Ubuntu Security Notice 3258-2 - USN-3258-1 intended to fix a vulnerability in Dovecot. Further investigation revealed that only Dovecot versions 2.2.26 and newer were affected by the vulnerability. Additionally, the change introduced a regression when Dovecot was configured to use the "dict" authentication database. This update reverts the change. It was discovered that Dovecot incorrectly handled some usernames. An attacker could possibly use this issue to cause Dovecot to hang or crash, resulting in a denial of service. Various other issues were also addressed.
aeb7eb5a4c7e0c1d570d72040645a8653b06cc2f415273328b2ef5fddc33d78f
Ubuntu Security Notice 3258-1 - It was discovered that Dovecot incorrectly handled some usernames. An attacker could possibly use this issue to cause Dovecot to hang or crash, resulting in a denial of service.
5101ff0e70771f14628412493ecbd468dc95e9c6bd6f142a841f86cabb362f8b