Your message dated Wed, 21 Aug 2024 20:32:16 +0000
with message-id <e1sgs08-00dtoq...@fasolo.debian.org>
and subject line Bug#1078877: fixed in dovecot 1:2.3.19.1+dfsg1-2.1+deb12u1
has caused the Debian Bug report #1078877,
regarding dovecot: CVE-2024-23185
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
1078877: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078877
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: dovecot
Version: 1:2.3.21+dfsg1-3
Severity: important
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team <t...@security.debian.org>
Hi,
The following vulnerability was published for dovecot.
CVE-2024-23185[0].
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2024-23185
https://www.cve.org/CVERecord?id=CVE-2024-23185
[1] https://www.openwall.com/lists/oss-security/2024/08/15/4
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: dovecot
Source-Version: 1:2.3.19.1+dfsg1-2.1+deb12u1
Done: Noah Meyerhans <no...@debian.org>
We believe that the bug you reported is fixed in the latest version of
dovecot, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 1078...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Noah Meyerhans <no...@debian.org> (supplier of updated dovecot package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 18 Aug 2024 10:25:33 -0400
Source: dovecot
Architecture: source
Version: 1:2.3.19.1+dfsg1-2.1+deb12u1
Distribution: bookworm-security
Urgency: medium
Maintainer: Dovecot Maintainers <dove...@packages.debian.org>
Changed-By: Noah Meyerhans <no...@debian.org>
Closes: 1078876 1078877
Changes:
dovecot (1:2.3.19.1+dfsg1-2.1+deb12u1) bookworm-security; urgency=medium
.
* Security team upload:
* [4fb8905] Import upstream fix for CVE-2024-23184 (Closes: #1078876)
* [f428c53] Import upstream fix for CVE-2024-23185 (Closes: #1078877)
Checksums-Sha1:
bdf25d6a7d77337aa446bd1dc93776c16bc7e2ac 4223
dovecot_2.3.19.1+dfsg1-2.1+deb12u1.dsc
cdf68b407f1237e92987c6353c9596f3458e2126 1636590
dovecot_2.3.19.1+dfsg1.orig-pigeonhole.tar.gz
a35f87db78847ba469d9b0e3b72f15f8c5d1d9b0 7790851
dovecot_2.3.19.1+dfsg1.orig.tar.gz
c2e168348f943a4c5ec13331a4bfb3b5457fda41 866
dovecot_2.3.19.1+dfsg1.orig.tar.gz.asc
113114bd6b01f63fa45d6d74d6d9532cab603f29 76208
dovecot_2.3.19.1+dfsg1-2.1+deb12u1.debian.tar.xz
88b156c01c5b3bbed5f84c863540b02b62ad16ec 8012
dovecot_2.3.19.1+dfsg1-2.1+deb12u1_source.buildinfo
Checksums-Sha256:
db2c378b84c644dfbe87a51bb00ccac964e10ed69554d4499fbafb298857b334 4223
dovecot_2.3.19.1+dfsg1-2.1+deb12u1.dsc
9bc08c0eeefd75452033e022936968ff0ddad037672effdffc4a7c8dd360b8e0 1636590
dovecot_2.3.19.1+dfsg1.orig-pigeonhole.tar.gz
db5abcd87d7309659ea6b45b2cb6ee9c5f97486b2b719a5dd05a759e1f6a5c51 7790851
dovecot_2.3.19.1+dfsg1.orig.tar.gz
437439db39e276998997d01dafa68873202c803ecec771bc0172d95fce336a02 866
dovecot_2.3.19.1+dfsg1.orig.tar.gz.asc
4d9f4966bb6a354db337bf3cdd0fffce0a0d7420023bd8873a25ee9badd43df7 76208
dovecot_2.3.19.1+dfsg1-2.1+deb12u1.debian.tar.xz
2548ca30432d364bb08ba3d8da6a5f6057d7c61ca668b713fd5f16e7c06f16f2 8012
dovecot_2.3.19.1+dfsg1-2.1+deb12u1_source.buildinfo
Files:
cdf115961866b866c91d4a870138c2c4 4223 mail optional
dovecot_2.3.19.1+dfsg1-2.1+deb12u1.dsc
f8c84c45b05352d55c3dbd509389cc25 1636590 mail optional
dovecot_2.3.19.1+dfsg1.orig-pigeonhole.tar.gz
c334e8ef30546af8a668437f046f3f15 7790851 mail optional
dovecot_2.3.19.1+dfsg1.orig.tar.gz
83b7fdd80647f86650a6a62180304431 866 mail optional
dovecot_2.3.19.1+dfsg1.orig.tar.gz.asc
f24b21b724b20f371f6152a146e6284b 76208 mail optional
dovecot_2.3.19.1+dfsg1-2.1+deb12u1.debian.tar.xz
971878197c2a3f4a2db642840992b9cf 8012 mail optional
dovecot_2.3.19.1+dfsg1-2.1+deb12u1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJFBAEBCgAvFiEE5G+E0xEKhJuZ7RJ34+c1IpshdTUFAmbEhzERHG5vYWhtQGRl
Ymlhbi5vcmcACgkQ4+c1IpshdTUKzhAAtm0uK3GVAr6uRp0/ZPCCGH/P78kYY9yX
5TWG5TkXrAz19UiQlVQjeyUfG24c1BD57NEs3abR/cZdErERCbFi+gAC8AHlQPeD
4LcVgW5S5nUtAzUqpI1qbGSG88F5gMSOZPMXHyfXxgG/Cc7GJhRoZgBRp8C/Bz2R
PHRLhDLWoLxZND7v5Fc6P0WHFkiThsf+ZaVvGZ460CMD3oIF/QWwKGJZXteIkpcc
T211zGbnkmL3HSZGYxN+cWcGwKmTyNP6sibtXfRhuJFeEoe586vQ9cZSkHgg7+r5
7dUX4cVmXEm4/8y29ME43TqJ8dEZtJUU03dsArrAt8KR+HdIYiC1MVOknwbfdm05
tf60c9xVoA05Ba9cQ2krZxf+gaOSFL5fE8qL+H6maRpc7MX2TpPPtAefE43Izu7C
DIMXclwQ7vMiTioTacHcrPTxrqtaGiqCiddHYmhsxp8cr42iAcV3ByZxgu4Tx1sY
TPw65umccB6+g6tMH+bXXnW4C+uFC1OfzhJoL+TJNsoTQA7cp6TGBy38F89zl2l4
C1lbc/fpdT6ZVaZaaAo4ELsnanTAUJIkwbV6+m4gbYqXrtTbda0iSgx6raKy3jUn
b7KDK14RO+NwV87DOb+3rMypcZaodufgl14mPZBW6YdY4ZC1cMkQ0PieUs+wIGMv
8hWQCRPE94M=
=3Mhj
-----END PGP SIGNATURE-----
pgp044vCD1SRJ.pgp
Description: PGP signature
--- End Message ---
