What's Changed
- Update dependency nextcloud/server to v26.0.2 by @renovate in #5254
- [Dovecot] remove pass return in Dovecot lua auth by @FreddleSpl0it in 67510ad
- [Dovecot] Update to 1.24 by @DerLinkman in f82aba3
- Changed maintainers to tinc (Dockerfiles) by @DerLinkman in 70aab75
Information about 2023-05a
This update contains a fix for a critical password change vulnerability in Dovecot (IMAP/POP3). We will release an official CVE in a few days (up to a week from now) with a detailed explanation and proof of concept for exploiting this desired security issue.
We strongly recommend that you update to 2023-05a ASAP as this problem persists for a longer period of time (before 2020).
Please check the linked CVE regarding this issue: Will be announced
Full Changelog: 2023-05...2023-05a