Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 524
Alerts This Week
Warning Icon 1 524

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 22 articles for you...
202

openSUSE: 2021:0753-1 Critical Security Advisory For Exim Heap Overflow

An update that fixes 30 vulnerabilities is now available. . openSUSE Security Update: Security update for exim ______________________________________________________________________________ Announcement ID: openSUSE-SU-2021:0753-1 Rating: critical References: #1079832 #1136587 #1142207 #1154183 #1160726 #1171490 #1171877 #1173693 #1185631 Cross-References: CVE-2017-1000369 CVE-2017-16943 CVE-2017-16944 CVE-2018-6789 CVE-2019-10149 CVE-2019-13917 CVE-2019-15846 CVE-2019-16928 CVE-2020-12783 CVE-2020-28007 CVE-2020-28008 CVE-2020-28009 CVE-2020-28010 CVE-2020-28011 CVE-2020-28012 CVE-2020-28013 CVE-2020-28014 CVE-2020-28015 CVE-2020-28016 CVE-2020-28017 CVE-2020-28018 CVE-2020-28019 CVE-2020-28020 CVE-2020-28021 CVE-2020-28022 CVE-2020-28023 CVE-2020-28024 CVE-2020-28025 CVE-2020-28026 CVE-2020-8015 CVSS scores: CVE-2017-1000369 (NVD) : 4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N CVE-2017-16943 (NVD) : 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2017-16944 (NVD) : 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2018-6789 (NVD) : 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2019-10149 (NVD) : 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2019-13917 (NVD) : 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2019-15846 (NVD) : 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2019-16928 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2020-12783 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2020-28007 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2020-28008 (NVD) : 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2020-28009 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2020-28010 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2020-28011 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2020-28012 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2020-28013 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2020-28014 (NVD) : 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H CVE-2020-28015 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2020-28016 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2020-28018 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2020-8015 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Backports SLE-15-SP1 ______________________________________________________________________________ An update that fixes 30 vulnerabilities is now available. Description: This update for exim fixes the following issues: exim was updated to 4.94.2: security update (boo#1185631) * CVE-2020-28007: Link attack in Exim's log directory * CVE-2020-28008: Assorted attacks in Exim's spool directory * CVE-2020-28014: Arbitrary PID file creation * CVE-2020-28011: Heap buffer overflow in queue_run() * CVE-2020-28010: Heap out-of-bounds write in main() * CVE-2020-28013: Heap buffer overflow in parse_fix_phrase() * CVE-2020-28016: Heap out-of-bounds write in parse_fix_phrase() * CVE-2020-28015: New-line injection into spool header file (local) * CVE-2020-28012: Missing close-on-exec flag for privileged pipe * CVE-2020-28009: Integer overflow in get_stdinput() * CVE-2020-28017: Integer overflow in receive_add_recipient() * CVE-2020-28020: Integer overflowin receive_msg() * CVE-2020-28023: Out-of-bounds read in smtp_setup_msg() * CVE-2020-28021: New-line injection into spool header file (remote) * CVE-2020-28022: Heap out-of-bounds read and write in extract_option() * CVE-2020-28026: Line truncation and injection in spool_read_header() * CVE-2020-28019: Failure to reset function pointer after BDAT error * CVE-2020-28024: Heap buffer underflow in smtp_ungetc() * CVE-2020-28018: Use-after-free in tls-openssl.c * CVE-2020-28025: Heap out-of-bounds read in pdkim_finish_bodyhash() update to exim-4.94.1 * Fix security issue in BDAT state confusion. Ensure we reset known-good where we know we need to not be reading BDAT data, as a general case fix, and move the places where we switch to BDAT mode until after various protocol state checks. Fixes CVE-2020-BDATA reported by Qualys. * Fix security issue in SMTP verb option parsing (CVE-2020-EXOPT) * Fix security issue with too many recipients on a message (to remove a known security problem if someone does set recipients_max to unlimited, or if local additions add to the recipient list). Fixes CVE-2020-RCPTL reported by Qualys. * Fix CVE-2020-28016 (PFPZA): Heap out-of-bounds write in parse_fix_phrase() * Fix security issue CVE-2020-PFPSN and guard against cmdline invoker providing a particularly obnoxious sender full name. * Fix Linux security issue CVE-2020-SLCWD and guard against PATH_MAX better. - bring back missing exim_db.8 manual page (fixes boo#1173693) - bring in changes from current +fixes (lots of taint check fixes) * Bug 1329: Fix format of Maildir-format filenames to match other mail- related applications. Previously an "H" was used where available info says that "M" should be, so change to match. * Bug 2587: Fix pam expansion condition. Tainted values are commonly used as arguments, so an implementation trying to copy these into a local buffer was taking a taint-enforcement trap. Fix by using dynamically created buffers. * Bug 2586: Fix listcount expansion operator. Using tainted arguments is reasonable, eg. to count headers. Fix by using dynamically created buffers rather than a local. Do similar fixes for ACL actions "dcc", "log_reject_target", "malware" and "spam"; the arguments are expanded so could be handling tainted values. * Bug 2590: Fix -bi (newaliases). A previous code rearrangement had broken the (no-op) support for this sendmail command. Restore it to doing nothing, silently, and returning good status. update