Ubuntu Secutity Notices
USN-4674-2: Dovecot vulnerability
USN-4674-1 fixed a vulnerability in Dovecot. This update provides
the corresponding update for Ubuntu 14.04 ESM.
Original advisory details:
Innokentii Sennovskiy discovered that Dovecot incorrectly handled MIME
parsing. A remote attacker could possibly use this issue to cause Dovecot
to crash, resulting in a denial of service. (CVE-2020-25275)
USN-4674-1: Dovecot vulnerabilities
It was discovered that Dovecot incorrectly handled certain imap hibernation
commands. A remote authenticated attacker could possibly use this issue to
access other users' email. This issue only affected Ubuntu 18.04 LTS,
Ubuntu 20.04 LTS, and Ubuntu 20.10. (CVE-2020-24386)
Innokentii Sennovskiy discovered that Dovecot incorrectly handled MIME
parsing. A remote attacker could possibly use this issue to cause Dovecot
to crash, resulting in a denial of service. (CVE-2020-25275)
USN-4668-3: python-apt regression
USN-4668-1 fixed vulnerabilities in python-apt. The update caused a
regression when using certain APIs with a file handle. This update fixes
the problem.
We apologize for the inconvenience.
Original advisory details:
Kevin Backhouse discovered that python-apt incorrectly handled resources. A
local attacker could possibly use this issue to cause python-apt to consume
resources, leading to a denial of service.
USN-4673-1: libproxy vulnerability
Li Fei discovered that libproxy incorrectly handled certain PAC files.
An attacker could possibly use this issue to cause a crash or execute arbitrary
code.