FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-11-19 19:12:13 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
a8c8001b-216c-11e7-80aa-005056925db4	dovecot -- Dovecot DoS when passdb dict was used for authentication Timo Sirainen reports: passdb/userdb dict: Don't double-expand %variables in keys. If dict was used as the authentication passdb, using specially crafted %variables in the username could be used to cause DoS. Discovery 2016-12-01 Entry 2017-04-30 dovecot dovecot2 > 2.2.25_6 lt 2.2.29 CVE-2017-2669 https://dovecot.org/list/dovecot-news/2017-April/000341.html https://dovecot.org/list/dovecot-news/2017-April/000342.html

VuXML ID

Description

a8c8001b-216c-11e7-80aa-005056925db4

dovecot -- Dovecot DoS when passdb dict was used for authentication

Timo Sirainen reports:

passdb/userdb dict: Don't double-expand %variables in keys. If dict was used as the authentication passdb, using specially crafted %variables in the username could be used to cause DoS.

Discovery 2016-12-01
Entry 2017-04-30
dovecot
dovecot2

> 2.2.25_6 lt 2.2.29

CVE-2017-2669
https://dovecot.org/list/dovecot-news/2017-April/000341.html
https://dovecot.org/list/dovecot-news/2017-April/000342.html