dovecot-2.0.9-22.AXS4.1
エラータID: AXSA:2019-4315:01
リリース日:
2019/09/25 Wednesday - 07:48
題名:
dovecot-2.0.9-22.AXS4.1
影響のあるチャネル:
Asianux Server 4 for x86_64
Asianux Server 4 for x86
Severity:
High
Description:
[Security Fix]
- Dovecot には、ヌル文字の扱いを誤っているため、プロトコルの処理がクォート
された文字列に対して失敗し、境界外への書き込みとリモートのコードの実行に
つながる脆弱性があります。(CVE-2019-11500)
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2019-11500
In Dovecot before 2.2.36.4 and 2.3.x before 2.3.7.2 (and Pigeonhole before 0.5.7.2), protocol processing can fail for quoted strings. This occurs because '\0' characters are mishandled, and can lead to out-of-bounds writes and remote code execution.
In Dovecot before 2.2.36.4 and 2.3.x before 2.3.7.2 (and Pigeonhole before 0.5.7.2), protocol processing can fail for quoted strings. This occurs because '\0' characters are mishandled, and can lead to out-of-bounds writes and remote code execution.
追加情報:
N/A
ダウンロード:
SRPMS
- dovecot-2.0.9-22.AXS4.1.src.rpm
MD5: 7336483add739e7ec8b4cec97d68f7cb
SHA-256: ff6a2cdfc9541d68747dc23a082ec95c429d114a3282d027b28e76b8c99ad1f0
Size: 4.27 MB
Asianux Server 4 for x86
- dovecot-2.0.9-22.AXS4.1.i686.rpm
MD5: 1f666e6aac7b7997ce9edf7db538370e
SHA-256: 2300dc536f0240c443854558120b0b5a819ce8966c6e67ce645182e62e8ad547
Size: 1.93 MB - dovecot-mysql-2.0.9-22.AXS4.1.i686.rpm
MD5: f89753a96216c8c08090d356983d50f4
SHA-256: 9f156b89688a8e94e475c85191da9f19a57d59f685473b5584686bfd6e112e70
Size: 39.97 kB - dovecot-pgsql-2.0.9-22.AXS4.1.i686.rpm
MD5: 66f1d793582e66211c79e63cd7a72558
SHA-256: de92b929254e9b04244c218314f45a05e6022a8c9c2aa95ad2259285a45c7196
Size: 42.38 kB - dovecot-pigeonhole-2.0.9-22.AXS4.1.i686.rpm
MD5: 6eaeda77d36329f75359f6cc8d8383f4
SHA-256: c99fc215e6e3b4d1ef88c1a289d630d9aa08af47596bd0c81f52a68f3c7ce9fc
Size: 100.03 kB
Asianux Server 4 for x86_64
- dovecot-2.0.9-22.AXS4.1.x86_64.rpm
MD5: b96ef0c3ce2c4007e20c1fe69c21f680
SHA-256: 08cbbfc7392b3b2109386ed6f8875a90c9877bb7082abe6d25c02de29697a335
Size: 1.91 MB - dovecot-mysql-2.0.9-22.AXS4.1.x86_64.rpm
MD5: a9833591f4d6664d1b664109b0cdf391
SHA-256: 2e630090b32a59986471cd5fe073e9f594e1213bf94ca0acb19b20360368d4e0
Size: 39.64 kB - dovecot-pgsql-2.0.9-22.AXS4.1.x86_64.rpm
MD5: c960a282b4e270ca773be1515ab9bcd6
SHA-256: cc3086109a0ad6aa6f2318c6c6d4891be7190683c1cb21b5e89e725c838e9d3b
Size: 42.04 kB - dovecot-pigeonhole-2.0.9-22.AXS4.1.x86_64.rpm
MD5: 4815d312d28ef6968ae2f0ef6dd674e7
SHA-256: 869149bbcd1e15a65edbbb0fa095b2edb3015408999d1a2f9e4589697d6654d1
Size: 99.55 kB - dovecot-2.0.9-22.AXS4.1.i686.rpm
MD5: 1f666e6aac7b7997ce9edf7db538370e
SHA-256: 2300dc536f0240c443854558120b0b5a819ce8966c6e67ce645182e62e8ad547
Size: 1.93 MB