Package "dovecot-core"
| Name: |
dovecot-core
|
Description: |
secure POP3/IMAP server - core files
|
| Latest version: |
1:2.4.1+dfsg1-5ubuntu4.1 |
| Release: |
questing (25.10) |
| Level: |
security |
| Repository: |
main |
| Head package: |
dovecot |
| Homepage: |
https://dovecot.org/ |
Links
Download "dovecot-core"
Other versions of "dovecot-core" in Questing
Changelog
|
dovecot (1:2.4.1+dfsg1-5ubuntu4.1) questing-security; urgency=medium
* SECURITY UPDATE: Improper input validation
- debian/patches/CVE-2025-59028.patch: [PATCH 01/24] auth: Don't
disconnect auth client when invalid base64 SASL input is received
- CVE-2025-59028
* SECURITY UPDATE: Exposure of Sensitive Information to an Unauthorized
Actor
- debian/patches/CVE-2025-59031.patch: [PATCH 02/24] fts: Remove
decode2text.sh
- debian/rules: Remove decode2text.sh from it.
- debian/dovecot-core.examples: Remove decode2text.sh from it.
- CVE-2025-59031
* SECURITY UPDATE: Improper Input Validation
- debian/patches/CVE-2025-59032.patch: managesieve-login: Fix crash
when command didn't finish on the first call
- CVE-2025-59032
* SECURITY UPDATE: SQL/LDAP Injection
- debian/patches/CVE-2026-24031-27860-1.patch: [PATCH 04/24] auth:
Make struct settings_get_params params const
- debian/patches/CVE-2026-24031-27860-2.patch: [PATCH 05/24] auth:
passdb/userdb ldap - Fix escaping ldap filter, base and bind_userdn
- debian/patches/CVE-2026-24031-27860-3.patch: [PATCH 06/24] lib-
settings: settings_get_params() - Fix using provided escape_func
- debian/patches/CVE-2026-24031-27860-4.patch: [PATCH 07/24] auth:
test-auth - Run Lua unit tests even when building Lua as plugin
- debian/patches/CVE-2026-24031-27860-5.patch: [PATCH 08/24] auth:
Rewrite ldap_escape() with a unit test
- debian/patches/CVE-2026-24031-27860-6.patch: [PATCH 09/24] auth:
passdb sql - Fix escaping for set_credentials()
- debian/patches/CVE-2026-24031-27860-7.patch: [PATCH 10/24] auth:
userdb sql - Fix escaping for user iteration
- debian/patches/CVE-2026-24031-27860-8.patch: [PATCH 11/24] lib-
var-expand: Add "safe" filter to prevent escaping output
- CVE-2026-24031
- CVE-2026-27860
* SECURITY UPDATE: Authentication Bypass
- debian/patches/CVE-2026-27855-1.patch: [PATCH 21/24] auth: cache -
Use translated username in auth_cache_remove()
- debian/patches/CVE-2026-27855-2.patch: [PATCH 22/24] auth: Move
passdb event lifecycle handling to
auth_request_passdb_event_(begin|end)
- debian/patches/CVE-2026-27855-3.patch: [PATCH 23/24] auth:
Initialize set_credentials event properly
- debian/patches/CVE-2026-27855-4.patch: [PATCH 24/24] auth: passdb-
sql - Require update_query to be set when used
- CVE-2026-27855
* SECURITY UPDATE: Improper Authentication
- debian/patches/CVE-2026-27856-1.patch: [PATCH 16/24] doveadm:
client-connection - Use timing safe credential check
- debian/patches/CVE-2026-27856-2.patch: [PATCH 17/24] doveadm: Use
datastack for temporary b64 value
- debian/patches/CVE-2026-27856-3.patch: [PATCH 18/24] doveadm:
client-connection - Get API key from per-connection settings
- CVE-2026-27856
* SECURITY UPDATE: Uncontrolled Resource Consumption
- debian/patches/CVE-2026-27857-1.patch: [PATCH 1/2] plugins: imap-
filter-sieve: imap-filter-sieve - Adjust to imap_parser_create() API
change
- debian/patches/CVE-2026-27857-2.patch: [PATCH 12/24] lib-imap,
global: Add params parameter to imap_parser_create()
- debian/patches/CVE-2026-27857-3.patch: [PATCH 13/24] lib-imap: Add
imap_parser_params.list_count_limit
- debian/patches/CVE-2026-27857-4.patch: [PATCH 14/24] imap-login:
Limit the number of open IMAP parser lists
- debian/patches/CVE-2026-27857-5.patch: [PATCH 15/24] global: Use
const for struct imap_parser_params params
- CVE-2026-27857
* SECURITY UPDATE: Uncontrolled Resource Consumption
- debian/patches/CVE-2026-27858.patch: [PATCH 2/2] managesieve-
login: Verify AUTHENTICATE initial response size isn't too large
- CVE-2026-27858
* SECURITY UPDATE: Uncontrolled Resource Consumption
- debian/patches/CVE-2026-27859.patch: [PATCH 03/24] lib-mail: Limit
the number of RFC2231 parameters that can be parsed
- CVE-2026-27859
-- Eduardo Barretto <email address hidden> Wed, 25 Mar 2026 16:20:52 +0100
|
| CVE-2025-59028 |
When sending invalid base64 SASL data, login process is disconnected from the auth server, causing all active authentication sessions to fail. Invali |
| CVE-2025-59031 |
Dovecot has provided a script to use for attachment to text conversion. This script unsafely handles zip-style attachments. Attacker can use speciall |
| CVE-2025-59032 |
ManageSieve AUTHENTICATE command crashes when using literal as SASL initial response. This can be used to crash ManageSieve service repeatedly, makin |
| CVE-2026-24031 |
Dovecot SQL based authentication can be bypassed when auth_username_chars is cleared by admin. This vulnerability allows bypassing authentication for |
| CVE-2026-27860 |
If auth_username_chars is empty, it is possible to inject arbitrary LDAP filter to Dovecot's LDAP authentication. This leads to potentially bypassing |
| CVE-2026-27855 |
Dovecot OTP authentication is vulnerable to replay attack under specific conditions. If auth cache is enabled, and username is altered in passdb, the |
| CVE-2026-27856 |
Doveadm credentials are verified using direct comparison which is susceptible to timing oracle attack. An attacker can use this to determine the conf |
| CVE-2026-27857 |
Sending "NOOP (((...)))" command with 4000 parenthesis open+close results in ~1MB extra memory usage. Longer commands will result in client disconnec |
| CVE-2026-27858 |
Attacker can send a specifically crafted message before authentication that causes managesieve to allocate large amount of memory.
Attacker can for |
| CVE-2026-27859 |
A mail message containing excessive amount of RFC 2231 MIME parameters causes LMTP to use too much CPU. A suitably formatted mail message causes mail |
|
About
-
Send Feedback to @ubuntu_updates
