========================================================================== Ubuntu Security Notice USN-6876-1 July 04, 2024
kopanocore vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS Summary: Several security issues were fixed in Kopano Core. Software Description: - kopanocore: Complete and feature rich groupware solution Details: It was discovered that Kopano Core allowed out-of-bounds access. An attacker could use this issue to expose private information. This issue only affected Ubuntu 18.04 LTS. (CVE-2019-19907) It was discovered that Kopano Core allowed possible authentication with expired passwords. An attacker could use this issue to bypass authentication. (CVE-2022-26562) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS kopano-archiver 8.7.0-7.1ubuntu10.1 kopano-contacts 8.7.0-7.1ubuntu10.1 kopano-dagent 8.7.0-7.1ubuntu10.1 kopano-gateway 8.7.0-7.1ubuntu10.1 kopano-ical 8.7.0-7.1ubuntu10.1 kopano-libs 8.7.0-7.1ubuntu10.1 kopano-monitor 8.7.0-7.1ubuntu10.1 kopano-server 8.7.0-7.1ubuntu10.1 kopano-spooler 8.7.0-7.1ubuntu10.1 kopano-utils 8.7.0-7.1ubuntu10.1 php-mapi 8.7.0-7.1ubuntu10.1 python3-mapi 8.7.0-7.1ubuntu10.1 Ubuntu 20.04 LTS kopano-archiver 8.7.0-7ubuntu1.1 kopano-contacts 8.7.0-7ubuntu1.1 kopano-dagent 8.7.0-7ubuntu1.1 kopano-gateway 8.7.0-7ubuntu1.1 kopano-ical 8.7.0-7ubuntu1.1 kopano-libs 8.7.0-7ubuntu1.1 kopano-monitor 8.7.0-7ubuntu1.1 kopano-server 8.7.0-7ubuntu1.1 kopano-spooler 8.7.0-7ubuntu1.1 kopano-utils 8.7.0-7ubuntu1.1 php-mapi 8.7.0-7ubuntu1.1 python3-mapi 8.7.0-7ubuntu1.1 Ubuntu 18.04 LTS kopano-archiver 8.5.5-0ubuntu1+esm1 Available with Ubuntu Pro kopano-contacts 8.5.5-0ubuntu1+esm1 Available with Ubuntu Pro kopano-dagent 8.5.5-0ubuntu1+esm1 Available with Ubuntu Pro kopano-gateway 8.5.5-0ubuntu1+esm1 Available with Ubuntu Pro kopano-ical 8.5.5-0ubuntu1+esm1 Available with Ubuntu Pro kopano-libs 8.5.5-0ubuntu1+esm1 Available with Ubuntu Pro kopano-monitor 8.5.5-0ubuntu1+esm1 Available with Ubuntu Pro kopano-server 8.5.5-0ubuntu1+esm1 Available with Ubuntu Pro kopano-spooler 8.5.5-0ubuntu1+esm1 Available with Ubuntu Pro kopano-utils 8.5.5-0ubuntu1+esm1 Available with Ubuntu Pro php-mapi 8.5.5-0ubuntu1+esm1 Available with Ubuntu Pro python-mapi 8.5.5-0ubuntu1+esm1 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References:https://ubuntu.com/security/notices/USN-6876-1 <https://ubuntu.com/security/notices/USN-6876-1>
CVE-2019-19907, CVE-2022-26562 Package Information:https://launchpad.net/ubuntu/+source/kopanocore/8.7.0-7.1ubuntu10.1 <https://launchpad.net/ubuntu/+source/kopanocore/8.7.0-7.1ubuntu10.1> https://launchpad.net/ubuntu/+source/kopanocore/8.7.0-7ubuntu1.1 <https://launchpad.net/ubuntu/+source/kopanocore/8.7.0-7ubuntu1.1>
OpenPGP_signature.asc
Description: OpenPGP digital signature
