[월:] 2019년 08월

USN-4110-3: Dovecot regression Dovecot regression A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 19.04 Ubuntu 18.04 LTS Ubuntu 16.04 LTS Summary USN-4110-1 introduced a regression in Dovecot. Software Description dovecot – IMAP and POP3 email server Details USN-4110-1 fixed a vulnerability in Dovecot. The update introduced a regression causing a wrong check. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Nick Roessler and Rafi Rubin discovered that Dovecot incorrectly handled certain data. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 19.04 dovecot-core – 1:2.3.4.1-1ubuntu2.4 Ubuntu 18.04 LTS dovecot-core – 1:2.2.33.2-1ubuntu4.5 Ubuntu 16.04 LTS dovecot-core – 1:2.2.22-1ubuntu2.12 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. [ more… ]

USN-4110-2: Dovecot vulnerability dovecot vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 14.04 ESM Ubuntu 12.04 ESM Summary Dovecot could be made to crash or execute arbitrary code if it received a specially crafted data. Software Description dovecot – IMAP and POP3 email server Details USN-4110-1 fixed a vulnerability in Dovecot. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: Nick Roessler and Rafi Rubin discovered that Dovecot incorrectly handled certain data. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 ESM dovecot-core – 1:2.2.9-1ubuntu2.6+esm1 Ubuntu 12.04 ESM dovecot-core – 1:2.0.19-0ubuntu2.7 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. In [ more… ]

USN-4110-1: Dovecot vulnerability dovecot vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 19.04 Ubuntu 18.04 LTS Ubuntu 16.04 LTS Summary Dovecot could be made to crash or execute arbitrary code if it received a specially crafted data. Software Description dovecot – IMAP and POP3 email server Details Nick Roessler and Rafi Rubin discovered that Dovecot incorrectly handled certain data. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 19.04 dovecot-core – 1:2.3.4.1-1ubuntu2.3 Ubuntu 18.04 LTS dovecot-core – 1:2.2.33.2-1ubuntu4.4 Ubuntu 16.04 LTS dovecot-core – 1:2.2.22-1ubuntu2.11 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. In general, a standard system update will make all the necessary changes. References CVE-2019-11500 Source: USN-4110-1: Dovecot [ more… ]