search for: 09999999999u

...nt was sent through var_expand() to perform %variable expansion. Sending specially crafted %variable fields could result in excessive memory usage causing the process to crash (and restart), or excessive CPU usage causing all authentications to hang. Excessive memory usage could be done with e.g. %09999999999u as the username. Because by default Dovecot limits the auth process's VSZ and exits on any memory allocation failure, the auth process typically dies afterwards and is immediately restarted. This may result in some user authentications getting temporary internal failures. Excessive CPU usage c...