AVG-1162 log
| Package | dovecot |
| Status | Fixed |
| Severity | High |
| Type | multiple issues |
| Affected | 2.3.10-2 |
| Fixed | 2.3.10.1-1 |
| Current | 2.3.21.1-1 [extra] |
| Ticket | None |
| Created | Mon May 18 13:38:06 2020 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2020-10967 | Medium | Yes | Denial of service | A security issue has been found in Dovecot before 2.3.10.1 in the lmtp/submission component. An authenticated attacker could send an e-mail via the... |
| CVE-2020-10958 | High | Yes | Arbitrary code execution | A security issue has been found in Dovecot before 2.3.10.1 in the lmtp/submission component. Sending many invalid or unknown commands can cause the server... |
| CVE-2020-10957 | High | Yes | Denial of service | A NULL-pointer dereference issue has been found in Dovecot before 2.3.10.1 in the lmtp/submission component. A client can crash the server by sending a NOOP... |
| Date | Advisory | Package | Type |
|---|---|---|---|
| 19 May 2020 | ASA-202005-9 | dovecot | multiple issues |
| References |
|---|
https://dovecot.org/pipermail/dovecot-news/2020-May/000437.html https://dovecot.org/pipermail/dovecot-news/2020-May/000438.html |