dovecot 1:2.3.4.1-5ubuntu1 source package in Ubuntu
Changelog
dovecot (1:2.3.4.1-5ubuntu1) eoan; urgency=medium * Merge with Debian unstable. Remaining changes: - carry mail-stack-delivery as empty transitional package * Dropped: - SECURITY UPDATE: stack overflow when reading FTS or POP3-UIDL header + debian/patches/CVE-2019-7524-1.patch: fix buffer overflow when reading oversized hdr-pop3-uidl header in src/lib-storage/index/index-pop3-uidl.c. + debian/patches/CVE-2019-7524-2.patch: fix buffer overflow when reading oversized fts header in src/plugins/fts/fts-api.c. + CVE-2019-7524 [Fixed in 1:2.3.4.1-3] - SECURITY UPDATE: JSON encoder assert DoS + debian/patches/CVE-2019-10691.patch: escape invalid UTF-8 as unicode bytes in src/lib/json-parser.c, src/lib/test-json-parser.c. + CVE-2019-10691 [Fixed in 1:2.3.4.1-4] - SECURITY UPDATE: submission-login denial of service issues + debian/patches/CVE-2019-1149x-1.patch: remove unused client->pending_starttls in src/submission-login/client.h. + debian/patches/CVE-2019-1149x-2.patch: fix crash occurring when client disconnects during authentication in src/submission-login/client-authenticate.c, src/submission-login/client.c. + debian/patches/CVE-2019-1149x-3.patch: fix AUTH response error handling so that it stops reading more input in src/lib-smtp/smtp-server-cmd-auth.c. + CVE-2019-11494 + CVE-2019-11499 [Fixed in 1:2.3.4.1-5] dovecot (1:2.3.4.1-5) unstable; urgency=medium * [bd00402] Fix CVE-2019-11494 and CVE-2019-11499 (Closes: #928235) - submission-login: fix null pointer dereference when client disconnects during authentication (CVE-2019-11494) - submission-login: fix assert-crash when receiving an invalid authentication message over TLS (CVE-2019-11499) dovecot (1:2.3.4.1-4) unstable; urgency=high * [d04d4ba] Fix assert-crash in JSON encoder (CVE-2019-10691) dovecot (1:2.3.4.1-3) unstable; urgency=high * [07c9212] Fix two buffer overflows when reading oversized FTS headers and/or oversized POP3-UIDL headers (CVE-2019-7524). dovecot (1:2.3.4.1-2) unstable; urgency=medium [ Laurent Bigonville ] * [ac99918] Fix double-free crash in mysql driver Fix double closing of the connection in the mysql driver, this should fix the crash in the dovecot auth process, taken from upstream. (Closes: #918339) [ Apollon Oikonomopoulos ] * [8a30446] Bump Standards-Version to 4.3.0; no changes needed -- Bryce Harrington <email address hidden> Fri, 03 May 2019 12:02:04 -0700
Upload details
- Uploaded by:
- Bryce Harrington
- Uploaded to:
- Eoan
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- Urgency:
- Very Urgent
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
dovecot_2.3.4.1.orig.tar.gz | 6.6 MiB | b8873e2ce5c33e58963bb7a8d2ff8427c09dbfdd63e13a0b0f4502864043aa07 |
dovecot_2.3.4.1-5ubuntu1.debian.tar.xz | 526.4 KiB | 20741c727d64061c942ca09596ae9c8698ff77acd8df59f2c964480d51eed1cf |
dovecot_2.3.4.1-5ubuntu1.dsc | 3.4 KiB | 443940f9b36c067df84cf4d8cbde03d17b47c36d7a0bf1d06c4664cf8f60894e |
Available diffs
Binary packages built by this source
- dovecot-auth-lua: No summary available for dovecot-auth-lua in ubuntu eoan.
No description available for dovecot-auth-lua in ubuntu eoan.
- dovecot-auth-lua-dbgsym: No summary available for dovecot-auth-lua-dbgsym in ubuntu eoan.
No description available for dovecot-
auth-lua- dbgsym in ubuntu eoan.
- dovecot-core: No summary available for dovecot-core in ubuntu eoan.
No description available for dovecot-core in ubuntu eoan.
- dovecot-core-dbgsym: No summary available for dovecot-core-dbgsym in ubuntu eoan.
No description available for dovecot-core-dbgsym in ubuntu eoan.
- dovecot-dev: No summary available for dovecot-dev in ubuntu eoan.
No description available for dovecot-dev in ubuntu eoan.
- dovecot-gssapi: No summary available for dovecot-gssapi in ubuntu eoan.
