Secunia Security Advisory - Ubuntu has issued an update for dovecot. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions.
e879b991b43be1002bb94ca05d94eeee253c34cd1a6492dc9acaa9da99d0c8e6----------------------------------------------------------------------
A new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI
has been released. The new version includes many new and advanced
features, which makes it even easier to stay patched.
Download and test it today:
https://psi.secunia.com/
Read more about this new version:
https://psi.secunia.com/?page=changelog
----------------------------------------------------------------------
TITLE:
Ubuntu update for dovecot
SECUNIA ADVISORY ID:
SA29557
VERIFY ADVISORY:
http://secunia.com/advisories/29557/
CRITICAL:
Moderately critical
IMPACT:
Security Bypass
WHERE:
>From remote
OPERATING SYSTEM:
Ubuntu Linux 7.10
http://secunia.com/product/16251/
Ubuntu Linux 7.04
http://secunia.com/product/14068/
Ubuntu Linux 6.10
http://secunia.com/product/12470/
Ubuntu Linux 6.06
http://secunia.com/product/10611/
DESCRIPTION:
Ubuntu has issued an update for dovecot. This fixes a vulnerability,
which can be exploited by malicious people to bypass certain security
restrictions.
For more information:
SA29295
SOLUTION:
Apply updated packages.
-- Ubuntu 6.06 LTS --
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot_1.0.beta3-3ubuntu5.6.diff.gz
Size/MD5: 482805 f572acb482f90bb083314e880a772806
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot_1.0.beta3-3ubuntu5.6.dsc
Size/MD5: 867 f388415adecfb6e6b66821c601202954
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot_1.0.beta3.orig.tar.gz
Size/MD5: 1360574 5418f9f7fe99e4f10bb82d9fe504138a
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-common_1.0.beta3-3ubuntu5.6_amd64.deb
Size/MD5: 968546 0a9feb89c2b960cbb283a0a957c1ab3b
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-imapd_1.0.beta3-3ubuntu5.6_amd64.deb
Size/MD5: 535154 c3fabd531b6c633a48ee9d3dfe5fbea9
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-pop3d_1.0.beta3-3ubuntu5.6_amd64.deb
Size/MD5: 503144 bb2ae9e81eb6188263827cb87cba29e7
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-common_1.0.beta3-3ubuntu5.6_i386.deb
Size/MD5: 842602 3a3b5f8a056546dcad50211b6a66b17e
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-imapd_1.0.beta3-3ubuntu5.6_i386.deb
Size/MD5: 487858 735fe4c9291d8f3e2f6ea93df9e6a722
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-pop3d_1.0.beta3-3ubuntu5.6_i386.deb
Size/MD5: 458548 a32d03a27e76610ef5e9a5b25adc369d
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-common_1.0.beta3-3ubuntu5.6_powerpc.deb
Size/MD5: 946420 888fd964ff401c9436810f59a56c960e
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-imapd_1.0.beta3-3ubuntu5.6_powerpc.deb
Size/MD5: 528892 65204a0f2de667fcc5bb7097c2973df9
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-pop3d_1.0.beta3-3ubuntu5.6_powerpc.deb
Size/MD5: 496616 8b71cb5999b41bd150d1427090f5266a
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-common_1.0.beta3-3ubuntu5.6_sparc.deb
Size/MD5: 859702 096725e1d08fb32b4c30e4cb06a303ee
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-imapd_1.0.beta3-3ubuntu5.6_sparc.deb
Size/MD5: 494022 69cb816c90fbc8c154860150beb54df1
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-pop3d_1.0.beta3-3ubuntu5.6_sparc.deb
Size/MD5: 464254 49ef9af48a8bcbc1b43cf64e579c8bac
-- Ubuntu 6.10 --
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot_1.0.rc2-1ubuntu2.3.diff.gz
Size/MD5: 481921 30469a011f337d9ea2af0d5660cdc3bb
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot_1.0.rc2-1ubuntu2.3.dsc
Size/MD5: 900 103e47535573605f059bfe512bbe9e9d
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot_1.0.rc2.orig.tar.gz
Size/MD5: 1257435 e27a248b2ee224e4618aa2f020150041
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-common_1.0.rc2-1ubuntu2.3_amd64.deb
Size/MD5: 941192 6d872ad2200983d3c6fb0af0af1689b4
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-imapd_1.0.rc2-1ubuntu2.3_amd64.deb
Size/MD5: 389328 d249f6bee773d0302cb500107d5c30f1
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-pop3d_1.0.rc2-1ubuntu2.3_amd64.deb
Size/MD5: 355572 af818dec4a8102797efe010c52d2f3da
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-common_1.0.rc2-1ubuntu2.3_i386.deb
Size/MD5: 837862 a2e1e5ab801a81bd7ede896c68b471dc
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-imapd_1.0.rc2-1ubuntu2.3_i386.deb
Size/MD5: 356148 fe47879721273c223fdb02b820572c2d
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-pop3d_1.0.rc2-1ubuntu2.3_i386.deb
Size/MD5: 325538 930636d7b634b371ef7564a54f7ebbc8
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-common_1.0.rc2-1ubuntu2.3_powerpc.deb
Size/MD5: 930236 0e501c64167c62697a6d35f77723f626
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-imapd_1.0.rc2-1ubuntu2.3_powerpc.deb
Size/MD5: 387640 e383c12a8ae5f38f99b5605fe615d303
