Ubuntu Security Notice 4993-1 - Kirin discovered that Dovecot incorrectly escaped kid and azp fields in JWT tokens. A local attacker could possibly use this issue to validate tokens using arbitrary keys. This issue only affected Ubuntu 20.10 and Ubuntu 21.04. Fabian Ising and Damian Poddebniak discovered that Dovecot incorrectly handled STARTTLS when using the SMTP submission service. A remote attacker could possibly use this issue to inject plaintext commands before STARTTLS negotiation. Various other issues were also addressed.
8070e4ff7c7ad7153e26bd392db955c947c13d14fa02d99a329da78fe2c25836
==========================================================================
Ubuntu Security Notice USN-4993-1
June 21, 2021
dovecot vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 21.04
- Ubuntu 20.10
- Ubuntu 20.04 LTS
Summary:
Several security issues were fixed in Dovecot.
Software Description:
- dovecot: IMAP and POP3 email server
Details:
Kirin discovered that Dovecot incorrectly escaped kid and azp fields in JWT
tokens. A local attacker could possibly use this issue to validate tokens
using arbitrary keys. This issue only affected Ubuntu 20.10 and Ubuntu
21.04. (CVE-2021-29157)
Fabian Ising and Damian Poddebniak discovered that Dovecot incorrectly
handled STARTTLS when using the SMTP submission service. A remote attacker
could possibly use this issue to inject plaintext commands before
STARTTLS negotiation. (CVE-2021-33515)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 21.04:
dovecot-core 1:2.3.13+dfsg1-1ubuntu1.1
Ubuntu 20.10:
dovecot-core 1:2.3.11.3+dfsg1-2ubuntu0.2
Ubuntu 20.04 LTS:
dovecot-core 1:2.3.7.2-1ubuntu3.4
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-4993-1
CVE-2021-29157, CVE-2021-33515
Package Information:
https://launchpad.net/ubuntu/+source/dovecot/1:2.3.13+dfsg1-1ubuntu1.1
https://launchpad.net/ubuntu/+source/dovecot/1:2.3.11.3+dfsg1-2ubuntu0.2
https://launchpad.net/ubuntu/+source/dovecot/1:2.3.7.2-1ubuntu3.4