PublicDateAtUSN: 2019-04-30 12:00:00 UTC
Candidate: CVE-2019-11494
CRD: 2019-04-30 12:00:00 UTC
PublicDate: 2019-05-08 18:29:00 UTC
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11494
 https://ubuntu.com/security/notices/USN-3961-1
Description:
 In the IMAP Server in Dovecot 2.3.3 through 2.3.5.2, the submission-login
 service crashes when the client disconnects prematurely during the AUTH
 command.
Ubuntu-Description: 
Notes: 
 mdeslaur> affects 2.3.0 - 2.3.5.2
Bugs: 
Priority: medium
Discovered-by: Marcelo Coelho
Assigned-to: mdeslaur
CVSS:
 nvd: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H [7.5 HIGH]


Patches_dovecot:
upstream_dovecot: released (2.3.6)
precise/esm_dovecot: not-affected
trusty/esm_dovecot: not-affected
xenial_dovecot: not-affected (1:2.2.22-1ubuntu2.10)
esm-infra/xenial_dovecot: not-affected (1:2.2.22-1ubuntu2.10)
bionic_dovecot: not-affected (1:2.2.33.2-1ubuntu4.3)
cosmic_dovecot: released (1:2.3.2.1-1ubuntu3.4)
disco_dovecot: released (1:2.3.4.1-1ubuntu2.2)
devel_dovecot: released (1:2.3.4.1-1ubuntu3)