Gentoo Linux Security Advisory GLSA 200812-16 - Multiple vulnerabilities were found in the Dovecot mailserver. Versions less than 1.1.7-r1 are affected.
469caccee3552d8a95b0ef10e4b692ab98806818590798925e276bd7f6bb66a0
Mandriva Linux Security Advisory 2008-232 - The ACL plugin in dovecot prior to version 1.1.4 treated negative access rights as though they were positive access rights, which allowed attackers to bypass intended access restrictions. The ACL plugin in dovecot prior to version 1.1.6 allowed attackers to bypass intended access restrictions by using the 'k' right to create unauthorized 'parent/child/child' mailboxes.
3dcb5d843d56558227e4581b0d21854b12e0ece4e41854a8044f583cb9217495