Security hole in ManageSieve: Virtual users can edit scripts of other virtual users

This bug was fixed in the package dovecot - 1:1.1.11-0ubuntu1

---------------
dovecot (1:1.1.11-0ubuntu1) jaunty; urgency=low

  [ Ante Karamatic ]
    Add new binary pkg dovecot-postfix that integrates postfix and dovecot
    automatically: (LP: #164837)
    - debian/control:
      + add new binary with short description.
    - debian/dovecot-postfix.postinst:
      + create initial certificate symlinks to snakeoil.
      + set up postfix with postconf to:
        - use Maildir/ as the default mailbox.
        - use dovecot as the sasl authentication server.
        - use dovecot LDA (deliver).
        - use tls for smtp{d} services.
      + restart postfix and dovecot.
    - debian/dovecot-postfix.postrm:
      + remove all dovecot related configuration from postfix.
      + restart postfix and dovecot.
    - debian/dovecot-common.init:
      + check if /etc/dovecot/dovecot-postfix.conf exists and use it
        as the configuration file if so.
    - debian/patches/warning-ubuntu-postfix.dpatch
      + add warning about dovecot-postfix.conf in dovecot default
        configuration file.
    - debian/patches/dovecot-postfix.conf.diff:
      + Ubuntu server custom changes to the default dovecot configuration for
        better integration with postfix:
        - enable imap, pop3, imaps, pop3s and managesieve by default.
        - enable dovecot LDA (deliver).
        - enable SASL auth socket in postfix private directory.
    - debian/rules:
      + copy, patch and install dovecot-postfix.conf in /etc/dovecot/.

  [ Mathias Gug ]
  * New upstream release:
  * Update dovecot-managesieve to 0.10.5. Fixes:
    - check if names of sieve scripts contain '/' (LP: #307291)
  * Update dovecot-managesieve patch for 1.1.11 and 0.10.5.
  * Update dovecot-sieve plugin to 1.1.6.
  * Merge from debian experimental, remaining changes:
    - Use Snakeoil SSL certificates by default.
      + debian/control: Depend on ssl-cert
      + debian/paptches/ssl-cert-snakeoil.dpatch: Change default SSL cert
        paths to snakeoil.
      + debian/dovecot-common.postinst: Relax grep for SSL_* a bit.
    - Add autopkgtest in debian/tests/*.
    - debian/dovecot-common.init: Check to see if there is an /etc/inetd.conf.
      (LP: #208411)
    - Fast TearDown: Update lsb init header to not stop in level 6.
    - Add status action to the init script:
      + debian/control: Depend on lsb >= 3.2.12ubuntu3.
      + debian/dovecot-common-init: Add the 'status' action (LP: #247096).
    - debian/rules:
      - Copy config.{guess,sub} after running libtoolize.
      - Clean dovecot-managesieve directory.
    - Add ufw integration:
      - Created debian/dovecot-common.ufw.profile
      - debian/rules:
        + install profile
      - debian/control
        + Suggest ufw
    - debian/{control,rules}: enable PIE hardening.
    - Updated dovecot.common.README.Debian with information on what has changed
      between 1.0 and 1.1.1. Fixes (LP: #257625)
    - dovecot-imapd, dovecot-pop3: Replaces dovecot-common (<< 1:1.1). LP: #254721.
    - debian/control:
      + Update Vcs-* headers.
  * debian/rules:
    - Create emtpy stamp.h.in files in dovecot-sieve/ and dovecot-managesi...