Bug 46481 - dovecot: Multiple issues (4.2)
dovecot: Multiple issues (4.2)
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: Security updates
UCS 4.2
All Linux
: P3 normal (vote)
: UCS 4.2-3-errata
Assigned To: Philipp Hahn
Arvid Requate
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2018-03-05 10:30 CET by Philipp Hahn
Modified: 2018-04-18 14:15 CEST (History)
1 user (show)

See Also:
What kind of report is it?: Security Issue
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Ticket number:
Bug group (optional):
Max CVSS v3 score: 7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Philipp Hahn univentionstaff 2018-03-05 10:30:46 CET
New Debian dovecot 1:2.2.13-12~deb8u4 fixes:
This update addresses the following issues:
* An abort of SASL authentication results in a memory leak in dovecot's auth
  client used by login processes. The leak has impact in high performance
  configuration where same login processes are reused and can cause the
  process to crash due to memory exhaustion. (CVE-2017-15132)
* A specially crafted email delivered over SMTP and passed on to Dovecot by
  MTA can trigger an out of bounds read resulting in potential sensitive
  information disclosure and denial of service. In order to trigger this
  vulnerability, an attacker needs to send a specially crafted email message
  to the server. (CVE-2017-14461)
* An attacker able to generate random SNI server names could exploit TLS SNI
  configuration lookups, leading to excessive memory usage and the process to
  restart. (CVE-2017-15130)

CVE-2017-15132 dovecot: Auth leaks memory if SASL authentication is aborted
CVE-2017-14461 dovecot: Information Leak Vulnerability in rfc822_parse_domain leading to denial-of-service
CVE-2017-15130 dovecot: TLS SNI config lookups are inefficient and can be used for DoS
Comment 1 Philipp Hahn univentionstaff 2018-03-05 11:26:24 CET
[4.2-3] e30344e418 Bug #46481: dovecot_1:2.2.13-12~deb8u4

OK: <http://10.200.17.11/dovecot-imapd.dchdiff>...
OK: <http://10.200.17.11/dovecot-imapd.debdiff>...
OK: <http://10.200.17.11/dovecot-imapd_2.2.13-12~deb8u4_amd64.log>...
Comment 2 Arvid Requate univentionstaff 2018-04-12 18:54:25 CEST
Verified:
* Upstream binary imported into errata4.2-3
* No additional UCS patches in 4.2
* Installation of univention-mail-dovecot: Ok
* Advisory: Ok
Comment 3 Arvid Requate univentionstaff 2018-04-18 14:15:59 CEST
<http://errata.software-univention.de/ucs/4.2/329.html>