to exim 4.94 * some transports now refuse to use tainted data in constructing their delivery location this WILL BREAK configurations which are not updated accordingly. In particular: any Transport use of $local_user which has been relying upon check_local_user far away in the Router to make it safe, should be updated to replace $local_user with $local_part_data. * Attempting to remove, in router or transport, a header name that ends with an asterisk (which is a standards-legal name) will now result in all headers named starting with the string before the asterisk being removed. - switch pretrans to use lua (fixes boo#1171877) - bring changes from current in +fixes branch (patch-exim-fixes-ee83de04d3087efaf808d1f2235a988275c2ee94) * fixes CVE-2020-12783 (boo#1171490) * Regard command-line recipients as tainted. * Bug 2489: Fix crash in the "pam" expansion condition. * Use tainted buffers for the transport smtp context. * Bug 2493: Harden ARC verify against Outlook, which has been seen to mix the ordering of its ARC headers. This caused a crash. * Bug 2492: Use tainted memory for retry record when needed. Previously when a new record was being constructed with information from the peer, a trap was taken. * Bug 2494: Unsetthe default for dmarc_tld_file. * Fix an uninitialised flag in early-pipelining. Previously connections could, depending on the platform, hang at the STARTTLS response. * Bug 2498: Reset a counter used for ARC verify before handling another message on a connection. Previously if one message had ARC headers and the following one did not, a crash could result when adding an Authentication-Results: header. * Bug 2500: Rewind some of the common-coding in string handling between the Exim main code and Exim-related utities. * Fix the variables set by the gsasl authenticator. * Bug 2507: Modules: on handling a dynamic-module (lookups) open failure, only retrieve the errormessage once. * Bug 2501: Fix init call in the heimdal authenticator. Previously it adjusted the size of a major service buffer; this failed because the buffer was in use at the time. Change to a compile-time increase in the buffer size, when this authenticator is compiled into exim. - don't create logfiles during install * fixes CVE-2020-8015 (boo#1154183) - add a spec-file workaround for boo#1160726 - update to exim 4.93.0.4 (+fixes release) * Avoid costly startup code when not strictly needed. This reduces time for some exim process initialisations. It does mean that the logging of TLS configuration problems is only done for the daemon startup. * Early-pipelining support code is now included unless disabled in Makefile. * DKIM verification defaults no long accept sha1 hashes, to conform to RFC 8301. They can still be enabled, using the dkim_verify_hashes main option. * Support CHUNKING from an smtp transport using a transport_filter, when DKIM signing is being done. Previously a transport_filter would always disable CHUNKING, falling back to traditional DATA. * Regard command-line receipients as tainted. * Bug 340: Remove the daemon pid file on exit, whedue to SIGTERM. * Bug 2489: Fix crash in the "pam" expansion condition. It seems that the PAM library frees one of the arguments given to it, despite the documentation. Therefore a plain malloc must be used. * Bug 2491: Use tainted buffers for the transport smtp context. Previously on-stack buffers were used, resulting in a taint trap when DSN information copied from a received message was written into the buffer. * Bug 2493: Harden ARC verify against Outlook, whick has been seen to mix the ordering of its ARC headers. This caused a crash. * Bug 2492: Use tainted memory for retry record when needed. Previously when a new record was being constructed with information from the peer, a trap was taken. * Bug 2494: Unset the default for dmarc_tld_file. Previously a naiive installation would get error messages from DMARC verify, when it hit the nonexistent file indicated by the default. Distros wanting DMARC enabled should both provide the file and set the option. Also enforce no DMARC verification for command-line sourced messages. * Fix an uninitialised flag in early-pipelining. Previously connections could, depending on the platform, hang at the STARTTLS response. * Bug 2498: Reset a counter used for ARC verify before handling another message on a connection. Previously if one message had ARC headers and the following one did not, a crash could result when adding an Authentication-Results: header. * Bug 2500: Rewind some of the common-coding in string handling between the Exim main code and Exim-related utities. The introduction of taint tracking also did many adjustments to string handling. Since then, eximon frequently terminated with an assert failure. * When PIPELINING, synch after every hundred or so RCPT commands sent and check for 452 responses. This slightly helps the inefficieny of doing a largealias-expansion into a recipient-limited target. The max_rcpt transport option still applies (and at the current default, will override the new feature). The check is done for either cause of synch, and forces a fast-retry of all 452'd recipients using a new MAIL FROM on the same connection. The new facility is not tunable at this time. * Fix the variables set by the gsasl authenticator. Previously a pointer to library live data was being used, so the results became garbage. Make copies while it is still usable. * Logging: when the deliver_time selector ise set, include the DT= field on delivery deferred (==) and failed (**) lines (if a delivery was attemtped). Previously it was only on completion (=> ) lines. * Authentication: the gsasl driver not provides the $authN variables in time for the expansion of the server_scram_iter and server_scram_salt options. spec file cleanup to make update work - add docdir to spec - update to exim 4.93 * SUPPORT_DMARC replaces EXPERIMENTAL_DMARC * DISABLE_TLS replaces SUPPORT_TLS * Bump the version for the local_scan API. * smtp transport option hosts_try_fastopen defaults to "*". * DNSSec is requested (not required) for all queries. (This seemes to ask for trouble if your resolver is a systemd-resolved.) * Generic router option retry_use_local_part defaults to "true" under specific pre-conditions. * Introduce a tainting mechanism for values read from untrusted sources. * Use longer file names for temporary spool files (this avoids name conflicts with spool on a shared file system). * Use dsn_from main config option (was ignored previously). - update to exim 4.92.3 * CVE-2019-16928: fix against Heap-based buffer overflow in string_vformat, remote code execution seems to be possible - update to exim 4.92.2 * CVE-2019-15846: fix against remote attackers executing arbitrary code as root via a trailing backslash - update to exim 4.92.1 * CVE-2019-13917: Fixed an issue with ${sort} expansion which could allow remote attackers to execute other programs with root privileges (boo#1142207) - spec file cleanup * fix DANE inclusion guard condition * re-enable i18n and remove misleading comment * EXPERIMENTAL_SPF is now SUPPORT_SPF * DANE is now SUPPORT_DANE - update to exim 4.92 * ${l_header: } expansion * ${readsocket} now supports TLS * "utf8_downconvert" option (if built with SUPPORT_I18N) * "pipelining" log_selector * JSON variants for ${extract } expansion * "noutf8" debug option * TCP Fast Open support on MacOS * CVE-2019-10149: Fixed a Remote Command Execution (boo#1136587) - add workaround patch for compile time error on missing printf format annotation (gnu_printf.patch) - update to 4.91 * DEFER rather than ERROR on redis cluster MOVED response. * Catch and remove uninitialized value warning in exiqsumm * Disallow '/' characters in queue names specified for the "queue=" ACL modifier. This matches the restriction on the commandline. * Fix pgsql lookup for multiple result-tuples with a single column. Previously only the last row was returned. * Bug 2217: Tighten up the parsing of DKIM signature headers. * Bug 2215: Fix crash associated with dnsdb lookup done from DKIM ACL. * Fix issue with continued-connections when the DNS shifts unreliably. * Bug 2214: Fix SMTP responses resulting from non-accept result of MIME ACL. * The "support for" informational output now, which built with Content Scanning support, has a line for the malware scanner interfaces compiled in. Interface can be individually included or not at build time. * The "aveserver", "kavdaemon" and "mksd" interfaces are now not included by the template makefile "src/EDITME". The "STREAM" support for an older ClamAV interface method is removed. *Bug 2223: Fix mysql lookup returns for the no-data case (when the number of rows affected is given instead). * The runtime Berkeley DB library version is now additionally output by "exim -d -bV". Previously only the compile-time version was shown. * Bug 2230: Fix cutthrough routing for nonfirst messages in an initiating SMTP connection. * Bug 2229: Fix cutthrough routing for nonstandard port numbers defined by routers. * Bug 2174: A timeout on connect for a callout was also erroneously seen as a timeout on read on a GnuTLS initiating connection, resulting in the initiating connection being dropped. * Relax results from ACL control request to enable cutthrough, in unsupported situations, from error to silently (except under debug) ignoring. * Fix Buffer overflow in base64d() (CVE-2018-6789) * Fix bug in DKIM verify: a buffer overflow could corrupt the malloc metadata, resulting in a crash in free(). * Fix broken Heimdal GSSAPI authenticator integration. * Bug 2113: Fix conversation closedown with the Avast malware scanner. * Bug 2239: Enforce non-usability of control=utf8_downconvert in the mail ACL. * Speed up macro lookups during configuration file read, by skipping non- macro text after a replacement (previously it was only once per line) and by skipping builtin macros when searching for an uppercase lead character. * DANE support moved from Experimental to mainline. The Makefile control for the build is renamed. * Fix memory leak during multi-message connections using STARTTLS. * Bug 2236: When a DKIM verification result is overridden by ACL, DMARC reported the original. Fix to report (as far as possible) the ACL result replacing the original. * Fix memory leak during multi-message connections using STARTTLS under OpenSSL * Bug 2242: Fix exim_dbmbuild to permit directoryless filenames. * Fix utf8_downconvert propagation through a redirectrouter. * Bug 2253: For logging delivery lines under PRDR, append the overall DATA response info to the (existing) per-recipient response info for the "C=" log element. * Bug 2251: Fix ldap lookups that return a single attribute having zero- length value. * Support Avast multiline protocol, this allows passing flags to newer versions of the scanner. * Ensure that variables possibly set during message acceptance are marked dead before release of memory in the daemon loop. * Bug 2250: Fix a longstanding bug in heavily-pipelined SMTP input (such as a multi-recipient message from a mailinglist manager). * The (EXPERIMENTAL_DMARC) variable $dmarc_ar_header is withdrawn, being replaced by the ${authresults } expansion. * Bug 2257: Fix pipe transport to not use a socket-only syscall. * Set a handler for SIGTERM and call exit(3) if running as PID 1. This allows proper process termination in container environments. * Bug 2258: Fix spool_wireformat in combination with LMTP transport. Previously the "final dot" had a newline after it; ensure it is CR,LF. * SPF: remove support for the "spf" ACL condition outcome values "err_temp" and "err_perm", deprecated since 4.83 when the RFC-defined words " temperror" and "permerror" were introduced. * Re-introduce enforcement of no cutthrough delivery on transports having transport-filters