Ubuntu Secutity Notices

Subscribe to Ubuntu Secutity Notices hírcsatorna
Recent content on Ubuntu security notices
Frissítve: 1 óra 10 perc
2021. január 4.

USN-4674-2: Dovecot vulnerability

USN-4674-1 fixed a vulnerability in Dovecot. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Innokentii Sennovskiy discovered that Dovecot incorrectly handled MIME parsing. A remote attacker could possibly use this issue to cause Dovecot to crash, resulting in a denial of service. (CVE-2020-25275)
2021. január 4.

USN-4674-1: Dovecot vulnerabilities

It was discovered that Dovecot incorrectly handled certain imap hibernation commands. A remote authenticated attacker could possibly use this issue to access other users' email. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 20.10. (CVE-2020-24386) Innokentii Sennovskiy discovered that Dovecot incorrectly handled MIME parsing. A remote attacker could possibly use this issue to cause Dovecot to crash, resulting in a denial of service. (CVE-2020-25275)
2021. január 4.

USN-4668-3: python-apt regression

USN-4668-1 fixed vulnerabilities in python-apt. The update caused a regression when using certain APIs with a file handle. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Kevin Backhouse discovered that python-apt incorrectly handled resources. A local attacker could possibly use this issue to cause python-apt to consume resources, leading to a denial of service.
2021. január 4.

USN-4673-1: libproxy vulnerability

Li Fei discovered that libproxy incorrectly handled certain PAC files. An attacker could possibly use this issue to cause a crash or execute arbitrary code.