Accepted dovecot 1:2.3.4.1-5+deb10u3 (source) into proposed-updates->stable-new, proposed-updates

To: debian-changes@lists.debian.org
Subject: Accepted dovecot 1:2.3.4.1-5+deb10u3 (source) into proposed-updates->stable-new, proposed-updates
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Wed, 12 Aug 2020 21:32:08 +0000
Message-id: <[🔎] E1k5yLw-0005NQ-4K@fasolo.debian.org>
Mail-followup-to: debian-devel@lists.debian.org
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 10 Aug 2020 18:03:03 -0700
Source: dovecot
Architecture: source
Version: 1:2.3.4.1-5+deb10u3
Distribution: buster-security
Urgency: high
Maintainer: Dovecot Maintainers <dovecot@packages.debian.org>
Changed-By: Noah Meyerhans <noahm@debian.org>
Changes:
 dovecot (1:2.3.4.1-5+deb10u3) buster-security; urgency=high
 .
   * Fix CVE-2020-12100 - Receiving mail with deeply nested MIME parts leads to
     resource exhaustion as Dovecot attempts to parse it.
   * CVE-2020-12673 - Dovecot's NTLM implementation does not correctly check
     message buffer size, which leads to reading past allocation which can lead
     to crash.
   * CVE-2020-12674 - Dovecot's RPA mechanism implementation accepts zero-length
     message, which leads to assert-crash later on.
Checksums-Sha1:
 877be2f51dd60b15ad9a69a5643bb901bd77b60d 3400 dovecot_2.3.4.1-5+deb10u3.dsc
 c34c6b7768cd8b125d0a27ff76c1bf93c99581ba 556664 dovecot_2.3.4.1-5+deb10u3.debian.tar.xz
 d867ad582123b45ba52ffbc1e8de6de990b0dbdc 8346 dovecot_2.3.4.1-5+deb10u3_source.buildinfo
Checksums-Sha256:
 879aaddaad67cdaea0a3f9dc053550f2ca81d7543be9324ecd308cd2c1ee7bb2 3400 dovecot_2.3.4.1-5+deb10u3.dsc
 5a88f749890f0b5bbde9203481e99a04ec3dcf657f14807ab3e4aff58ee37e44 556664 dovecot_2.3.4.1-5+deb10u3.debian.tar.xz
 538ea9a0a26e8a3378f4a1844d4349456c49b87ccc0e4d44a9616f679fd214fb 8346 dovecot_2.3.4.1-5+deb10u3_source.buildinfo
Files:
 a21f9071f379385c49f4e43331850e8e 3400 mail optional dovecot_2.3.4.1-5+deb10u3.dsc
 2ab1deed77e140b5f1af723eb97de9ee 556664 mail optional dovecot_2.3.4.1-5+deb10u3.debian.tar.xz
 b4586aae84a3e335619124db1ff2e452 8346 mail optional dovecot_2.3.4.1-5+deb10u3_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJFBAEBCgAvFiEE65xaF5r2LDCTz+zyV68+Bn2yWDMFAl8y+jARHG5vYWhtQGRl
Ymlhbi5vcmcACgkQV68+Bn2yWDO0og/+Mqu6DFpAozXGCycwcqghkIzNmBe9SKWL
PV5yzd0k+m/fkrPUQpnk6NiO5cDIK7BSUA4CoZI88AS3TGgVV2/XO5pVoglCT5mf
uL8lxVqDvIHsp7IbhwLp4afcaRgSJm8NiusfkzP+WOMvmMFOAUKx06epX9Hi0ZYQ
KeZW6Mu4HNrt6gHc/WNrugfkjyxvwNuaW7VWV6fSNGbR0+0m4vW79Ljs98m8En/N
uj36WV1Pk2q0AHBTtQQIojDtgbLdqF/i6/vfKWMTxMUKJLRR2bNPQWrczjRQuNcZ
eV8uNjeIYFTKn9iRduVj9R0SKTuFEOZ5M56LkmgbpIvwWR8c25/zWWgy5JlZE6jR
w2FBhOGTQlhH5+haS8YZWgWCY/wA83ETABc9RIG0xDuHXOYrU403cOMh2DU/a+wP
sqRGCbNrjjNVm9X5r0QzNi9ppCmVeMckqlK/gcS8X9/1h29EVk6VBYps77S0MJpY
kpOGghlTlBmVmuBjgEpq/4r8B2NTg/onZkIUZ8BCwA0m9biGXOAx9hXmyNDdghGD
5DUQIncXQVfsrJvsHniWXBRQHaafPnK0VLLF8cc5fnXVikbLwvt51z4GY307lAu+
43fJVzee1d1uiWjcsXPyKLC91QrtoMRkR9IW+3UQ9foykIZ+7XRLotRwBVge5veO
umgHTY4BCzM=
=IfQx
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: Accepted webkit2gtk 2.28.4-1~deb10u1 (source) into proposed-updates->stable-new, proposed-updates
Next by Date: Accepted firejail 0.9.58.2-2+deb10u1 (source) into proposed-updates->stable-new, proposed-updates
Previous by thread: Accepted webkit2gtk 2.28.4-1~deb10u1 (source) into proposed-updates->stable-new, proposed-updates
Next by thread: Accepted firejail 0.9.58.2-2+deb10u1 (source) into proposed-updates->stable-new, proposed-updates
Index(es):
- Date
- Thread