I've just bumped dovecot to 1.1.6. excerpt from the 1.1.6 release notes: --8<-- The invalid message address parsing bug is pretty important since it allows a remote user to send broken mail headers and prevent the recipient from accessing the mailbox afterwards, because the process will always just crash trying to parse the header. This is assuming that the IMAP client uses FETCH ENVELOPE command, not all do. Note that it doesn't affect versions older than v1.1.4. --8<--
Thanks. Setting whiteboard and CC'ing arches... Arches, please test and mark stable =net-mail/dovecot-1.1.6 Target keywords: alpha amd64 ppc sparc x86
amd64/x86 stable
ppc stable
alpha, sparc: *ping*
alpha/sparc stable
Ready for vote, I vote YES.
YES too, filed.
GLSA 200812-16, thanks everyone, sorry about the delay.