AVG-1027 log
| Package | pigeonhole |
| Status | Fixed |
| Severity | Critical |
| Type | arbitrary code execution |
| Affected | 0.5.7.1-1 |
| Fixed | 0.5.7.2-1 |
| Current | 0.5.21.1-1 [extra] |
| Ticket | None |
| Created | Wed Aug 28 12:38:58 2019 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2019-11500 | Critical | Yes | Arbitrary code execution | IMAP and ManageSieve protocol parsers in Dovecot before 2.3.7.2 and Pigeonhole before 0.5.7.2 do not properly handle NUL byte when scanning data in quoted... |
| Date | Advisory | Package | Type |
|---|---|---|---|
| 28 Aug 2019 | ASA-201908-19 | pigeonhole | arbitrary code execution |
| References |
|---|
https://dovecot.org/pipermail/dovecot-news/2019-August/000417.html |