[ubuntu/bionic-security] cyrus-imapd 2.5.10-3ubuntu1.1 (Accepted)
Paulo Flabiano Smorigo
pfsmorigo at canonical.com
Thu Oct 1 12:55:32 UTC 2020
cyrus-imapd (2.5.10-3ubuntu1.1) bionic-security; urgency=medium
* SECURITY UPDATE: Buffer overflow vulnerability
- debian/patches/0019-CVE-2019-11356.patch: HTTP: don't overrun buffer
when parsing strings with sscanf().
- CVE-2019-11356
* SECURITY UPDATE: Privilege escalation vulnerability
- debian/patches/0020-CVE-2019-19783.patch: lmtp_sieve: don't create
mailbox with admin for sieve autocreate.
- CVE-2019-19783
Date: 2020-09-30 19:42:15.103420+00:00
Changed-By: Paulo Flabiano Smorigo <pfsmorigo at canonical.com>
https://launchpad.net/ubuntu/+source/cyrus-imapd/2.5.10-3ubuntu1.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Bionic-changes
mailing list