dovecot 1:2.3.11.3+dfsg1-1 source package in Debian
Changelog
dovecot (1:2.3.11.3+dfsg1-1) unstable; urgency=high
* New upstream release fixes security issues (Closes: #968302)
- CVE-2020-12100 - Receiving mail with deeply nested MIME parts leads to
resource exhaustion as Dovecot attempts to parse it.
- CVE-2020-12673 - Dovecot's NTLM implementation does not correctly check
message buffer size, which leads to reading past allocation which can
lead to crash.
- CVE-2020-12674 - Dovecot's RPA mechanism implementation accepts
zero-length message, which leads to assert-crash later on.
* Add libcap-dev to build-dependencies to support dropping linux
capabilities.
-- Noah Meyerhans <email address hidden> Thu, 13 Aug 2020 16:21:24 -0700
Upload details
- Uploaded by:
- Dovecot Maintainers
- Uploaded to:
- Sid
- Original maintainer:
- Dovecot Maintainers
- Architectures:
- any
- Section:
- Urgency:
- Very Urgent
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Builds
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| dovecot_2.3.11.3+dfsg1-1.dsc | 3.9 KiB | 84df09ca5b96968daf4b0e3df31c2c5a2e0733f27b2c25b83d2708dcf346878d |
| dovecot_2.3.11.3+dfsg1.orig-pigeonhole.tar.gz | 1.5 MiB | 73ffc0cff40b768f8dcf772957b58f3fe8b4a740ffe6fb6e9e66093aec41bc1c |
| dovecot_2.3.11.3+dfsg1.orig.tar.gz | 7.0 MiB | d3d9ea9010277f57eb5b9f4166a5d2ba539b172bd6d5a2b2529a6db524baafdc |
| dovecot_2.3.11.3+dfsg1.orig.tar.gz.asc | 866 bytes | fd73852972032af5e9b25992d94736d18460938ed21b9b6b10c9f77b5468ff89 |
| dovecot_2.3.11.3+dfsg1-1.debian.tar.xz | 59.0 KiB | 9e3c79b6f5555491bb9708eaa8596ee7d26da42ee7c6cca113b3fb18c4f61a1e |
Available diffs
No changes file available.
