dovecot (1:2.2.22-1ubuntu2.11) xenial-security; urgency=medium
* SECURITY UPDATE: IMAP do not properly handled NULL byte - bounds
heap memory writes
- debian/patches/CVE-2019-11500-*.patch: doesn't accept strings with
NULs in src/lib-imap/imap-parser.c and
pigeonhole/src/lib-managesieve/managesieve-parser.c,
make sure str_unescape won't be writing past allocated memory
in src/lib-imap/imap-parser.c and
pieonhole/src/lig-managesieve/managesieve-parser.c.
- CVE-2019-11500
Date: 2019-08-15 12:02:14.315835+00:00
Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa)
https://launchpad.net/ubuntu/+source/dovecot/1:2.2.22-1ubuntu2.11
Sorry, changesfile not available.
--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/xenial-changes