Upstream has issued an advisory on May 18: https://www.openwall.com/lists/oss-security/2020/05/18/1 The issues are fixed upstream in 2.3.10.1.
Advisory ======== Dovecot has been updated to fix several security issues. CVE-2020-10957: Sending malformed NOOP command causes crash in submission, submission-login or lmtp service. CVE-2020-10958: Sending command followed by sufficient number of newlines triggers a use-after-free bug that might crash submission-login, submission or lmtp service. CVE-2020-10967: Sending mail with empty quoted localpart causes submission or lmtp component to crash. References ========== https://www.openwall.com/lists/oss-security/2020/05/18/1 https://nvd.nist.gov/vuln/detail/CVE-2020-10957 https://nvd.nist.gov/vuln/detail/CVE-2020-10958 https://nvd.nist.gov/vuln/detail/CVE-2020-10967 Files ===== Uploaded to core/updates_testing dovecot-pigeonhole-2.3.10.1-1.mga7 dovecot-devel-2.3.10.1-1.mga7 dovecot-pigeonhole-devel-2.3.10.1-1.mga7 dovecot-plugins-ldap-2.3.10.1-1.mga7 dovecot-plugins-pgsql-2.3.10.1-1.mga7 dovecot-plugins-mysql-2.3.10.1-1.mga7 dovecot-plugins-sqlite-2.3.10.1-1.mga7 dovecot-plugins-gssapi-2.3.10.1-1.mga7 dovecot-2.3.10.1.mga7 from dovecot-2.3.10.1-1.mga7.src.rpm
Assignee: smelror => qa-bugs
Installed and tested without issues. Tested with various accounts with several GiB of emails. Tested with kmail, roundcubemail and k9 clients. System: Mageia 7, x86_64, Plasma DE, LXQt DE, Intel CPU, nVidia GPU using nvidia340 proprietary driver. $ uname -a Linux marte 5.6.8-desktop-1.mga7 #1 SMP Thu Apr 30 06:12:53 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ rpm -qa | grep dovecot dovecot-2.3.10.1-1.mga7 dovecot-pigeonhole-2.3.10.1-1.mga7 $ systemctl status dovecot.service dovecot.socket dovecot.service dovecot.socket $ systemctl status dovecot.service dovecot.socket ● dovecot.service - Dovecot IMAP/POP3 email server Loaded: loaded (/usr/lib/systemd/system/dovecot.service; disabled; vendor preset: disabled) Active: active (running) since Tue 2020-05-19 21:02:02 WEST; 16min ago Docs: man:dovecot(1) http://wiki2.dovecot.org/ Main PID: 15041 (dovecot) Tasks: 5 (limit: 4697) Memory: 12.5M CGroup: /system.slice/dovecot.service ├─15041 /usr/sbin/dovecot -F ├─15044 dovecot/anvil ├─15045 dovecot/log ├─15047 dovecot/config └─15049 dovecot/stats mai 19 21:17:44 marte dovecot[15045]: imap-login: Login: user=<pclx>, method=PLAIN, rip=fd00:0:1:1::1, lip=fd00:0:1:1::1, mpid=15982, secured, session=<nXbh+AWmOKH9AAAAAAEAAQAAAAAAAAAB> mai 19 21:17:44 marte dovecot[15045]: imap(pclx)<15982><nXbh+AWmOKH9AAAAAAEAAQAAAAAAAAAB>: Logged out in=44 out=1407 deleted=0 expunged=0 trashed=0 hdr_count=0 hdr_bytes=0 body_count=0 body_bytes=0 mai 19 21:17:44 marte dovecot[15045]: imap-login: Login: user=<pclx>, method=PLAIN, rip=fd00:0:1:1::1, lip=fd00:0:1:1::1, mpid=15988, secured, session=<0Qbq+AWmOqH9AAAAAAEAAQAAAAAAAAAB> mai 19 21:17:44 marte dovecot[15045]: imap-login: Login: user=<pclx>, method=PLAIN, rip=fd00:0:1:1::1, lip=fd00:0:1:1::1, mpid=15990, secured, session=<z0Pq+AWmPKH9AAAAAAEAAQAAAAAAAAAB> mai 19 21:17:44 marte dovecot[15045]: imap(pclx)<15988><0Qbq+AWmOqH9AAAAAAEAAQAAAAAAAAAB>: Logged out in=1073 out=3389 deleted=0 expunged=0 trashed=0 hdr_count=0 hdr_bytes=0 body_count=0 body_bytes=0 mai 19 21:17:44 marte dovecot[15045]: imap(pclx)<15990><z0Pq+AWmPKH9AAAAAAEAAQAAAAAAAAAB>: Logged out in=303 out=2829 deleted=0 expunged=0 trashed=0 hdr_count=3 hdr_bytes=992 body_count=0 body_bytes=0 mai 19 21:17:46 marte dovecot[15045]: imap-login: Login: user=<pclx>, method=PLAIN, rip=fd00:0:1:1::1, lip=fd00:0:1:1::1, mpid=15999, secured, session=<GiIL+QWmQKH9AAAAAAEAAQAAAAAAAAAB> mai 19 21:17:46 marte dovecot[15045]: imap(pclx)<15999><GiIL+QWmQKH9AAAAAAEAAQAAAAAAAAAB>: Logged out in=323 out=23224 deleted=0 expunged=0 trashed=0 hdr_count=38 hdr_bytes=13386 body_count=0 body_bytes=0 mai 19 21:18:31 marte dovecot[15045]: imap(pclx)<15166><mzhBzQWmRJ/9AAAAAAEAAQAAAAAAAAAB>: Logged out in=151674 out=221896 deleted=0 expunged=2 trashed=0 hdr_count=2 hdr_bytes=5121 body_count=25 body_bytes=20> mai 19 21:18:31 marte dovecot[15045]: imap(pclx)<15052><OIzJwAWmOp/9AAAAAAEAAQAAAAAAAAAB>: Logged out in=161 out=19294 deleted=0 expunged=0 trashed=0 hdr_count=0 hdr_bytes=0 body_count=0 body_bytes=0 ● dovecot.socket - Dovecot IMAP/POP3 email server activation socket Loaded: loaded (/usr/local/lib/systemd/system/dovecot.socket; enabled; vendor preset: disabled) Active: active (running) since Tue 2020-05-19 10:32:30 WEST; 10h ago Listen: 10.0.0.1:143 (Stream) 10.0.0.1:993 (Stream) [fd00:0:1:1::1]:143 (Stream) [fd00:0:1:1::1]:993 (Stream) Tasks: 0 (limit: 4697) Memory: 196.0K CGroup: /system.slice/dovecot.socket mai 19 10:32:30 marte systemd[1]: Listening on Dovecot IMAP/POP3 email server activation socket.
CC: (none) => mageiaWhiteboard: (none) => MGA7-64-OK
Validating. Advisory in Comment 1.
CC: (none) => andrewsfarm, sysadmin-bugsKeywords: (none) => validated_update
Ubuntu has issued an advisory for this on May 18: https://usn.ubuntu.com/4361-1/
CC: (none) => tmbKeywords: (none) => advisory
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2020-0222.html
Status: NEW => RESOLVEDResolution: (none) => FIXED