CVE-2016-8652

Priority
Description
The auth component in Dovecot before 2.2.27, when auth-policy is
configured, allows a remote attackers to cause a denial of service (crash)
by aborting authentication without setting a username.
Notes
sarnold"Affected version(s): 2.2.25.1 up to 2.2.26.1"
Package
Upstream:needed
Ubuntu 14.04 ESM (Trusty Tahr):not-affected
Ubuntu 16.04 LTS (Xenial Xerus):not-affected
More Information

Updated: 2020-01-29 19:56:50 UTC (commit 768ceb2fdee6790d707d0f681e1b54916744af1e)