Candidate: CVE-2016-6188
PublicDate: 2017-02-03 16:59:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6188
Description:
 Memory leak in SOGo 2.3.7 allows remote attackers to cause a denial of
 service (memory consumption) via a large number of attempts to upload a
 large attachment, related to temporary files.
Ubuntu-Description:
Notes:
 tyhicks> Per upstream bug report, fixed in 2.3.9
Bugs:
 https://sogo.nu/bugs/view.php?id=3510
Priority: low
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H [6.5 MEDIUM]

Patches_sogo:
 upstream: http://github.com/inverse-inc/sogo/commit/32bb1456e23a32c7f45079c3985bf732dd0d276d
upstream_sogo: needs-triage
precise_sogo: DNE
precise/esm_sogo: DNE
trusty_sogo: not-affected (code not present)
trusty/esm_sogo: DNE (trusty was not-affected [code not present])
vivid/stable-phone-overlay_sogo: DNE
vivid/ubuntu-core_sogo: DNE
wily_sogo: ignored (reached end-of-life)
xenial_sogo: ignored (end of standard support, was needed)
yakkety_sogo: ignored (reached end-of-life)
zesty_sogo: ignored (reached end-of-life)
artful_sogo: ignored (reached end-of-life)
bionic_sogo: not-affected
cosmic_sogo: not-affected
disco_sogo: not-affected
eoan_sogo: not-affected
focal_sogo: not-affected
groovy_sogo: not-affected
hirsute_sogo: not-affected
impish_sogo: not-affected
jammy_sogo: not-affected
devel_sogo: not-affected