No description available for dovecot-gssapi in ubuntu eoan.
- dovecot-gssapi-dbgsym: No summary available for dovecot-gssapi-dbgsym in ubuntu eoan.
No description available for dovecot-
gssapi- dbgsym in ubuntu eoan.
- dovecot-imapd: No summary available for dovecot-imapd in ubuntu eoan.
No description available for dovecot-imapd in ubuntu eoan.
- dovecot-imapd-dbgsym: No summary available for dovecot-imapd-dbgsym in ubuntu eoan.
No description available for dovecot-
imapd-dbgsym in ubuntu eoan.
- dovecot-ldap: No summary available for dovecot-ldap in ubuntu eoan.
No description available for dovecot-ldap in ubuntu eoan.
- dovecot-ldap-dbgsym: No summary available for dovecot-ldap-dbgsym in ubuntu eoan.
No description available for dovecot-ldap-dbgsym in ubuntu eoan.
- dovecot-lmtpd: No summary available for dovecot-lmtpd in ubuntu eoan.
No description available for dovecot-lmtpd in ubuntu eoan.
- dovecot-lmtpd-dbgsym: No summary available for dovecot-lmtpd-dbgsym in ubuntu eoan.
No description available for dovecot-
lmtpd-dbgsym in ubuntu eoan.
- dovecot-lucene: No summary available for dovecot-lucene in ubuntu eoan.
No description available for dovecot-lucene in ubuntu eoan.
- dovecot-lucene-dbgsym: No summary available for dovecot-lucene-dbgsym in ubuntu eoan.
No description available for dovecot-
lucene- dbgsym in ubuntu eoan.
- dovecot-managesieved: No summary available for dovecot-managesieved in ubuntu eoan.
No description available for dovecot-
managesieved in ubuntu eoan.
- dovecot-managesieved-dbgsym: No summary available for dovecot-managesieved-dbgsym in ubuntu eoan.
No description available for dovecot-
managesieved- dbgsym in ubuntu eoan.
- dovecot-mysql: No summary available for dovecot-mysql in ubuntu eoan.
No description available for dovecot-mysql in ubuntu eoan.
- dovecot-mysql-dbgsym: No summary available for dovecot-mysql-dbgsym in ubuntu eoan.
No description available for dovecot-
mysql-dbgsym in ubuntu eoan.
- dovecot-pgsql: No summary available for dovecot-pgsql in ubuntu eoan.
No description available for dovecot-pgsql in ubuntu eoan.
- dovecot-pgsql-dbgsym: No summary available for dovecot-pgsql-dbgsym in ubuntu eoan.
No description available for dovecot-
pgsql-dbgsym in ubuntu eoan.
- dovecot-pop3d: No summary available for dovecot-pop3d in ubuntu eoan.
No description available for dovecot-pop3d in ubuntu eoan.
- dovecot-pop3d-dbgsym: No summary available for dovecot-pop3d-dbgsym in ubuntu eoan.
No description available for dovecot-
pop3d-dbgsym in ubuntu eoan.
- dovecot-sieve: No summary available for dovecot-sieve in ubuntu eoan.
No description available for dovecot-sieve in ubuntu eoan.
- dovecot-sieve-dbgsym: No summary available for dovecot-sieve-dbgsym in ubuntu eoan.
No description available for dovecot-
sieve-dbgsym in ubuntu eoan.
- dovecot-solr: No summary available for dovecot-solr in ubuntu eoan.
No description available for dovecot-solr in ubuntu eoan.
- dovecot-solr-dbgsym: No summary available for dovecot-solr-dbgsym in ubuntu eoan.
No description available for dovecot-solr-dbgsym in ubuntu eoan.
- dovecot-sqlite: No summary available for dovecot-sqlite in ubuntu eoan.
No description available for dovecot-sqlite in ubuntu eoan.
- dovecot-sqlite-dbgsym: No summary available for dovecot-sqlite-dbgsym in ubuntu eoan.
No description available for dovecot-
sqlite- dbgsym in ubuntu eoan.
- dovecot-submissiond: No summary available for dovecot-submissiond in ubuntu eoan.
No description available for dovecot-submissiond in ubuntu eoan.
- dovecot-submissiond-dbgsym: No summary available for dovecot-submissiond-dbgsym in ubuntu eoan.
No description available for dovecot-
submissiond- dbgsym in ubuntu eoan.
- mail-stack-delivery: No summary available for mail-stack-delivery in ubuntu eoan.
No description available for mail-stack-delivery in ubuntu eoan.