or DKIM-signing. * Cutthrough: for a final-dot response timeout (and nonunderstood responses) in defer=pass mode supply a 450 to the initiator. Previously the message would be spooled. * DANE: add dane_require_tls_ciphers SMTP Transport option; if unset, tls_require_ciphers is used as before. * Malware Avast: Better match the Avast multiline protocol. * Fix reinitialisation of DKIM logging variable between messages. * Bug 2255: Revert the disable of the OpenSSL session caching. * Add util/renew-opendmarc-tlds.sh script for safe renewal ofpublic suffix list. * DKIM: accept Ed25519 pubkeys in SubjectPublicKeyInfo-wrapped form, since the IETF WG has not yet settled on that versus the original "bare" representation. * Fix syslog logging for syslog_timestamp=no and log_selector +millisec. Previously the millisecond value corrupted the output. Fix also for syslog_pid=no and log_selector +pid, for which the pid corrupted the output. - Replace xorg-x11-devel by individual pkgconfig() buildrequires. - update to 4.90.1 * Allow PKG_CONFIG_PATH to be set in Local/Makefile and use it correctly during configuration. Wildcards are allowed and expanded. * Shorten the log line for daemon startup by collapsing adjacent sets of identical IP addresses on different listening ports. Will also affect "exiwhat" output. * Tighten up the checking in isip4 (et al): dotted-quad components larger than 255 are no longer allowed. * Default openssl_options to include +no_ticket, to reduce load on peers. Disable the session-cache too, which might reduce our load. Since we currrectly use a new context for every connection, both as server and client, there is no benefit for these. * Add $SOURCE_DATE_EPOCH support for reproducible builds, per spec at . * Fix smtp transport use of limited max_rcpt under mua_wrapper. Previously the check for any unsuccessful recipients did not notice the limit, and erroneously found still-pending ones. * Pipeline CHUNKING command and data together, on kernels that support MSG_MORE. Only in-clear (not on TLS connections). * Avoid using a temporary file during transport using dkim. Unless a transport-filter is involved we can buffer the headers in memory for creating the signature, and read the spool data file once for the signature and again for transmission. * Enable use of sendfile in Linux builds as default. It was disabled in 4.77 as thekernel support then wasn't solid, having issues in 64bit mode. Now, it's been long enough. Add support for FreeBSD also. * Add commandline_checks_require_admin option. * Do pipelining under TLS. * For the "sock" variant of the malware scanner interface, accept an empty cmdline element to get the documented default one. Previously it was inaccessible. * Prevent repeated use of -p/-oMr * DKIM: enforce the DNS pubkey record "h" permitted-hashes optional field, if present. * DKIM: when a message has multiple signatures matching an identity given in dkim_verify_signers, run the dkim acl once for each. * Support IDNA2008. * The path option on a pipe transport is now expanded before use * Have the EHLO response advertise VRFY, if there is a vrfy ACL defined. - Several bug fixes - Fix for buffer overflow in base64decode() (boo#1079832 CVE-2018-6789) Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP1: zypper in -t patch openSUSE-2021-753=1 Package List: - openSUSE Backports SLE-15-SP1 (aarch64 ppc64le s390x x86_64): exim-4.94.2-bp151.2.4.1 eximon-4.94.2-bp151.2.4.1 eximstats-html-4.94.2-bp151.2.4.1 libspf2-2-1.2.10-bp151.4.1 libspf2-2-debuginfo-1.2.10-bp151.4.1 libspf2-debuginfo-1.2.10-bp151.4.1 libspf2-debugsource-1.2.10-bp151.4.1 libspf2-devel-1.2.10-bp151.4.1 libspf2-tools-1.2.10-bp151.4.1 libspf2-tools-debuginfo-1.2.10-bp151.4.1 References: https://www.suse.com/security/cve/CVE-2017-1000369.html https://www.suse.com/security/cve/CVE-2017-16943.html https://www.suse.com/security/cve/CVE-2017-16944.html https://www.suse.com/security/cve/CVE-2018-6789.html https://www.suse.com/security/cve/CVE-2019-10149.html https://www.suse.com/security/cve/CVE-2019-13917.html https://www.suse.com/security/cve/CVE-2019-15846.html https://www.suse.com/security/cve/CVE-2019-16928.html https://www.suse.com/security/cve/CVE-2020-12783.html https://www.suse.com/security/cve/CVE-2020-28007.html https://www.suse.com/security/cve/CVE-2020-28008.html https://www.suse.com/security/cve/CVE-2020-28009.html https://www.suse.com/security/cve/CVE-2020-28010.html https://www.suse.com/security/cve/CVE-2020-28011.html https://www.suse.com/security/cve/CVE-2020-28012.html https://www.suse.com/security/cve/CVE-2020-28013.html https://www.suse.com/security/cve/CVE-2020-28014.html https://www.suse.com/security/cve/CVE-2020-28015.html https://www.suse.com/security/cve/CVE-2020-28016.html https://www.suse.com/security/cve/CVE-2020-28017.html https://www.suse.com/security/cve/CVE-2020-28018.html https://www.suse.com/security/cve/CVE-2020-28019.html https://www.suse.com/security/cve/CVE-2020-28020.html https://www.suse.com/security/cve/CVE-2020-28021.html https://www.suse.com/security/cve/CVE-2020-28022.html https://www.suse.com/security/cve/CVE-2020-28023.html https://www.suse.com/security/cve/CVE-2020-28024.html https://www.suse.com/security/cve/CVE-2020-28025.html https://www.suse.com/security/cve/CVE-2020-28026.html https://www.suse.com/security/cve/CVE-2020-8015.html https://bugzilla.suse.com/1079832 https://bugzilla.suse.com/1136587 https://bugzilla.suse.com/1142207 https://bugzilla.suse.com/1154183 https://bugzilla.suse.com/1160726 https://bugzilla.suse.com/1171490 https://bugzilla.suse.com/1171877 https://bugzilla.suse.com/1173693 https://bugzilla.suse.com/1185631 . Essential openSUSE patch for Exim tackles various vulnerabilities, such as buffer overflows and potential exploits.. openSUSE Update, Exim Security, Critical Fixes. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 May 20, 2021 Critical OpenSUSE
98

