AVG-954

Package dovecot
Status Fixed
Severity Medium
Type denial of service
Affected 2.3.5.2-1
Fixed 2.3.6-1
Current 2.3.7.1-1 [community]
Ticket None
Created Tue Apr 30 19:56:22 2019
Issue Severity Remote Type Description
CVE-2019-11499 Medium Yes Denial of service
Submission-login crashes when authentication is started over TLS secured channel and invalid authentication message is sent. This can lead to...
CVE-2019-11494 Medium Yes Denial of service
Submission-login crashes with signal 11 due to null pointer access when authentication is aborted by disconnecting. This can lead to denial-of service...
Date Advisory Package Description
06 May 2019 ASA-201905-6 dovecot denial of service
References
https://dovecot.org/doc/NEWS-2.3