[USN-5509-1] Dovecot vulnerability


========================================================================== Ubuntu Security Notice USN-5509-1 July 11, 2022
dovecot vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
– Ubuntu 22.04 LTS – Ubuntu 21.10 – Ubuntu 20.04 LTS – Ubuntu 18.04 LTS
Summary:
Dovecot could allow unintended access to network services.
Software Description: – dovecot: IMAP and POP3 email server
Details:
Julian Brook discovered that Dovecot incorrectly handled multiple passdb configuration entries. In certain configurations, a remote attacker could possibly use this issue to escalate privileges.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 22.04 LTS: dovecot-core 1:2.3.16+dfsg1-3ubuntu2.1
Ubuntu 21.10: dovecot-core 1:2.3.13+dfsg1-1ubuntu3.1
Ubuntu 20.04 LTS: dovecot-core 1:2.3.7.2-1ubuntu3.6
Ubuntu 18.04 LTS: dovecot-core 1:2.2.33.2-1ubuntu4.8
In general, a standard system update will make all the necessary changes.
References: ubuntu.com/security/notices/USN-5509-1 CVE-2022-30550
Package Information: launchpad.net/ubuntu/+source/dovecot/1:2.3.16+dfsg1-3ubuntu2.1 launchpad.net/ubuntu/+source/dovecot/1:2.3.13+dfsg1-1ubuntu3.1 launchpad.net/ubuntu/+source/dovecot/1:2.3.7.2-1ubuntu3.6 launchpad.net/ubuntu/+source/dovecot/1:2.2.33.2-1ubuntu4.8