Red Hat Enterprise Linux 8 RHSA-2020-4763-01 Moderate Dovecot Update

An update for dovecot is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: dovecot security update Advisory ID: RHSA-2020:4763-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2020:4763 Issue date: 2020-11-03 CVE Names: CVE-2020-10958 CVE-2020-10967 ==================================================================== 1. Summary: An update for dovecot is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat CodeReady Linux Builder (v. 8) - aarch64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64 3. Description: Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Security Fix(es): * dovecot: command followed by sufficient number of newlines leads to use-after-free (CVE-2020-10958) * dovecot: sending mail with empty quoted localpart leads to DoS (CVE-2020-10967) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the Referencessection. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1834323 - CVE-2020-10958 dovecot: command followed by sufficient number of newlines leads to use-after-free 1834326 - CVE-2020-10967 dovecot: sending mail with empty quoted localpart leads to DoS 6. Package List: Red Hat Enterprise Linux AppStream (v.8): Source: dovecot-2.3.8-4.el8.src.rpm aarch64: dovecot-2.3.8-4.el8.aarch64.rpm dovecot-debuginfo-2.3.8-4.el8.aarch64.rpm dovecot-debugsource-2.3.8-4.el8.aarch64.rpm dovecot-mysql-2.3.8-4.el8.aarch64.rpm dovecot-mysql-debuginfo-2.3.8-4.el8.aarch64.rpm dovecot-pgsql-2.3.8-4.el8.aarch64.rpm dovecot-pgsql-debuginfo-2.3.8-4.el8.aarch64.rpm dovecot-pigeonhole-2.3.8-4.el8.aarch64.rpm dovecot-pigeonhole-debuginfo-2.3.8-4.el8.aarch64.rpm ppc64le: dovecot-2.3.8-4.el8.ppc64le.rpm dovecot-debuginfo-2.3.8-4.el8.ppc64le.rpm dovecot-debugsource-2.3.8-4.el8.ppc64le.rpm dovecot-mysql-2.3.8-4.el8.ppc64le.rpm dovecot-mysql-debuginfo-2.3.8-4.el8.ppc64le.rpm dovecot-pgsql-2.3.8-4.el8.ppc64le.rpm dovecot-pgsql-debuginfo-2.3.8-4.el8.ppc64le.rpm dovecot-pigeonhole-2.3.8-4.el8.ppc64le.rpm dovecot-pigeonhole-debuginfo-2.3.8-4.el8.ppc64le.rpm s390x: dovecot-2.3.8-4.el8.s390x.rpm dovecot-debuginfo-2.3.8-4.el8.s390x.rpm dovecot-debugsource-2.3.8-4.el8.s390x.rpm dovecot-mysql-2.3.8-4.el8.s390x.rpm dovecot-mysql-debuginfo-2.3.8-4.el8.s390x.rpm dovecot-pgsql-2.3.8-4.el8.s390x.rpm dovecot-pgsql-debuginfo-2.3.8-4.el8.s390x.rpm dovecot-pigeonhole-2.3.8-4.el8.s390x.rpm dovecot-pigeonhole-debuginfo-2.3.8-4.el8.s390x.rpm x86_64: dovecot-2.3.8-4.el8.x86_64.rpm dovecot-debuginfo-2.3.8-4.el8.x86_64.rpm dovecot-debugsource-2.3.8-4.el8.x86_64.rpm dovecot-mysql-2.3.8-4.el8.x86_64.rpm dovecot-mysql-debuginfo-2.3.8-4.el8.x86_64.rpm dovecot-pgsql-2.3.8-4.el8.x86_64.rpm dovecot-pgsql-debuginfo-2.3.8-4.el8.x86_64.rpm dovecot-pigeonhole-2.3.8-4.el8.x86_64.rpm dovecot-pigeonhole-debuginfo-2.3.8-4.el8.x86_64.rpm Red Hat CodeReady Linux Builder (v.8): aarch64: dovecot-debuginfo-2.3.8-4.el8.aarch64.rpm dovecot-debugsource-2.3.8-4.el8.aarch64.rpm dovecot-devel-2.3.8-4.el8.aarch64.rpm dovecot-mysql-debuginfo-2.3.8-4.el8.aarch64.rpm dovecot-pgsql-debuginfo-2.3.8-4.el8.aarch64.rpm dovecot-pigeonhole-debuginfo-2.3.8-4.el8.aarch64.rpm ppc64le: dovecot-debuginfo-2.3.8-4.el8.ppc64le.rpm dovecot-debugsource-2.3.8-4.el8.ppc64le.rpm dovecot-devel-2.3.8-4.el8.ppc64le.rpm dovecot-mysql-debuginfo-2.3.8-4.el8.ppc64le.rpm dovecot-pgsql-debuginfo-2.3.8-4.el8.ppc64le.rpm dovecot-pigeonhole-debuginfo-2.3.8-4.el8.ppc64le.rpm s390x: dovecot-debuginfo-2.3.8-4.el8.s390x.rpm dovecot-debugsource-2.3.8-4.el8.s390x.rpm dovecot-devel-2.3.8-4.el8.s390x.rpm dovecot-mysql-debuginfo-2.3.8-4.el8.s390x.rpm dovecot-pgsql-debuginfo-2.3.8-4.el8.s390x.rpm dovecot-pigeonhole-debuginfo-2.3.8-4.el8.s390x.rpm x86_64: dovecot-2.3.8-4.el8.i686.rpm dovecot-debuginfo-2.3.8-4.el8.i686.rpm dovecot-debuginfo-2.3.8-4.el8.x86_64.rpm dovecot-debugsource-2.3.8-4.el8.i686.rpm dovecot-debugsource-2.3.8-4.el8.x86_64.rpm dovecot-devel-2.3.8-4.el8.i686.rpm dovecot-devel-2.3.8-4.el8.x86_64.rpm dovecot-mysql-debuginfo-2.3.8-4.el8.i686.rpm dovecot-mysql-debuginfo-2.3.8-4.el8.x86_64.rpm dovecot-pgsql-debuginfo-2.3.8-4.el8.i686.rpm dovecot-pgsql-debuginfo-2.3.8-4.el8.x86_64.rpm dovecot-pigeonhole-debuginfo-2.3.8-4.el8.i686.rpm dovecot-pigeonhole-debuginfo-2.3.8-4.el8.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-10958 https://access.redhat.com/security/cve/CVE-2020-10967 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/ 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. -----BEGIN PGPSIGNATURE----- Version: GnuPG v1 iQIVAwUBX6IzJdzjgjWX9erEAQiiQRAAg06Ih/fEYu3eCB58OTz4d4zVDNfrIFs6 PSpVN6V9Q4lcNdiSj6GUEtykzHh4vLAJeuJ+FDnzkIF0p/xunmBRl/bwccov5C+L SYrrhNx0Bkruxji+Ur+MysAzD5upqZFOXbUBVWXQjRcoCuNagM056xd7FPnJEfOE V2XJjiPxj+4Xz13+/rcq2+Imxy/efBHdPshXx1hibKUZlPla/JNG/AaVYP4obFCH akv4VakYHR5Mpl4ek6c+OiG/kQh7jn2Z3XfadADLRuCrDGijGI4FYX6U/Unn81CF tK++YhMCLc/h5BrQVa2fKijIqYj+kDB9Kd6rKZ9/jqIWoS3AH6Ts3UAddxCLW95b JfDZqo4pFetaHHSGQ/3vS3QeS99BehLfQZ+mGdfQnNtTh/E6dGktpHXYRr0IVx8N diP9/CuWyOEnDAJnbjUGuIRRqsYIlwrIDb9WGW9yFt9nknMmw9nolNoKBRv1XvcS lxWfPFHjwvuJiUwA0s7/W2SIya6gfhOD4hTbLP5C7WiT094dJcISAxSa3tHYPrvR XvCr3IJdF7G+PPCfPjytS8oJSctQbe5SDm72hJA6opqyfUO11T+sxF0VPq58MqRE YWWHOUib9cd2J8PxAlHqoqaD7Pm0UdFs4jdW4Hm0mAt6u0PDwtN24at4BTXgt7Yf zvaLTHyQiL8=rT2d -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Minor: New Dovecot patch released for Red Hat Enterprise Linux 8. It addresses vulnerabilities including potential service interruptions and more.. Dovecot Update, Red Hat Security, Email Server Security, RHEL Advisory. . LinuxSecurity.com Team

