mirror of
https://github.com/motioneye-project/motioneyeos.git
synced 2025-04-21 13:57:16 +00:00
5fcaff911d
Fixes the following security issue: * CVE-2019-10691: Trying to login with 8bit username containing invalid UTF8 input causes auth process to crash if auth policy is enabled. This could be used rather easily to cause a DoS. Similar crash also happens during mail delivery when using invalid UTF8 in From or Subject header when OX push notification driver is used. https://dovecot.org/pipermail/dovecot-news/2019-April/000406.html Signed-off-by: Peter Korsgaard <peter@korsgaard.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit 89c7e417ede23c9f3583391a882c10d825527727) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>