USN-4110-1 fixed a vulnerability in Dovecot. The update introduced a regression causing a wrong check. This update fixes the problem for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.
We apologize for the inconvenience.
Original advisory details:
Nick Roessler and Rafi Rubin discovered that Dovecot incorrectly handled certain data. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code.
{ "availability": "No subscription required", "binaries": [ { "binary_version": "1:2.2.9-1ubuntu2.6+esm2", "binary_name": "dovecot-pgsql" }, { "binary_version": "1:2.2.9-1ubuntu2.6+esm2", "binary_name": "dovecot-mysql" }, { "binary_version": "1:2.2.9-1ubuntu2.6+esm2", "binary_name": "dovecot-core" }, { "binary_version": "1:2.2.9-1ubuntu2.6+esm2", "binary_name": "dovecot-sieve" }, { "binary_version": "1:2.2.9-1ubuntu2.6+esm2", "binary_name": "dovecot-ldap" }, { "binary_version": "1:2.2.9-1ubuntu2.6+esm2", "binary_name": "dovecot-sqlite" }, { "binary_version": "1:2.2.9-1ubuntu2.6+esm2", "binary_name": "dovecot-dev" }, { "binary_version": "1:2.2.9-1ubuntu2.6+esm2", "binary_name": "dovecot-pop3d" }, { "binary_version": "1:2.2.9-1ubuntu2.6+esm2", "binary_name": "dovecot-imapd" }, { "binary_version": "1:2.2.9-1ubuntu2.6+esm2", "binary_name": "dovecot-managesieved" }, { "binary_version": "1:2.2.9-1ubuntu2.6+esm2", "binary_name": "mail-stack-delivery" }, { "binary_version": "1:2.2.9-1ubuntu2.6+esm2", "binary_name": "dovecot-gssapi" }, { "binary_version": "1:2.2.9-1ubuntu2.6+esm2", "binary_name": "dovecot-solr" }, { "binary_version": "1:2.2.9-1ubuntu2.6+esm2", "binary_name": "dovecot-lmtpd" } ] }