Calendar%202 Nov 03, 2020 Red Hat
89

Fedora 32: FEDORA-2020-d737c57172 Moderate: Dovecot Mail Server Crash

CVE-2020-12100: Parsing mails with a large number of MIME parts could have resulted in excessive CPU usage or a crash due to running out of stack memory. CVE-2020-12673: Dovecot's NTLM implementation does not correctly check message buffer size, which leads to reading past allocation which can lead to crash. CVE-2020-10967: lmtp/submission:. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-d737c57172 2020-10-13 20:34:18.297189 --------------------------------------------------------------------------------Name : dovecot Product : Fedora 32 Version : 2.3.11.3 Release : 5.fc32 URL : https://dovecot.org/ Summary : Secure imap and pop3 server Description : Dovecot is an IMAP server for Linux/UNIX-like systems, written with security primarily in mind. It also contains a small POP3 server. It supports mail in either of maildir or mbox formats. The SQL drivers and authentication plug-ins are in their subpackages. --------------------------------------------------------------------------------Update Information: CVE-2020-12100: Parsing mails with a large number of MIME parts could have resulted in excessive CPU usage or a crash due to running out of stack memory. CVE-2020-12673: Dovecot's NTLM implementation does not correctly check message buffer size, which leads to reading past allocation which can lead to crash. CVE-2020-10967: lmtp/submission: Issuing the RCPT command with an address that has the empty quoted string as local-part causes the lmtp service to crash. CVE-2020-12674: Dovecot's RPA mechanism implementation accepts zero-length message, which leads to assert-crash later on. --------------------------------------------------------------------------------ChangeLog: * Wed Sep 2 2020 Michal Hlavinka - 1:2.3.11.3-5 - fix gssapi issue * Wed Aug 26 2020 Michal Hlavinka - 1:2.3.11.3-4 - fix FTBFS on 32bitsystems * Mon Aug 17 2020 Jeff Law - 1:2.3.11.3-2 - Disable LTO * Sat Aug 15 2020 Michal Hlavinka - 1:2.3.11.3-1 - CVE-2020-12100: Parsing mails with a large number of MIME parts could have resulted in excessive CPU usage or a crash due to running out of stack memory. - CVE-2020-12673: Dovecot's NTLM implementation does not correctly check message buffer size, which leads to reading past allocation which can lead to crash. - CVE-2020-10967: lmtp/submission: Issuing the RCPT command with an address that has the empty quoted string as local-part causes the lmtp service to crash. - CVE-2020-12674: Dovecot's RPA mechanism implementation accepts zero-length message, which leads to assert-crash later on. * Sat Aug 1 2020 Fedora Release Engineering - 1:2.3.10.1-3 - Second attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Mon Jul 27 2020 Fedora Release Engineering - 1:2.3.10.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild --------------------------------------------------------------------------------References: [ 1 ] Bug #1868539 - CVE-2020-12100 dovecot: Resource exhaustion via deeply nested MIME parts [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1868539 [ 2 ] Bug #1868540 - CVE-2020-12673 dovecot: Out of bound reads in dovecot NTLM implementation [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1868540 [ 3 ] Bug #1868541 - CVE-2020-12674 dovecot: Crash due to assert in RPA implementation [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1868541 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-d737c57172' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details onthe GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Fedora 32's latest patch resolves CPU consumption and system failures in Dovecot, caused by mailbox interpretation flaws and improper handling of NTLM authentication.. Fedora Dovecot Security Update, Mail Server Crash Fix, Dovecot NTLM Update. . LinuxSecurity.com Team

Calendar%202 Oct 13, 2020 Fedora
89

Fedora 31: FEDORA-2020-b60344c987 Critical DoS Advisory for Dovecot

- CVE-2020-10957: lmtp/submission: A client can crash the server by sending a NOOP command with an invalid string parameter. This occurs particularly for a parameter that doesn't start with a double quote. This applies to all SMTP services, including submission-login, which makes it possible to crash the submission service without authentication. - CVE-2020-10958: lmtp/submission:. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-b60344c987 2020-05-28 01:59:14.571867 --------------------------------------------------------------------------------Name : dovecot Product : Fedora 31 Version : 2.3.10.1 Release : 1.fc31 URL : https://dovecot.org/ Summary : Secure imap and pop3 server Description : Dovecot is an IMAP server for Linux/UNIX-like systems, written with security primarily in mind. It also contains a small POP3 server. It supports mail in either of maildir or mbox formats. The SQL drivers and authentication plug-ins are in their subpackages. --------------------------------------------------------------------------------Update Information: - CVE-2020-10957: lmtp/submission: A client can crash the server by sending a NOOP command with an invalid string parameter. This occurs particularly for a parameter that doesn't start with a double quote. This applies to all SMTP services, including submission-login, which makes it possible to crash the submission service without authentication. - CVE-2020-10958: lmtp/submission: Sending many invalid or unknown commands can cause the server to access freed memory, which can lead to a server crash. This happens when the server closes the connection with a "421 Too many invalid commands" error. The bad command limit depends on the service (lmtp or submission) and varies between 10 to 20 bad commands. - CVE-2020-10967: lmtp/submission: Issuing the RCPT command with an address that has the empty quoted string aslocal-part causes the lmtp service to crash. --------------------------------------------------------------------------------ChangeLog: * Mon May 18 2020 Michal Hlavinka - 1:2.3.10.1-1 - dovecot updated to 2.3.10.1 - fixes CVE-2020-10967, CVE-2020-10958, CVE-2020-10957 --------------------------------------------------------------------------------References: [ 1 ] Bug #1834317 - CVE-2020-10957 dovecot: malformed NOOP commands leads to DoS https://bugzilla.redhat.com/show_bug.cgi?id=1834317 [ 2 ] Bug #1834323 - CVE-2020-10958 dovecot: command followed by sufficient number of newlines leads to use-after-free https://bugzilla.redhat.com/show_bug.cgi?id=1834323 [ 3 ] Bug #1834326 - CVE-2020-10967 dovecot: sending mail with empty quoted localpart leads to DoS https://bugzilla.redhat.com/show_bug.cgi?id=1834326 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-b60344c987' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . The latest Dovecot security notice emphasizes essential patches addressing severe gaps that could result in servicedisruptions on Fedora 31.. Dovecot Update, Fedora 31 Advisory, IMAP Server Security, DoS Vulnerability. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 May 27, 2020 Critical Fedora
87

