Ubuntu Security Notice 6876-1 - It was discovered that Kopano Core allowed out-of-bounds access. An attacker could use this issue to expose private information. This issue only affected Ubuntu 18.04 LTS. It was discovered that Kopano Core allowed possible authentication with expired passwords. An attacker could use this issue to bypass authentication.
137bbcbe1b2c901ac5b8a9b04f3acb6ff1701f3eb2c429e3766fb4fb65ca29b5==========================================================================
Ubuntu Security Notice USN-6876-1
July 04, 2024
kopanocore vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
Summary:
Several security issues were fixed in Kopano Core.
Software Description:
- kopanocore: Complete and feature rich groupware solution
Details:
It was discovered that Kopano Core allowed out-of-bounds access. An
attacker could use this issue to expose private information. This issue
only affected Ubuntu 18.04 LTS. (CVE-2019-19907)
It was discovered that Kopano Core allowed possible authentication
with expired passwords. An attacker could use this issue to bypass
authentication. (CVE-2022-26562)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 22.04 LTS
kopano-archiver 8.7.0-7.1ubuntu10.1
kopano-contacts 8.7.0-7.1ubuntu10.1
kopano-dagent 8.7.0-7.1ubuntu10.1
kopano-gateway 8.7.0-7.1ubuntu10.1
kopano-ical 8.7.0-7.1ubuntu10.1
kopano-libs 8.7.0-7.1ubuntu10.1
kopano-monitor 8.7.0-7.1ubuntu10.1
kopano-server 8.7.0-7.1ubuntu10.1
kopano-spooler 8.7.0-7.1ubuntu10.1
kopano-utils 8.7.0-7.1ubuntu10.1
php-mapi 8.7.0-7.1ubuntu10.1
python3-mapi 8.7.0-7.1ubuntu10.1
Ubuntu 20.04 LTS
kopano-archiver 8.7.0-7ubuntu1.1
kopano-contacts 8.7.0-7ubuntu1.1
kopano-dagent 8.7.0-7ubuntu1.1
kopano-gateway 8.7.0-7ubuntu1.1
kopano-ical 8.7.0-7ubuntu1.1
kopano-libs 8.7.0-7ubuntu1.1
kopano-monitor 8.7.0-7ubuntu1.1
kopano-server 8.7.0-7ubuntu1.1
kopano-spooler 8.7.0-7ubuntu1.1
kopano-utils 8.7.0-7ubuntu1.1
php-mapi 8.7.0-7ubuntu1.1
python3-mapi 8.7.0-7ubuntu1.1
Ubuntu 18.04 LTS
kopano-archiver 8.5.5-0ubuntu1+esm1
Available with Ubuntu Pro
kopano-contacts 8.5.5-0ubuntu1+esm1
Available with Ubuntu Pro
kopano-dagent 8.5.5-0ubuntu1+esm1
Available with Ubuntu Pro
kopano-gateway 8.5.5-0ubuntu1+esm1
Available with Ubuntu Pro
kopano-ical 8.5.5-0ubuntu1+esm1
Available with Ubuntu Pro
kopano-libs 8.5.5-0ubuntu1+esm1
Available with Ubuntu Pro
kopano-monitor 8.5.5-0ubuntu1+esm1
Available with Ubuntu Pro
kopano-server 8.5.5-0ubuntu1+esm1
Available with Ubuntu Pro
kopano-spooler 8.5.5-0ubuntu1+esm1
Available with Ubuntu Pro
kopano-utils 8.5.5-0ubuntu1+esm1
Available with Ubuntu Pro
php-mapi 8.5.5-0ubuntu1+esm1
Available with Ubuntu Pro
python-mapi 8.5.5-0ubuntu1+esm1
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-6876-1
<https://ubuntu.com/security/notices/USN-6876-1>
CVE-2019-19907, CVE-2022-26562
Package Information:
https://launchpad.net/ubuntu/+source/kopanocore/8.7.0-7.1ubuntu10.1
<https://launchpad.net/ubuntu/+source/kopanocore/8.7.0-7.1ubuntu10.1>
https://launchpad.net/ubuntu/+source/kopanocore/8.7.0-7ubuntu1.1
<https://launchpad.net/ubuntu/+source/kopanocore/8.7.0-7ubuntu1.1>
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed