dovecot 1:2.3.13+dfsg1-2 source package in Debian
Changelog
dovecot (1:2.3.13+dfsg1-2) unstable; urgency=high
* Import upstream fixes for security issues (Closes: #990566):
- CVE-2021-29157: Path traversal issue allowing an attacker with
access to the local filesystem can trick OAuth2 authentication into
using an HS256 validation key from an attacker-controlled location
- CVE-2021-33515: Sensitive information could be redirected to an
attacker-controlled address because of a STARTTLS command injection
bug in the submission service
-- Noah Meyerhans <email address hidden> Tue, 20 Jul 2021 08:05:19 -0700
Upload details
- Uploaded by:
- Dovecot Maintainers
- Uploaded to:
- Sid
- Original maintainer:
- Dovecot Maintainers
- Architectures:
- any
- Section:
- Urgency:
- Very Urgent
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Builds
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| dovecot_2.3.13+dfsg1-2.dsc | 3.9 KiB | 06bbe045c70fa904124a4bbd700d5b1a61418495cff4543a4a8d52138f5cf988 |
| dovecot_2.3.13+dfsg1.orig-pigeonhole.tar.gz | 1.5 MiB | 9bbd31b3d0b3ae75060b961b6a8911f7371b0938630913f12604d97d05c912ff |
| dovecot_2.3.13+dfsg1.orig.tar.gz | 7.1 MiB | a3f875b80ec11a452480690108660030978c94fa8e796ad6d943a874b496f1c4 |
| dovecot_2.3.13+dfsg1.orig.tar.gz.asc | 866 bytes | ef7653e5b866759bd94a94e758080025007bd502052705144ad8eae10e898f94 |
| dovecot_2.3.13+dfsg1-2.debian.tar.xz | 65.3 KiB | 251f757bca8b5050234d4f03452dcd5512656e1c880817d740832d3eccf67784 |
No changes file available.