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-pop3d_1.0.rc2-1ubuntu2.3_powerpc.deb
Size/MD5: 354172 3b497cae8495e559124a8a32d0199fec
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-common_1.0.rc2-1ubuntu2.3_sparc.deb
Size/MD5: 825242 483e84acb29649b05fd20b0516462e36
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-imapd_1.0.rc2-1ubuntu2.3_sparc.deb
Size/MD5: 349766 ae08a2bc0af7693fd3eba475cdefea81
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-pop3d_1.0.rc2-1ubuntu2.3_sparc.deb
Size/MD5: 318894 b0962827bc67760168431aa08407c40a
-- Ubuntu 7.04 --
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot_1.0.rc17-1ubuntu2.3.diff.gz
Size/MD5: 110359 d45086b091902ffe4c897a37500640ef
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot_1.0.rc17-1ubuntu2.3.dsc
Size/MD5: 1100 2ebee5689361d891820080b8c03c1b80
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot_1.0.rc17.orig.tar.gz
Size/MD5: 1512386 881bcc7d2c8fba6d337f3e616a602bf7
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-common_1.0.rc17-1ubuntu2.3_amd64.deb
Size/MD5: 1279482 7ca87aed81c784bc5fadcf51df7bb07b
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-imapd_1.0.rc17-1ubuntu2.3_amd64.deb
Size/MD5: 589038 f7053e7a3037267a13de1b7d7daba6ae
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-pop3d_1.0.rc17-1ubuntu2.3_amd64.deb
Size/MD5: 554270 7f92ed3a933b775a6301b1d8723e60d0
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-common_1.0.rc17-1ubuntu2.3_i386.deb
Size/MD5: 1169674 fc5fbc9f8b4c33fb2f773c7767625c79
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-imapd_1.0.rc17-1ubuntu2.3_i386.deb
Size/MD5: 556308 13e0b06665a17c56da6d17ec3af892ca
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-pop3d_1.0.rc17-1ubuntu2.3_i386.deb
Size/MD5: 523676 681dd1951ef3d61b225930f9ba20f1d4
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-common_1.0.rc17-1ubuntu2.3_powerpc.deb
Size/MD5: 1296474 b691fd7d6d5a5df7b08af8d732f806e1
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-imapd_1.0.rc17-1ubuntu2.3_powerpc.deb
Size/MD5: 593374 77b2a2b0bf8f05c5fd8c03887dd0739d
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-pop3d_1.0.rc17-1ubuntu2.3_powerpc.deb
Size/MD5: 558844 03bde80aa2b1282c9131590cc530e68d
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-common_1.0.rc17-1ubuntu2.3_sparc.deb
Size/MD5: 1163166 66565dbe0abf26fa13e1eae8d51f81f8
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-imapd_1.0.rc17-1ubuntu2.3_sparc.deb
Size/MD5: 551744 d7858288e8326aad4cff410e5336ce1d
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-pop3d_1.0.rc17-1ubuntu2.3_sparc.deb
Size/MD5: 519076 45e334d300da1c76f5da042d0dbbfe44
-- Ubuntu 7.10 --
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot_1.0.5-1ubuntu2.2.diff.gz
Size/MD5: 116694 c21b8fd1aa899cec34c5428d953ba992
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot_1.0.5-1ubuntu2.2.dsc
Size/MD5: 1115 74def18e831b00a23b5ee06f36634e55
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot_1.0.5.orig.tar.gz
Size/MD5: 1775898 94b7d29cf44f63f89d538361afa05c40
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-common_1.0.5-1ubuntu2.2_amd64.deb
Size/MD5: 1822104 aebc0d840798e22dd1794b12f65fb65f
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-imapd_1.0.5-1ubuntu2.2_amd64.deb
Size/MD5: 656608 d3ad8a6801d0be7060a2f57787cd93db
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-pop3d_1.0.5-1ubuntu2.2_amd64.deb
Size/MD5: 620032 ed96dadf810230c3f19fb1c07963b551
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-common_1.0.5-1ubuntu2.2_i386.deb
Size/MD5: 1680262 d4014ff94fd68f928c8b91a2bfbf8143
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-imapd_1.0.5-1ubuntu2.2_i386.deb
Size/MD5: 623590 2b42a167edcc0614b6f2b657319bda7d
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-pop3d_1.0.5-1ubuntu2.2_i386.deb
Size/MD5: 590130 2bab04499b1cbf80042248ba3250c585
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-common_1.0.5-1ubuntu2.2_powerpc.deb
Size/MD5: 1840504 d989541e39e1ddad883537907502b0f4
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-imapd_1.0.5-1ubuntu2.2_powerpc.deb
Size/MD5: 659636 cb7c4ca376b74c8e36ae80b14277c25d
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-pop3d_1.0.5-1ubuntu2.2_powerpc.deb
Size/MD5: 624332 022c275417a9ac846b5ed09eea225e84
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-common_1.0.5-1ubuntu2.2_sparc.deb
Size/MD5: 1674688 798e926a5b6180a64fced9c592b38762
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-imapd_1.0.5-1ubuntu2.2_sparc.deb
Size/MD5: 620580 9fb4843e505d09dcc0374b6bbc4dbb3b
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-pop3d_1.0.5-1ubuntu2.2_sparc.deb
Size/MD5: 587500 08bd76dc21c61c368b092d9c6d674e0a
ORIGINAL ADVISORY:
http://www.ubuntu.com/usn/usn-593-1
OTHER REFERENCES:
SA29295:
http://secunia.com/advisories/29295/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed