• Plesk Uservoice will be deprecated by October. Moving forward, all product feature requests and improvement suggestions will be managed through our new platform Plesk Productboard.
    To continue sharing your ideas and feedback, please visit features.plesk.com

Dovecot CVE-2020-24386

B

B_P

Regular Pleskian
Username: B_P

TITLE

Dovecot CVE-2020-24386

PRODUCT, VERSION, OPERATING SYSTEM, ARCHITECTURE

Ubuntu 16.04.7
Plesk 18.0.32

PROBLEM DESCRIPTION

According to Ubuntu (CVE-2020-24386 | Ubuntu) CVE-2020-24386 affects dovecot versions 2.2.26-2.3.11.3.

On Plesk 18.0.32, it seems that 2.3.10.1-v.ubuntu.16.04+p18.0.32.2 is the most recent one which seems to be affected. So a short-notice security update is required.

@IgorG

STEPS TO REPRODUCE

Install & update 18.0.32

ACTUAL RESULT

An affected Dovecot version is installed

EXPECTED RESULT

A fixed Dovecot version is installed.

ANY ADDITIONAL INFORMATION



YOUR EXPECTATIONS FROM PLESK SERVICE TEAM

Help with sorting out
 
You've probably read the article by Heise? Do you realize that both bugs reported do not at the least affect normal operations, but are both special cases that will normally not occur on Plesk installations?
 
You must log in or register to reply here.

Similar threads

S
Resolved Rest API Fatal Errors
Replies
6
Views
3K
Sebahat.hadzhi
Sebahat.hadzhi
L
Resolved Sitejet Builder - Publication failed
Replies
5
Views
3K
Sebahat.hadzhi
Sebahat.hadzhi
M
Resolved Clicking on "Use Built-in Monitoring" does not work
Replies
7
Views
3K
Mato
M
carini
User with hosting plan with permission to create remote backup only ends up with creating a remote copy of backup AND a local copy of backup, clogging
Replies
3
Views
2K
Peter Debik
P
T
ISSUE - Nginx config generation failure and http2 directive implementation failure
Replies
14
Views
5K
Bitpalast
Bitpalast
Back
Top