[ubuntu/zesty-proposed] dovecot 1:2.2.27-2ubuntu2 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Tue Apr 11 01:23:56 UTC 2017 

dovecot (1:2.2.27-2ubuntu2) zesty; urgency=medium

  * SECURITY UPDATE: DoS via crafted username
    - debian/patches/CVE-2017-2669.patch: do not double-expand key in
      passdb dict when authenticating in src/auth/db-dict.c.
    - CVE-2017-2669

Date: Fri, 07 Apr 2017 13:31:02 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Tyler Hicks <tyhicks at canonical.com>
https://launchpad.net/ubuntu/+source/dovecot/1:2.2.27-2ubuntu2
-------------- next part --------------
Format: 1.8
Date: Fri, 07 Apr 2017 13:31:02 -0400
Source: dovecot
Binary: dovecot-core dovecot-dev dovecot-imapd dovecot-pop3d dovecot-lmtpd dovecot-managesieved dovecot-pgsql dovecot-mysql dovecot-sqlite dovecot-ldap dovecot-gssapi dovecot-sieve dovecot-solr dovecot-dbg mail-stack-delivery
Architecture: source
Version: 1:2.2.27-2ubuntu2
Distribution: zesty
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
 dovecot-core - secure POP3/IMAP server - core files
 dovecot-dbg - secure POP3/IMAP server - debug symbols
 dovecot-dev - secure POP3/IMAP server - header files
 dovecot-gssapi - secure POP3/IMAP server - GSSAPI support
 dovecot-imapd - secure POP3/IMAP server - IMAP daemon
 dovecot-ldap - secure POP3/IMAP server - LDAP support
 dovecot-lmtpd - secure POP3/IMAP server - LMTP server
 dovecot-managesieved - secure POP3/IMAP server - ManageSieve server
 dovecot-mysql - secure POP3/IMAP server - MySQL support
 dovecot-pgsql - secure POP3/IMAP server - PostgreSQL support
 dovecot-pop3d - secure POP3/IMAP server - POP3 daemon
 dovecot-sieve - secure POP3/IMAP server - Sieve filters support
 dovecot-solr - secure POP3/IMAP server - Solr support
 dovecot-sqlite - secure POP3/IMAP server - SQLite support
 mail-stack-delivery - mail server delivery agent stack provided by Ubuntu server team
Changes:
 dovecot (1:2.2.27-2ubuntu2) zesty; urgency=medium
 .
   * SECURITY UPDATE: DoS via crafted username
     - debian/patches/CVE-2017-2669.patch: do not double-expand key in
       passdb dict when authenticating in src/auth/db-dict.c.
     - CVE-2017-2669
Checksums-Sha1:
 431ebe1600be2b04d1f1c3709fc13ba00598666a 3460 dovecot_2.2.27-2ubuntu2.dsc
 29b593e8390ccf837c4449da352513d1f4156f83 862120 dovecot_2.2.27-2ubuntu2.debian.tar.xz
Checksums-Sha256:
 67e5f0443e1d726d768f220aa81fc0cb6a62a93f0af60cee4f871f2a3844251d 3460 dovecot_2.2.27-2ubuntu2.dsc
 74d8f27e06e70fa75650ad844399321a84a38e7976b074d94e8734a175765bae 862120 dovecot_2.2.27-2ubuntu2.debian.tar.xz
Files:
 c46245e3e6d7a0d4921d64487ebf6743 3460 mail optional dovecot_2.2.27-2ubuntu2.dsc
 faca65b200ef85bc0a5c6012f9465997 862120 mail optional dovecot_2.2.27-2ubuntu2.debian.tar.xz
Original-Maintainer: Dovecot Maintainers <jaldhar-dovecot at debian.org>

More information about the Zesty-changes mailing list