NEWS: Add NEWS for 2.3.11.2

author Aki Tuomi <aki.tuomi@open-xchange.com>

Tue, 28 Jul 2020 08:02:06 +0000 (11:02 +0300)

committer Aki Tuomi <aki.tuomi@open-xchange.com>

Fri, 11 Dec 2020 10:51:51 +0000 (12:51 +0200)
author Aki Tuomi <aki.tuomi@open-xchange.com>
Tue, 28 Jul 2020 08:02:06 +0000 (11:02 +0300)
committer Aki Tuomi <aki.tuomi@open-xchange.com>
Fri, 11 Dec 2020 10:51:51 +0000 (12:51 +0200)
diff --git a/NEWS b/NEWS

index dc7281be7c99d15cd37f7945ac9206cabb8ae424..98a5dc67ab12c2684fcd2fe0ac2c175c3a05f3f1 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -1,3 +1,13 @@
+v2.3.11.2 2020-07-13   Aki Tuomi <aki.tuomi@open-xchange.com>
+
+       - auth: Lua passdb/userdb leaks stack elements per call, eventually
+         causing the stack to become too deep and crashing the auth or
+         auth-worker process.
+       - lib-mail: v2.3.11 regression: MIME parts not returned correctly by
+         Dovecot MIME parser.
+       - pop3-login: Login would fail with "Input buffer full" if the initial
+         response for SASL was too long.
+
  v2.3.11 2020-06-17  Aki Tuomi <aki.tuomi@open-xchange.com>
  
         * CVE-2020-12100: Parsing mails with a large number of MIME parts could
author	Aki Tuomi <aki.tuomi@open-xchange.com>
	Tue, 28 Jul 2020 08:02:06 +0000 (11:02 +0300)
committer	Aki Tuomi <aki.tuomi@open-xchange.com>
	Fri, 11 Dec 2020 10:51:51 +0000 (12:51 +0200)