[USN-3881-2] Dovecot vulnerability
Leonidas S. Barbosa
leo.barbosa at canonical.com
Tue Feb 5 16:41:52 UTC 2019
Ubuntu Security Notice USN-3881-2
February 05, 2019
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 ESM
Dovecot could be made to expose sensitive information over the network.
- dovecot: IMAP and POP3 email server
USN-3881-1 fixed a vulnerability in Dovecot. This update provides
the corresponding update for Ubuntu 12.04 ESM.
Original advisory details:
It was discovered that Dovecot incorrectly handled client
certificates. A remote attacker in possession of a valid certificate
with an empty username field could possibly use this issue to
impersonate other users.
The problem can be corrected by updating your system to the following
Ubuntu 12.04 ESM:
In general, a standard system update will make all the necessary
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 819 bytes
Desc: This is a digitally signed message part
More information about the ubuntu-security-announce