For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available. To learn more about Apple Product Security, see the Apple Product Security website.
For information about the Apple Product Security PGP Key, see "How to use the Apple Product Security PGP Key."
Where possible, CVE IDs are used to reference the vulnerabilities for further information.
To learn about other Security Updates, see "Apple Security Updates".
Mac OS X Server v10.6.5 (10H575)
Available for: Mac OS X Server v10.6 through v10.6.5 (10H574)
Impact: A user may receive mail intended for other users
Description: A memory aliasing issue in Dovecot's handling of user names exists in Mac OS X Server v10.6.5 (10H574). On systems configured with Dovecot as a mail server, a user may receive mail that was intended for other users. This issue is addressed through improved memory management. Dovecot is only provided with Mac OS X Server systems. This issue only affects systems running Mac OS X Server v10.6.5 (10H574). This issue does not affect the Dovecot open source project.