovecot.org/pipermail/dovecot-news/attachments/20190828/f8102c12/attachment.sig>