Debian: DSA-4590-1 Critical: cyrus-imapd ACL Bypass Flaw

It was discovered that the lmtpd component of the Cyrus IMAP server created mailboxes with administrator privileges if the "fileinto" was used, bypassing ACL checks. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4590-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff December 19, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : cyrus-imapd CVE ID : CVE-2019-19783 It was discovered that the lmtpd component of the Cyrus IMAP server created mailboxes with administrator privileges if the "fileinto" was used, bypassing ACL checks. For the oldstable distribution (stretch), this problem has been fixed in version 2.5.10-3+deb9u2. For the stable distribution (buster), this problem has been fixed in version 3.0.8-6+deb10u3. We recommend that you upgrade your cyrus-imapd packages. For the detailed security status of cyrus-imapd please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/cyrus-imapd Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . The DSA-4590-2 bulletin addresses a vulnerability found in dovecot, which permits privilege escalation, impacting accounts with superuser permissions.. Cyrus IMAP, Debian Security, Mail Server Exploits, Admin Rights, Access Control. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Dec 19, 2019 Critical Debian
89

Fedora 26: Addressing Dovecot Security Advisory for DoS Threat

+ quota: Add plugin { quota_max_mail_size } setting to limit the maximum individual mail size that can be saved. + imapc: Add imapc_features=delay- login. If set, connecting to the remote IMAP server isn't done until it's necessary. + imapc: Add imapc_connection_retry_count and imapc_connection_retry_interval settings. + imap, pop3, indexer-worker: Add. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2017-e8b639c286 2017-04-27 20:51:35.716947 --------------------------------------------------------------------------------Name : dovecot Product : Fedora 26 Version : 2.2.29.1 Release : 1.fc26 URL : Summary : Secure imap and pop3 server Description : Dovecot is an IMAP server for Linux/UNIX-like systems, written with security primarily in mind. It also contains a small POP3 server. It supports mail in either of maildir or mbox formats. The SQL drivers and authentication plug-ins are in their subpackages. --------------------------------------------------------------------------------Update Information: + quota: Add plugin { quota_max_mail_size } setting to limit the maximum individual mail size that can be saved. + imapc: Add imapc_features=delay-login. If set, connecting to the remote IMAP server isn't done until it's necessary. + imapc: Add imapc_connection_retry_count and imapc_connection_retry_interval settings. + imap, pop3, indexer-worker: Add (deinit) to process title before autoexpunging runs. + Added %{encrypt} and %{decrypt} variables + imap/pop3 proxy: Log proxy state in errors as human-readable string. + imap/pop3-login: All forward_* extra fields returned by passdb are sent to the next hop when proxying using ID/XCLIENT commands. On the receiving side these fields are imported and sent to auth process where they're accessible via %{passdb:forward_*}. This is done only if the sending IP address matches login_trusted_networks. + imap-login:If imap_id_retain=yes, send the IMAP ID string to auth process. %{client_id} expands to it in auth process. The ID string is also sent to the next hop when proxying. + passdb imap: Use ssl_client_ca_* settings for CA validation. - fts-tika: Fixed crash when parsing attachment without Content-Disposition header. Broken by 2.2.28. - trash plugin was broken in 2.2.28 - auth: When passdb/userdb lookups were done via auth-workers, too much data was added to auth cache. This could have resulted in wrong replies when using multiple passdbs/userdbs. - auth: passdb { skip & mechanisms } were ignored for the first passdb - oauth2: Various fixes, including fixes to crashes - dsync: Large Sieve scripts (or other large metadata) weren't always synced. - Index rebuild (e.g. doveadm force-resync) set all mails as \Recent - imap-hibernate: %{userdb:*} wasn't expanded in mail_log_prefix - doveadm: Exit codes weren't preserved when proxying commands via doveadm-server. Almost all errors used exit code 75 (tempfail). - ACLs weren't applied to not-yet-existing autocreated mailboxes. - Fixed a potential crash when parsing a broken message header. -cassandra: Fallback consistency settings weren't working correctly. - doveadm director status : "Initial config" was always empty - imapc: Various reconnection fixes. --------------------------------------------------------------------------------References: [ 1 ] Bug #1441457 - CVE-2017-2669 dovecot: Dovecot DoS when passdb dict was used for authentication [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1441457 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade dovecot' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keysused by the Fedora Project can be found at -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. . Postfix, a widely-used mail transfer agent for Unix-like systems, undergoes significant improvements that bolster its performance and encryption standards.. Dovecot Mail Server, Fedora Security Update, DoS Resolution, Linux IMAP POP3 Server. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Apr 27, 2017 Important Fedora
89

