You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa dovecot

Sigurnosni nedostaci programskog paketa dovecot

by - 0
  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LUB

==========================================================================
Ubuntu Security Notice USN-4361-1
May 18, 2020

dovecot vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 20.04 LTS
– Ubuntu 19.10

Summary:

Several security issues were fixed in Dovecot.

Software Description:
– dovecot: IMAP and POP3 email server

Details:

Philippe Antoine discovered that Dovecot incorrectly handled certain data.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2020-10957, CVE-2020-10967)

Philippe Antoine discovered that Dovecot incorrectly handled certain data.
An attacker could possibly use this issue to cause a denial of service or execute
arbitrary code. (CVE-2020-10958)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 LTS:
dovecot-core 1:2.3.7.2-1ubuntu3.1

Ubuntu 19.10:
dovecot-core 1:2.3.4.1-5ubuntu3.1

In general, a standard system update will make all the necessary changes.

References:
https://usn.ubuntu.com/4361-1
CVE-2020-10957, CVE-2020-10958, CVE-2020-10967

Package Information:
https://launchpad.net/ubuntu/+source/dovecot/1:2.3.7.2-1ubuntu3.1
https://launchpad.net/ubuntu/+source/dovecot/1:2.3.4.1-5ubuntu3.1
—–BEGIN PGP SIGNATURE—–

iQIzBAABCgAdFiEEf+ebRFcoyOoAQoOeRbznW4QLH2kFAl7CiSYACgkQRbznW4QL
H2mQYQ//YN085creNHv+8Zi0xmVoauaBQM/UHn0L6QJsN0KoDQLtAscRvZhqSGi6
ZgY/KqGexW0tV7H9MG1Iyk3CcO5+PEx0q4SuJFjyLhjnqGpdPFYyKJYOsiWGQBQr
OVDL2fvM4mMyLVdJc/HWT45Nwtga1suQ+1kGz7iIHzvo1DFm/81+Vib5iYS4dxIi
OxoH5NI0Ki5Sv+bFU9hXwWiP05tlCym2x2wlX16QQhHoUFy1ECRtQmbME2arZh9Z
KKKLcbn2r8D/naZdgh9QUYyaCWCf4jiwaREmhbzOBDDJWx2NzPzTcXY0bzaHk0O4
W/B9zU6PGwvMRyU+JV3JOym6FL3MaY14uBNwMuemUO+tuDU4crPxbpx36gZNfRZ+
7lB4upwKkl2oWHgczhwZVlZCfB9fWXyJLrUJUP+glbGC9bd3Riccfmfoke1PA+ik
WFJWdmbabnGjQwvvgke1hMh+/LXQATMsiQ2n22GbeXfDuHmpJNXLDo1IvhrokxGs
QJTdU6cZyKDcBsTTHLSnpVvxtGoGtp+Smc4r9dKu8Kghow/eKlufsQ5sbJvzmJ2I
64K2ru1DcNLYD4Xep4uH5iP0NqZKAlTznW1STLHwiKLbtAZQBW/C56iuOAlnnXJm
v5MNI3QqHxva3lt1BD18T/a6UsK9Ef0qf/aRHiMTy7HgsbCh8UM=
=d8yY
—–END PGP SIGNATURE—–

AutorVlatka Misic
Cert idNCERT-REF-2020-05-0001-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
IzvorAdobe
Top
More in Preporuke
Sigurnosni nedostaci programskog paketa Red Hat build of Thorntail

Otkriven je veći broj sigurnosnih nedostataka u programskom paketu Red Hat build of Thorntail. Ovisno o tipu nedostatka potencijalni napadači...

Close