similar to: Dovecot 2.3.11.4 - Centos 6&7 packages

Hi! We are excited to announce that we are now providing packages for Ubuntu 18.04 (Bionic). Please find instructions on how to use them at https://repo.dovecot.org/ Aki Tuomi Open-Xchange Oy

We are happy to announce that we have CentOS 8 packages available starting from v2.3.11.3. You can find these packages at https://repo.dovecot.org/ Regards, Aki Tuomi Open-Xchange oy -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 488 bytes Desc: OpenPGP digital signature URL:

We are happy to announce that we have CentOS 8 packages available starting from v2.3.11.3. You can find these packages at https://repo.dovecot.org/ Regards, Aki Tuomi Open-Xchange oy -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 488 bytes Desc: OpenPGP digital signature URL:

https://dovecot.org/releases/2.3/dovecot-2.3.5.1.tar.gz https://dovecot.org/releases/2.3/dovecot-2.3.5.1.tar.gz.sig Binary packages in https://repo.dovecot.org/ ??? * CVE-2019-7524: Missing input buffer size validation leads into ????? arbitrary buffer overflow when reading fts or pop3 uidl header ????? from Dovecot index. Exploiting this requires direct write access to ????? the index files.

https://dovecot.org/releases/2.3/dovecot-2.3.5.1.tar.gz https://dovecot.org/releases/2.3/dovecot-2.3.5.1.tar.gz.sig Binary packages in https://repo.dovecot.org/ ??? * CVE-2019-7524: Missing input buffer size validation leads into ????? arbitrary buffer overflow when reading fts or pop3 uidl header ????? from Dovecot index. Exploiting this requires direct write access to ????? the index files.

Hi! We have now buster packages available starting from 2.3.8. You can find them from https://repo.dovecot.org/ In related news, we are planning on dropping packages for Debian Jessie, Ubuntu 18 and CentOS6 starting from 2.3.9. --- Aki Tuomi Open-Xchange oy -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size:

Hi! We have now buster packages available starting from 2.3.8. You can find them from https://repo.dovecot.org/ In related news, we are planning on dropping packages for Debian Jessie, Ubuntu 18 and CentOS6 starting from 2.3.9. --- Aki Tuomi Open-Xchange oy -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size:

https://dovecot.org/releases/2.2/dovecot-2.2.36.1.tar.gz https://dovecot.org/releases/2.2/dovecot-2.2.36.1.tar.gz.sig ??? * CVE-2019-3814: If imap/pop3/managesieve/submission client has ??? ? trusted certificate with missing username field ??? ? (ssl_cert_username_field), under some configurations Dovecot ??? ? mistakenly trusts the username provided via authentication instead ??? ? of failing.

https://dovecot.org/releases/2.2/dovecot-2.2.36.1.tar.gz https://dovecot.org/releases/2.2/dovecot-2.2.36.1.tar.gz.sig ??? * CVE-2019-3814: If imap/pop3/managesieve/submission client has ??? ? trusted certificate with missing username field ??? ? (ssl_cert_username_field), under some configurations Dovecot ??? ? mistakenly trusts the username provided via authentication instead ??? ? of failing.

<!doctype html> <html> <head> <meta charset="UTF-8"> </head> <body> <div> Hi, </div> <div> <br> </div> <div> as per our EOL statement 2.2.36 receives security and critical updates. That said, we decided to flush few annoying bugs with .1 release. </div> <div> <br>

Hi all! We are pleased to release v0.5.19 of Pigeonhole. This release is done to maintain parity with dovecot 2.3.19 release, so it does not contain any news-worthy changes. https://pigeonhole.dovecot.org/releases/2.3/dovecot-2.3-pigeonhole-0.5.18.tar.gz https://pigeonhole.dovecot.org/releases/2.3/dovecot-2.3-pigeonhole-0.5.18.tar.gz Binary packages in https://repo.dovecot.org/ Docker images in

