This bug was fixed in the package dovecot - 1:2.3.16+dfsg1-3ubuntu2.7
---------------
dovecot (1:2.3.16+dfsg1-3ubuntu2.7) jammy-security; urgency=medium
* SECURITY UPDATE: Exposure of Sensitive Information to an Unauthorized
Actor
- debian/patches/CVE-2025-59031.patch: [PATCH 02/24] fts: Remove
decode2text.sh
- debian/rules: Remove decode2text.sh from it.
- debian/dovecot-core.examples: Remove decode2text.sh from it.
- CVE-2025-59031
* SECURITY UPDATE: Improper Input Validation
- debian/patches/CVE-2025-59032.patch: managesieve-login: Fix crash
when command didn't finish on the first call
- CVE-2025-59032
* SECURITY UPDATE: Path Traversal
- debian/patches/CVE-2026-0394-1.patch: [PATCH] auth: db-passwd-file -
Add db_passwd_fix_path()
- debian/patches/CVE-2026-0394-2.patch: auth: db-passwd-file -
Normalize path with db_passwd_fix_path()
- CVE-2026-0394
* SECURITY UPDATE: Authentication Bypass
- debian/patches/CVE-2026-27855-1.patch: [PATCH 21/24] auth: cache -
Use translated username in auth_cache_remove()
- debian/patches/CVE-2026-27855-2.patch: [PATCH 22/24] auth: Move
passdb event lifecycle handling to
auth_request_passdb_event_(begin|end)
- debian/patches/CVE-2026-27855-3.patch: [PATCH 23/24] auth:
Initialize set_credentials event properly
- debian/patches/CVE-2026-27855-4.patch: [PATCH 24/24] auth: passdb-
sql - Require update_query to be set when used
- CVE-2026-27855
* SECURITY UPDATE: Improper Authentication
- debian/patches/CVE-2026-27856-1.patch: [PATCH 16/24] doveadm:
client-connection - Use timing safe credential check
- debian/patches/CVE-2026-27856-2.patch: [PATCH 17/24] doveadm: Use
datastack for temporary b64 value
- debian/patches/CVE-2026-27856-3.patch: [PATCH 18/24] doveadm:
client-connection - Get API key from per-connection settings
- CVE-2026-27856
* SECURITY UPDATE: Uncontrolled Resource Consumption
- debian/patches/CVE-2026-27857-1.patch: [PATCH 1/2] plugins: imap-
filter-sieve: imap-filter-sieve - Adjust to imap_parser_create() API
change
- debian/patches/CVE-2026-27857-2.patch: [PATCH 12/24] lib-imap,
global: Add params parameter to imap_parser_create()
- debian/patches/CVE-2026-27857-3.patch: [PATCH 13/24] lib-imap: Add
imap_parser_params.list_count_limit
- debian/patches/CVE-2026-27857-4.patch: [PATCH 14/24] imap-login:
Limit the number of open IMAP parser lists
- debian/patches/CVE-2026-27857-5.patch: [PATCH 15/24] global: Use
const for struct imap_parser_params params
- CVE-2026-27857
* SECURITY UPDATE: Uncontrolled Resource Consumption
- debian/patches/CVE-2026-27858.patch: [PATCH 2/2] managesieve-
login: Verify AUTHENTICATE initial response size isn't too large
- CVE-2026-27858
* SECURITY UPDATE: Uncontrolled Resource Consumption
- debian/patches/CVE-2026-27859.patch: [PATCH 03/24] lib-mail: Limit
the number of RFC2231 parameters that can be parsed
- CVE-2026-27859
-- Eduardo Barretto <[email protected]> Fri, 27 Mar 2026
10:08:32 +0100
** Changed in: dovecot (Ubuntu Jammy)
Status: Incomplete => Fix Released
** CVE added: https://cve.org/CVERecord?id=CVE-2025-59031
** CVE added: https://cve.org/CVERecord?id=CVE-2025-59032
** CVE added: https://cve.org/CVERecord?id=CVE-2026-0394
** CVE added: https://cve.org/CVERecord?id=CVE-2026-27855
** CVE added: https://cve.org/CVERecord?id=CVE-2026-27856
** CVE added: https://cve.org/CVERecord?id=CVE-2026-27857
** CVE added: https://cve.org/CVERecord?id=CVE-2026-27858
** CVE added: https://cve.org/CVERecord?id=CVE-2026-27859
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1992848
Title:
lmtp crashes with: Panic: file mail-user.c: line 229
(mail_user_deinit): assertion failed: ((*user)->refcount == 1)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/dovecot/+bug/1992848/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
