[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Dovecot issues fixed in unstable

Salvatore Bonaccorso carnil at debian.org
Thu Mar 1 10:10:55 UTC 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d0c52f26 by Salvatore Bonaccorso at 2018-03-01T11:10:37+01:00
Dovecot issues fixed in unstable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -26172,7 +26172,7 @@ CVE-2017-15133 (A denial of service flaw was found in miekg-dns before 1.0.4. A 
 	NOTE: https://github.com/miekg/dns/issues/627
 	NOTE: https://github.com/miekg/dns/pull/631
 CVE-2017-15132 (A flaw was found in dovecot 2.0 up to 2.2.33 and 2.3.0. An abort of ...)
-	- dovecot <unfixed> (bug #888432)
+	- dovecot 1:2.2.34-1 (bug #888432)
 	[stretch] - dovecot <no-dsa> (Minor memory leak, will be fixed via point release)
 	[jessie] - dovecot <no-dsa> (Minor memory leak, will be fixed via point release)
 	NOTE: Fixed by: https://github.com/dovecot/core/commit/1a29ed2f96da1be22fa5a4d96c7583aa81b8b060.patch
@@ -26192,7 +26192,7 @@ CVE-2017-15131 (It was found that system umask policy is not being honored when 
 	NOTE: http://bugs.freedesktop.org/show_bug.cgi?id=102303
 CVE-2017-15130 [TLS SNI config lookups are inefficient and can be used for DoS]
 	RESERVED
-	- dovecot <unfixed> (bug #891820)
+	- dovecot 1:2.2.34-1 (bug #891820)
 	NOTE: https://www.dovecot.org/list/dovecot-news/2018-February/000370.html
 	NOTE: https://github.com/dovecot/core/commit/22311315b9f780211329c1522eb5aaa4faaa9391
 	NOTE: https://github.com/dovecot/core/commit/f3504763c27c2661716c0d1dbd3e0fc662107a21
@@ -28458,7 +28458,7 @@ CVE-2017-14462
 	RESERVED
 CVE-2017-14461 [rfc822_parse_domain information leak vulnerability]
 	RESERVED
-	- dovecot <unfixed> (bug #891819)
+	- dovecot 1:2.2.34-1 (bug #891819)
 	NOTE: https://www.dovecot.org/list/dovecot-news/2018-February/000370.html
 	NOTE: https://github.com/dovecot/core/commit/30dc856f7b97b75b0e0d69f5003d5d99a13249b4
 	NOTE: https://github.com/dovecot/core/commit/8d65e2345e1dbedb00b662ee0abd05be2e7e6b7e



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d0c52f26ec971d71fc1a97f2489dfcd90e267168

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d0c52f26ec971d71fc1a97f2489dfcd90e267168
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180301/efcfe5a4/attachment-0001.html>

More information about the Secure-testing-commits mailing list