Source: dovecot Version: 1:2.2.13-12~deb8u1 Severity: normal Tags: security
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 According the the Dovecot 2.2.19 changelog: * pop3_deleted_flag has been broken since v2.2.10. Using it would cause buffer overflows, which could be exploitable. However, this bug would have become visible quite soon after users had deleted some POP3 mails, because the pop3 processes would have started crashing all the time even in normal use. That sounds like a security fix that should be backported to stable. Unfortunately they haven't put it on their security page, nor can I find a CVE for it. I would guess this is the patch: http://hg.dovecot.org/dovecot-2.2/rev/05e0700daea3 While upstream doubts there are any exploitable installations, seems to me it could be a problem on smaller servers, where the admin may have enabled it despite POP3 being seldom (if ever) used. Mainly, because had I not read that changelog, I would have just created such an installation. - -- System Information: Debian Release: stretch/sid APT prefers testing APT policy: (500, 'testing'), (500, 'stable'), (130, 'unstable'), (120, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.1.0-1-amd64 (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Init: systemd (via /run/systemd/system) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iEYEARECAAYFAlYwagcACgkQ+z+IwlXqWf4MfwCfbsTQc97qfz2zzKMU+4pXFz3R PlIAn3Y7sfLvjCjI9fzd0SYTowpADgjl =5DAd -----END PGP SIGNATURE----- _______________________________________________ Secure-testing-team mailing list Secure-testing-team@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-team
