NEWS: Add news for 2.3.9.3

author Aki Tuomi <aki.tuomi@open-xchange.com>

Thu, 23 Jan 2020 18:26:29 +0000 (20:26 +0200)

committer Aki Tuomi <aki.tuomi@open-xchange.com>

Thu, 13 Feb 2020 10:20:50 +0000 (12:20 +0200)
author Aki Tuomi <aki.tuomi@open-xchange.com>
Thu, 23 Jan 2020 18:26:29 +0000 (20:26 +0200)
committer Aki Tuomi <aki.tuomi@open-xchange.com>
Thu, 13 Feb 2020 10:20:50 +0000 (12:20 +0200)
diff --git a/NEWS b/NEWS

index 59a685365aa4e61cc67ad3a004f010df5ead4902..7fef87963566f718ceec057a4bcda6412cf2daef 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -1,3 +1,9 @@
+v2.3.9.3 2019-02-12  Aki Tuomi <aki.tuomi@open-xchange.com>
+
+       * CVE-2020-7046: Truncated UTF-8 can be used to DoS
+         submission-login and lmtp processes.
+       * CVE-2020-7957: Specially crafted mail can crash snippet generation.
+
  v2.3.9.2 2019-12-13  Aki Tuomi <aki.tuomi@open-xchange.com>
  
         - Mails with empty From/To headers can also cause crash
author	Aki Tuomi <aki.tuomi@open-xchange.com>
	Thu, 23 Jan 2020 18:26:29 +0000 (20:26 +0200)
committer	Aki Tuomi <aki.tuomi@open-xchange.com>
	Thu, 13 Feb 2020 10:20:50 +0000 (12:20 +0200)