USN-4361-1

Source
https://ubuntu.com/security/notices/USN-4361-1
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-4361-1.json
JSON Data
https://api.osv.dev/v1/vulns/USN-4361-1
Upstream
Related
Published
2020-05-18T12:02:07.445231Z
Modified
2025-07-16T08:32:50.473357Z
Summary
dovecot vulnerabilities
Details

Philippe Antoine discovered that Dovecot incorrectly handled certain data. An attacker could possibly use this issue to cause a denial of service. (CVE-2020-10957, CVE-2020-10967)

Philippe Antoine discovered that Dovecot incorrectly handled certain data. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2020-10958)

References

Affected packages

Ubuntu:20.04:LTS / dovecot

Package

Name
dovecot
Purl
pkg:deb/ubuntu/dovecot@1:2.3.7.2-1ubuntu3.1?arch=source&distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:2.3.7.2-1ubuntu3.1

Affected versions

1:2.*

1:2.3.4.1-5ubuntu3
1:2.3.7.2-1ubuntu1
1:2.3.7.2-1ubuntu2
1:2.3.7.2-1ubuntu3

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_name": "dovecot-auth-lua",
            "binary_version": "1:2.3.7.2-1ubuntu3.1"
        },
        {
            "binary_name": "dovecot-auth-lua-dbgsym",
            "binary_version": "1:2.3.7.2-1ubuntu3.1"
        },
        {
            "binary_name": "dovecot-core",
            "binary_version": "1:2.3.7.2-1ubuntu3.1"
        },
        {
            "binary_name": "dovecot-core-dbgsym",
            "binary_version": "1:2.3.7.2-1ubuntu3.1"
        },
        {
            "binary_name": "dovecot-dev",
            "binary_version": "1:2.3.7.2-1ubuntu3.1"
        },
        {
            "binary_name": "dovecot-gssapi",
            "binary_version": "1:2.3.7.2-1ubuntu3.1"
        },
        {
            "binary_name": "dovecot-gssapi-dbgsym",
            "binary_version": "1:2.3.7.2-1ubuntu3.1"
        },
        {
            "binary_name": "dovecot-imapd",
            "binary_version": "1:2.3.7.2-1ubuntu3.1"
        },
        {
            "binary_name": "dovecot-imapd-dbgsym",
            "binary_version": "1:2.3.7.2-1ubuntu3.1"
        },
        {
            "binary_name": "dovecot-ldap",
            "binary_version": "1:2.3.7.2-1ubuntu3.1"
        },
        {
            "binary_name": "dovecot-ldap-dbgsym",
            "binary_version": "1:2.3.7.2-1ubuntu3.1"
        },
        {
            "binary_name": "dovecot-lmtpd",
            "binary_version": "1:2.3.7.2-1ubuntu3.1"
        },
        {
            "binary_name": "dovecot-lmtpd-dbgsym",
            "binary_version": "1:2.3.7.2-1ubuntu3.1"
        },
        {
            "binary_name": "dovecot-lucene",
            "binary_version": "1:2.3.7.2-1ubuntu3.1"
        },
        {
            "binary_name": "dovecot-lucene-dbgsym",
            "binary_version": "1:2.3.7.2-1ubuntu3.1"
        },
        {
            "binary_name": "dovecot-managesieved",
            "binary_version": "1:2.3.7.2-1ubuntu3.1"
        },
        {
            "binary_name": "dovecot-managesieved-dbgsym",
            "binary_version": "1:2.3.7.2-1ubuntu3.1"
        },
        {
            "binary_name": "dovecot-mysql",
            "binary_version": "1:2.3.7.2-1ubuntu3.1"
        },
        {
            "binary_name": "dovecot-mysql-dbgsym",
            "binary_version": "1:2.3.7.2-1ubuntu3.1"
        },
        {
            "binary_name": "dovecot-pgsql",
            "binary_version": "1:2.3.7.2-1ubuntu3.1"
        },
        {
            "binary_name": "dovecot-pgsql-dbgsym",
            "binary_version": "1:2.3.7.2-1ubuntu3.1"
        },
        {
            "binary_name": "dovecot-pop3d",
            "binary_version": "1:2.3.7.2-1ubuntu3.1"
        },
        {
            "binary_name": "dovecot-pop3d-dbgsym",
            "binary_version": "1:2.3.7.2-1ubuntu3.1"
        },
        {
            "binary_name": "dovecot-sieve",
            "binary_version": "1:2.3.7.2-1ubuntu3.1"
        },
        {
            "binary_name": "dovecot-sieve-dbgsym",
            "binary_version": "1:2.3.7.2-1ubuntu3.1"
        },
        {
            "binary_name": "dovecot-solr",
            "binary_version": "1:2.3.7.2-1ubuntu3.1"
        },
        {
            "binary_name": "dovecot-solr-dbgsym",
            "binary_version": "1:2.3.7.2-1ubuntu3.1"
        },
        {
            "binary_name": "dovecot-sqlite",
            "binary_version": "1:2.3.7.2-1ubuntu3.1"
        },
        {
            "binary_name": "dovecot-sqlite-dbgsym",
            "binary_version": "1:2.3.7.2-1ubuntu3.1"
        },
        {
            "binary_name": "dovecot-submissiond",
            "binary_version": "1:2.3.7.2-1ubuntu3.1"
        },
        {
            "binary_name": "dovecot-submissiond-dbgsym",
            "binary_version": "1:2.3.7.2-1ubuntu3.1"
        },
        {
            "binary_name": "mail-stack-delivery",
            "binary_version": "1:2.3.7.2-1ubuntu3.1"
        }
    ]
}