Skip to content
Snippets Groups Projects
Commit ab56f331 authored by Aki Tuomi's avatar Aki Tuomi
Browse files

NEWS: Add news for 0.5.15

parent 837bd100
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 14 additions and 0 deletions
NEWS
+ 14
0
View file @ ab56f331
v0.5.15 2021-05-27 Aki Tuomi <aki.tuomi@open-xchange.com>
* CVE-2020-28200: Sieve interpreter is not protected against abusive
scripts that claim excessive resource usage. Fixed by limiting the
user CPU time per single script execution and cumulatively over
several script runs within a configurable timeout period. Sufficiently
large CPU time usage is summed in the Sieve script binary and execution
is blocked when the sum exceeds the limit within that time. The block
is lifted when the script is updated after the resource usage times out.
* Disconnection log messages are now more standardized across services.
They also always now start with "Disconnected" prefix.
- managesieve: Commands pipelined together with and just after the
authenticate command cause these commands to be executed twice.
v0.5.14 2021-03-04 Aki Tuomi <aki.tuomi@open-xchange.com>
* IMAP FILTER command: cmd-filter-sieve - Do not allow NIL as
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

Consent

On this website, we use the web analytics service Matomo to analyze and review the use of our website. Through the collected statistics, we can improve our offerings and make them more appealing for you. Here, you can decide whether to allow us to process your data and set corresponding cookies for these purposes, in addition to technically necessary cookies. Further information on data protection—especially regarding "cookies" and "Matomo"—can be found in our privacy policy. You can withdraw your consent at any time.