Univention Bugzilla – Bug 55228
dovecot: Multiple issues (5.0)
Last modified: 2022-09-29 12:38:55 CEST
New Debian dovecot 1:2.3.4.1-5+deb10u7 fixes: This update addresses the following issues: 1:2.3.4.1-5+deb10u7 (Mon, 26 Sep 2022 06:17:50 +0200) * Non-maintainer upload by the LTS Security Team. * CVE-2022-30550: fix handling passdbs with identical driver/args. * CVE-2021-33515: fix STARTTLS command injection vulnerability.
--- mirror/ftp/pool/main/d/dovecot/dovecot_2.3.4.1-5+deb10u6.dsc +++ apt/ucs_5.0-0-errata5.0-2/source/dovecot_2.3.4.1-5+deb10u7.dsc @@ -1,3 +1,9 @@ +1:2.3.4.1-5+deb10u7 [Mon, 26 Sep 2022 06:17:50 +0200] Anton Gladky <gladk@debian.org>: + + * Non-maintainer upload by the LTS Security Team. + * CVE-2022-30550: fix handling passdbs with identical driver/args. + * CVE-2021-33515: fix STARTTLS command injection vulnerability. + 1:2.3.4.1-5+deb10u6 [Wed, 27 Jan 2021 16:35:17 -0800] Noah Meyerhans <noahm@debian.org>: * Backport upstream fix for crash that occurred when searching mailboxes <http://piuparts.knut.univention.de/5.0-2/#8130266579935994223>
OK: yaml OK: announce_errata OK: patch OK: piuparts [5.0-2] 28263bdb99 Bug #55228: dovecot 1:2.3.4.1-5+deb10u7 doc/errata/staging/dovecot.yaml | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) [5.0-2] b700fb3e0a Bug #55228: dovecot 1:2.3.4.1-5+deb10u7 doc/errata/staging/dovecot.yaml | 16 ++++++++++++++++ 1 file changed, 16 insertions(+)
<https://errata.software-univention.de/#/?erratum=5.0x432>