Hi all! We are pleased to release v0.5.19 of Pigeonhole. This release is done to maintain parity with dovecot 2.3.19 release, so it does not contain any news-worthy changes. https://pigeonhole.dovecot.org/releases/2.3/dovecot-2.3-pigeonhole-0.5.18.tar.gz https://pigeonhole.dovecot.org/releases/2.3/dovecot-2.3-pigeonhole-0.5.18.tar.gz Binary packages in https://repo.dovecot.org/ Docker images in

https://dovecot.org/releases/2.3/dovecot-2.2.36.3.tar.gz https://dovecot.org/releases/2.3/dovecot-2.2.36.3.tar.gz.sig ??? * CVE-2019-7524: Missing input buffer size validation leads into ????? arbitrary buffer overflow when reading fts or pop3 uidl header ????? from Dovecot index. Exploiting this requires direct write access to ????? the index files. --- Aki Tuomi Open-Xchange oy

https://dovecot.org/releases/2.3/dovecot-2.2.36.3.tar.gz https://dovecot.org/releases/2.3/dovecot-2.2.36.3.tar.gz.sig ??? * CVE-2019-7524: Missing input buffer size validation leads into ????? arbitrary buffer overflow when reading fts or pop3 uidl header ????? from Dovecot index. Exploiting this requires direct write access to ????? the index files. --- Aki Tuomi Open-Xchange oy

for some reason Aki's posts are not making it to my GMail account from this list. Any idea why? On Tue, Feb 5, 2019 at 10:04 AM Eric Broch <ebroch at whitehorsetc.com> wrote: > Thank you! > On 2/5/2019 8:43 AM, Aki Tuomi wrote: > > Hi, > > as per our EOL statement 2.2.36 receives security and critical updates. > That said, we decided to flush few annoying bugs

We are pleased to release v2.3.9.2 of Dovecot. Please find it from locations below https://dovecot.org/releases/2.3/dovecot-2.3.9.2.tar.gz https://dovecot.org/releases/2.3/dovecot-2.3.9.2.tar.gz.sig Binary packages in https://repo.dovecot.org/ Docker images in https://hub.docker.com/r/dovecot/dovecot --- - Mails with empty From/To headers can also cause crash in push notification drivers. ---

We are pleased to release v2.3.9.2 of Dovecot. Please find it from locations below https://dovecot.org/releases/2.3/dovecot-2.3.9.2.tar.gz https://dovecot.org/releases/2.3/dovecot-2.3.9.2.tar.gz.sig Binary packages in https://repo.dovecot.org/ Docker images in https://hub.docker.com/r/dovecot/dovecot --- - Mails with empty From/To headers can also cause crash in push notification drivers. ---

We are pleased to release first release candidate for v0.5.14. We have done changes to packaging so please give us any feedback on how it works. https://pigeonhole.dovecot.org/releases/2.3/dovecot-2.3-pigeonhole-0.5.17.tar.gz https://pigeonhole.dovecot.org/releases/2.3/dovecot-2.3-pigeonhole-0.5.17.tar.gz.sig Binary packages in https://repo.dovecot.org/ Docker images in

We are pleased to release first release candidate for v0.5.14. We have done changes to packaging so please give us any feedback on how it works. https://pigeonhole.dovecot.org/releases/2.3/dovecot-2.3-pigeonhole-0.5.17.tar.gz https://pigeonhole.dovecot.org/releases/2.3/dovecot-2.3-pigeonhole-0.5.17.tar.gz.sig Binary packages in https://repo.dovecot.org/ Docker images in

Hi everyone! Due to a severe bug in doveadm deduplicate, we are releasing patch release 2.3.19.1. Please find it at locations below: https://dovecot.org/releases/2.3/dovecot-2.3.19.1.tar.gz https://dovecot.org/releases/2.3/dovecot-2.3.19.1.tar.gz.sig Binary packages in https://repo.dovecot.org/ Docker images in https://hub.docker.com/r/dovecot/dovecot Aki Tuomi Open-Xchange oy --- - doveadm