pigeonhole

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Sieve implementation for Dovecot
Version 0.5.16-1 [community]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-2088 0.5.14-1 0.5.15-1 Medium Fixed
AVG-1027 0.5.7.1-1 0.5.7.2-1 Critical Fixed
Issue Group Severity Remote Type Description
CVE-2020-28200 AVG-2088 Medium Yes Denial of service
A security issue has been found in Pigeonhole before version 0.5.15. The Sieve interpreter is not protected against abusive scripts that claim excessive...
CVE-2019-11500 AVG-1027 Critical Yes Arbitrary code execution
IMAP and ManageSieve protocol parsers in Dovecot before 2.3.7.2 and Pigeonhole before 0.5.7.2 do not properly handle NUL byte when scanning data in quoted...

Advisories

Date Advisory Group Severity Type
22 Jun 2021 ASA-202106-57 AVG-2088 Medium denial of service
28 Aug 2019 ASA-201908-19 AVG-1027 Critical arbitrary code execution