Fedora 24 Dovecot Update RHSA-2017:1234 Critical: DoS Threats Fixed

+ quota: Add plugin { quota_max_mail_size } setting to limit the maximum individual mail size that can be saved. + imapc: Add imapc_features=delay- login. If set, connecting to the remote IMAP server isn't done until it's necessary. + imapc: Add imapc_connection_retry_count and imapc_connection_retry_interval settings. + imap, pop3, indexer-worker: Add. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2017-da4ed58fd5 2017-04-27 14:02:15.390632 --------------------------------------------------------------------------------Name : dovecot Product : Fedora 24 Version : 2.2.29.1 Release : 1.fc24 URL : Summary : Secure imap and pop3 server Description : Dovecot is an IMAP server for Linux/UNIX-like systems, written with security primarily in mind. It also contains a small POP3 server. It supports mail in either of maildir or mbox formats. The SQL drivers and authentication plug-ins are in their subpackages. --------------------------------------------------------------------------------Update Information: + quota: Add plugin { quota_max_mail_size } setting to limit the maximum individual mail size that can be saved. + imapc: Add imapc_features=delay-login. If set, connecting to the remote IMAP server isn't done until it's necessary. + imapc: Add imapc_connection_retry_count and imapc_connection_retry_interval settings. + imap, pop3, indexer-worker: Add (deinit) to process title before autoexpunging runs. + Added %{encrypt} and %{decrypt} variables + imap/pop3 proxy: Log proxy state in errors as human-readable string. + imap/pop3-login: All forward_* extra fields returned by passdb are sent to the next hop when proxying using ID/XCLIENT commands. On the receiving side these fields are imported and sent to auth process where they're accessible via %{passdb:forward_*}. This is done only if the sending IP address matches login_trusted_networks. + imap-login:If imap_id_retain=yes, send the IMAP ID string to auth process. %{client_id} expands to it in auth process. The ID string is also sent to the next hop when proxying. + passdb imap: Use ssl_client_ca_* settings for CA validation. - fts-tika: Fixed crash when parsing attachment without Content-Disposition header. Broken by 2.2.28. - trash plugin was broken in 2.2.28 - auth: When passdb/userdb lookups were done via auth-workers, too much data was added to auth cache. This could have resulted in wrong replies when using multiple passdbs/userdbs. - auth: passdb { skip & mechanisms } were ignored for the first passdb - oauth2: Various fixes, including fixes to crashes - dsync: Large Sieve scripts (or other large metadata) weren't always synced. - Index rebuild (e.g. doveadm force-resync) set all mails as \Recent - imap-hibernate: %{userdb:*} wasn't expanded in mail_log_prefix - doveadm: Exit codes weren't preserved when proxying commands via doveadm-server. Almost all errors used exit code 75 (tempfail). - ACLs weren't applied to not-yet-existing autocreated mailboxes. - Fixed a potential crash when parsing a broken message header. -cassandra: Fallback consistency settings weren't working correctly. - doveadm director status : "Initial config" was always empty - imapc: Various reconnection fixes. --------------------------------------------------------------------------------References: [ 1 ] Bug #1441457 - CVE-2017-2669 dovecot: Dovecot DoS when passdb dict was used for authentication [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1441457 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade dovecot' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keysused by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. . The recent Dovecot patch for Fedora 24 resolves critical DoS vulnerabilities and introduces improved functionalities, enhancing the overall performance of the mail server.. Dovecot Update, Fedora 24, Mail Server Security, IMAP Update, Authentication Improvements. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Apr 27, 2017 Critical Fedora
89

Fedora 25 Dovecot Security Update: Critical DoS Issue Resolved

+ quota: Add plugin { quota_max_mail_size } setting to limit the maximum individual mail size that can be saved. + imapc: Add imapc_features=delay- login. If set, connecting to the remote IMAP server isn't done until it's necessary. + imapc: Add imapc_connection_retry_count and imapc_connection_retry_interval settings. + imap, pop3, indexer-worker: Add. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2017-6ef28e38d6 2017-04-27 00:38:46.159117 --------------------------------------------------------------------------------Name : dovecot Product : Fedora 25 Version : 2.2.29.1 Release : 1.fc25 URL : Summary : Secure imap and pop3 server Description : Dovecot is an IMAP server for Linux/UNIX-like systems, written with security primarily in mind. It also contains a small POP3 server. It supports mail in either of maildir or mbox formats. The SQL drivers and authentication plug-ins are in their subpackages. --------------------------------------------------------------------------------Update Information: + quota: Add plugin { quota_max_mail_size } setting to limit the maximum individual mail size that can be saved. + imapc: Add imapc_features=delay-login. If set, connecting to the remote IMAP server isn't done until it's necessary. + imapc: Add imapc_connection_retry_count and imapc_connection_retry_interval settings. + imap, pop3, indexer-worker: Add (deinit) to process title before autoexpunging runs. + Added %{encrypt} and %{decrypt} variables + imap/pop3 proxy: Log proxy state in errors as human-readable string. + imap/pop3-login: All forward_* extra fields returned by passdb are sent to the next hop when proxying using ID/XCLIENT commands. On the receiving side these fields are imported and sent to auth process where they're accessible via %{passdb:forward_*}. This is done only if the sending IP address matches login_trusted_networks. + imap-login:If imap_id_retain=yes, send the IMAP ID string to auth process. %{client_id} expands to it in auth process. The ID string is also sent to the next hop when proxying. + passdb imap: Use ssl_client_ca_* settings for CA validation. - fts-tika: Fixed crash when parsing attachment without Content-Disposition header. Broken by 2.2.28. - trash plugin was broken in 2.2.28 - auth: When passdb/userdb lookups were done via auth-workers, too much data was added to auth cache. This could have resulted in wrong replies when using multiple passdbs/userdbs. - auth: passdb { skip & mechanisms } were ignored for the first passdb - oauth2: Various fixes, including fixes to crashes - dsync: Large Sieve scripts (or other large metadata) weren't always synced. - Index rebuild (e.g. doveadm force-resync) set all mails as \Recent - imap-hibernate: %{userdb:*} wasn't expanded in mail_log_prefix - doveadm: Exit codes weren't preserved when proxying commands via doveadm-server. Almost all errors used exit code 75 (tempfail). - ACLs weren't applied to not-yet-existing autocreated mailboxes. - Fixed a potential crash when parsing a broken message header. -cassandra: Fallback consistency settings weren't working correctly. - doveadm director status : "Initial config" was always empty - imapc: Various reconnection fixes. --------------------------------------------------------------------------------References: [ 1 ] Bug #1441457 - CVE-2017-2669 dovecot: Dovecot DoS when passdb dict was used for authentication [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1441457 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade dovecot' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keysused by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. . Fedora 25 has released a significant Dovecot security patch, resolving severe vulnerabilities, encompassing DoS threats and improvements for IMAP functionality.. Dovecot Update, Fedora Security, IMAP Server fixes, DoS concerns. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Apr 27, 2017 Critical Fedora
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200