drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Zwei Probleme in dovecot (Aktualisierung)
Name: |
Zwei Probleme in dovecot (Aktualisierung) |
|
ID: |
USN-3556-2 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 12.04 ESM |
|
Datum: |
Fr, 2. Februar 2018, 07:31 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6171
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15132 |
|
Applikationen: |
dovecot |
|
Update von: |
Denial of Service in dovecot |
|
Originalnachricht |
--===============5630581815957667814== Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="=-dcaCV1WM6JG4iU0UEYmP"
--=-dcaCV1WM6JG4iU0UEYmP Content-Type: text/plain; charset="UTF-8 Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-3556-2 February 01, 2018
dovecot vulnerabilities ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 ESM
Summary:
Several security issues were fixed in Dovecot.
Software Description: - dovecot: IMAP and POP3 email server
Details:
USN-3556-1 fixed vulnerabilities in Dovecot. This update provides the corresponding update for Ubuntu 12.04 ESM.
It was discovered that Dovecot incorrectly handled certain authentications. An attacker could possibly use this to bypass authentication and access sensitive information. (CVE-2013-6171)
Original advisory details:
It was discovered that Dovecot incorrectly handled certain authentications. An attacker could possibly use this to cause a denial of service. (CVE-2017-15132)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.04 ESM: dovecot-core 1:2.0.19-0ubuntu2.4
In general, a standard system update will make all the necessary changes.
References: https://www.ubuntu.com/usn/usn-3556-2 https://www.ubuntu.com/usn/usn-3556-1 CVE-2013-6171, CVE-2017-15132
--=-dcaCV1WM6JG4iU0UEYmP Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part Content-Transfer-Encoding: 7bit
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2
iQIcBAABCAAGBQJac3xWAAoJEEW851uECx9pwbcP+wbQQuo0jANXf7WYMoUFOa+W gcGE4rJ6Jk24tSLwNBbyCcfgdDEEEsamypgM1Af4yCTa/DNpEupnLOTXcKBoAA4w t5EHicAU+RarghjwoFYP04TNPIhl4Jxb40DZcdvXjtQ6YRuJqLyI7RzpzGPzCqtR BndhwseDwRsZdbUgv5NvpSCj1BEnGDyvnDqkW4lDP22XYrDbNZLcG9qV+j0IFOBt Y1hopxoQwdEDo8E+NTgjLuV1Hzc8f0rNO4O+hLcoGNIKh6oDpbyFPE3XVIBAs75a BTOMCpBb783aENxkvxtzJGxzTyhzCF4chdfTRt+BodZR7A3bJlU3JEUrgx+fCAsH au8MLN5mO4XWjmn5WnMkmcxsJA6EroZrGCXKlGZ4xHH22FO+W/J5smMRwtAsd3uF KUsqOk6+usBRvEvMk4c0K7eBWxF2sKk8tVw0/xi5LCRWi5xB96TiZpZmHEPU0rrr iNw86+8uJIrhTlGtbENccLDRqjw2otEcVVK5eXIgdnNbeTJy2df2xqw5dEQDtbvH KcG4RhISZlmqm80sabLOORNWbo4RpSgp6xNmq5VzS+PQ17xHPO2q4/0L33L72lKU Dvors4Rbf2CzPgeJ6+0BqLEdLM0ub89wV/vqx1UmEYqafnMuRZ7Rlx8vukGlpRZs FvH6MOi2weS0zg3Li+mK =RNqp -----END PGP SIGNATURE-----
--=-dcaCV1WM6JG4iU0UEYmP--
--===============5630581815957667814== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline
LS0gCnVidW50dS1zZWN1cml0eS1hbm5vdW5jZSBtYWlsaW5nIGxpc3QKdWJ1bnR1LXNlY3VyaXR5 LWFubm91bmNlQGxpc3RzLnVidW50dS5jb20KTW9kaWZ5IHNldHRpbmdzIG9yIHVuc3Vic2NyaWJl IGF0OiBodHRwczovL2xpc3RzLnVidW50dS5jb20vbWFpbG1hbi9saXN0aW5mby91YnVudHUtc2Vj dXJpdHktYW5ub3VuY2UK
--===============5630581815957667814==--
|
|
|
|