Joined: 12 May 2004
|Posted: Sat Aug 31, 2019 10:26 pm Post subject: [ GLSA 201908-29 ] Dovecot
|Gentoo Linux Security Advisory
Title: Dovecot: Multiple vulnerabilities (GLSA 201908-29)
Exploitable: local, remote
Bug(s): #683732, #692572
Multiple vulnerabilities have been found in Dovecot, the worst of
which could result in the arbitrary execution of code.
Dovecot is an open source IMAP and POP3 email server.
Vulnerable: < 184.108.40.206
Unaffected: >= 220.127.116.11
Architectures: All supported architectures
Multiple vulnerabilities have been discovered in Dovecot. Please review
the CVE identifiers referenced below for details.
An unauthenticated remote attacker could send a specially crafted mail
or use crafted IMAP commands possibly resulting in the execution of
arbitrary code with the privileges of the process or a Denial of Service
There is no known workaround at this time.
All Dovecot users should upgrade to the latest version:
|# emerge --sync
# emerge --ask --oneshot --verbose ">=net-mail/dovecot-18.104.22.168"