pigeonhole
| Link | package | bugs open | bugs closed | Wiki | GitHub | web search |
| Description | Sieve implementation for Dovecot |
| Version | 2.4.2-2 [extra] |
Resolved
| Group | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|
| AVG-2088 | 0.5.14-1 | 0.5.15-1 | Medium | Fixed | |
| AVG-1027 | 0.5.7.1-1 | 0.5.7.2-1 | Critical | Fixed |
| Issue | Group | Severity | Remote | Type | Description |
|---|---|---|---|---|---|
| CVE-2020-28200 | AVG-2088 | Medium | Yes | Denial of service | A security issue has been found in Pigeonhole before version 0.5.15. The Sieve interpreter is not protected against abusive scripts that claim excessive... |
| CVE-2019-11500 | AVG-1027 | Critical | Yes | Arbitrary code execution | IMAP and ManageSieve protocol parsers in Dovecot before 2.3.7.2 and Pigeonhole before 0.5.7.2 do not properly handle NUL byte when scanning data in quoted... |
Advisories
| Date | Advisory | Group | Severity | Type |
|---|---|---|---|---|
| 22 Jun 2021 | ASA-202106-57 | AVG-2088 | Medium | denial of service |
| 28 Aug 2019 | ASA-201908-19 | AVG-1027 | Critical | arbitrary code execution |