[ubuntu/disco-proposed] dovecot 1:2.3.4.1-1ubuntu2 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Mon Apr 1 18:57:43 UTC 2019 

dovecot (1:2.3.4.1-1ubuntu2) disco; urgency=medium

  * SECURITY UPDATE: stack overflow when reading FTS or POP3-UIDL header
    - debian/patches/CVE-2019-7524-1.patch: fix buffer overflow when
      reading oversized hdr-pop3-uidl header in
      src/lib-storage/index/index-pop3-uidl.c.
    - debian/patches/CVE-2019-7524-2.patch: fix buffer overflow when
      reading oversized fts header in src/plugins/fts/fts-api.c.
    - CVE-2019-7524

Date: Mon, 01 Apr 2019 09:02:40 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/dovecot/1:2.3.4.1-1ubuntu2
-------------- next part --------------
Format: 1.8
Date: Mon, 01 Apr 2019 09:02:40 -0400
Source: dovecot
Architecture: source
Version: 1:2.3.4.1-1ubuntu2
Distribution: disco
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Changes:
 dovecot (1:2.3.4.1-1ubuntu2) disco; urgency=medium
 .
   * SECURITY UPDATE: stack overflow when reading FTS or POP3-UIDL header
     - debian/patches/CVE-2019-7524-1.patch: fix buffer overflow when
       reading oversized hdr-pop3-uidl header in
       src/lib-storage/index/index-pop3-uidl.c.
     - debian/patches/CVE-2019-7524-2.patch: fix buffer overflow when
       reading oversized fts header in src/plugins/fts/fts-api.c.
     - CVE-2019-7524
Checksums-Sha1:
 f99f5772d7a81777f3f192b7d2280efe919fab6f 3491 dovecot_2.3.4.1-1ubuntu2.dsc
 a5a01f80a6f429193e0c7e16f503be8c6a6008c9 536696 dovecot_2.3.4.1-1ubuntu2.debian.tar.xz
 3fcd26996d76537183f87fc229e9d24f3660032d 8586 dovecot_2.3.4.1-1ubuntu2_source.buildinfo
Checksums-Sha256:
 dbee2080029cba97b21dc550e03a992aa8f37628c0e793d531ab76439a233cdd 3491 dovecot_2.3.4.1-1ubuntu2.dsc
 84a21dc33c8ae7877f950034d797e9b8e977bdf48b6d75c316cc816d07926759 536696 dovecot_2.3.4.1-1ubuntu2.debian.tar.xz
 bb7b937876efe0adbf0b16b9372605a1978f4e3b0ce15157e0036f0ba36adf13 8586 dovecot_2.3.4.1-1ubuntu2_source.buildinfo
Files:
 b19b6e4cd22a9a9ca0e0915082913722 3491 mail optional dovecot_2.3.4.1-1ubuntu2.dsc
 30edd1b17fc3f6182cdf81194384f8de 536696 mail optional dovecot_2.3.4.1-1ubuntu2.debian.tar.xz
 3f090789f9f3eed61d1749dfed0058eb 8586 mail optional dovecot_2.3.4.1-1ubuntu2_source.buildinfo
Original-Maintainer: Dovecot Maintainers <dovecot at packages.debian.org>

More information about the Disco-changes mailing list