FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-12-31 16:42:47 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
f3fc2b50-d36a-11eb-a32c-00a0989e4ec1	dovecot-pigeonhole -- Sieve excessive resource usage Dovecot team reports reports: Sieve interpreter is not protected against abusive scripts that claim excessive resource usage. Fixed by limiting the user CPU time per single script execution and cumulatively over several script runs within a configurable timeout period. Sufficiently large CPU time usage is summed in the Sieve script binary and execution is blocked when the sum exceeds the limit within that time. The block is lifted when the script is updated after the resource usage times out. Discovery 2020-09-23 Entry 2021-06-22 dovecot-pigeonhole < 0.5.15 CVE-2020-28200 https://dovecot.org/pipermail/dovecot-news/2021-June/000460.html

VuXML ID

Description

f3fc2b50-d36a-11eb-a32c-00a0989e4ec1

dovecot-pigeonhole -- Sieve excessive resource usage

Dovecot team reports reports:

Sieve interpreter is not protected against abusive scripts that claim excessive resource usage. Fixed by limiting the user CPU time per single script execution and cumulatively over several script runs within a configurable timeout period. Sufficiently large CPU time usage is summed in the Sieve script binary and execution is blocked when the sum exceeds the limit within that time. The block is lifted when the script is updated after the resource usage times out.

Discovery 2020-09-23
Entry 2021-06-22
dovecot-pigeonhole

< 0.5.15

CVE-2020-28200
https://dovecot.org/pipermail/dovecot-news/2021-June/000460.html