Lucene search

DebianDEBIAN:DLA-3354-1:C88E1

HistoryMar 06, 2023 - 2:50 p.m.

[SECURITY] [DLA 3354-1] kopanocore security update

2023-03-0614:50:36

lists.debian.org

debian lts

kopanocore

denial of service

unauthorized access

cve-2019-19907

cve-2022-26562

debian 10 buster

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.9 High

AI Score

Confidence

High

0.018 Low

EPSS

Percentile

88.4%

JSON

Debian LTS Advisory DLA-3354-1 [email protected]
https://www.debian.org/lts/security/ Emilio Pozuelo Monfort
March 06, 2023 https://wiki.debian.org/LTS

Package : kopanocore
Version : 8.7.0-3+deb10u1
CVE ID : CVE-2019-19907 CVE-2022-26562
Debian Bug : 1016973

Several issues were found in Kopano Collaboration Platform, a groupware
solution, which could cause denial of service or unauthorized access.

For Debian 10 buster, these problems have been fixed in version
8.7.0-3+deb10u1.

We recommend that you upgrade your kopanocore packages.

For the detailed security status of kopanocore please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/kopanocore

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

OSVersionArchitecturePackageVersionFilename
Debian10allkopano-core< 8.7.0-3+deb10u1kopano-core_8.7.0-3+deb10u1_all.deb
Debian10allkopano-l10n< 8.7.0-3+deb10u1kopano-l10n_8.7.0-3+deb10u1_all.deb
Debian10armhfkopano-ical< 8.7.0-3+deb10u1kopano-ical_8.7.0-3+deb10u1_armhf.deb
Debian10amd64kopano-archiver< 8.7.0-3+deb10u1kopano-archiver_8.7.0-3+deb10u1_amd64.deb
Debian10armhfkopano-contacts< 8.7.0-3+deb10u1kopano-contacts_8.7.0-3+deb10u1_armhf.deb
Debian10arm64kopano-libs< 8.7.0-3+deb10u1kopano-libs_8.7.0-3+deb10u1_arm64.deb
Debian10i386kopano-monitor< 8.7.0-3+deb10u1kopano-monitor_8.7.0-3+deb10u1_i386.deb
Debian10armhfpython3-mapi< 8.7.0-3+deb10u1python3-mapi_8.7.0-3+deb10u1_armhf.deb
Debian10allkopano-presence< 8.7.0-3+deb10u1kopano-presence_8.7.0-3+deb10u1_all.deb
Debian10arm64kopano-utils< 8.7.0-3+deb10u1kopano-utils_8.7.0-3+deb10u1_arm64.deb

OS	Version	Architecture	Package	Version	Filename
Debian	10	all	kopano-core	< 8.7.0-3+deb10u1	kopano-core_8.7.0-3+deb10u1_all.deb
Debian	10	all	kopano-l10n	< 8.7.0-3+deb10u1	kopano-l10n_8.7.0-3+deb10u1_all.deb
Debian	10	armhf	kopano-ical	< 8.7.0-3+deb10u1	kopano-ical_8.7.0-3+deb10u1_armhf.deb
Debian	10	amd64	kopano-archiver	< 8.7.0-3+deb10u1	kopano-archiver_8.7.0-3+deb10u1_amd64.deb
Debian	10	armhf	kopano-contacts	< 8.7.0-3+deb10u1	kopano-contacts_8.7.0-3+deb10u1_armhf.deb
Debian	10	arm64	kopano-libs	< 8.7.0-3+deb10u1	kopano-libs_8.7.0-3+deb10u1_arm64.deb
Debian	10	i386	kopano-monitor	< 8.7.0-3+deb10u1	kopano-monitor_8.7.0-3+deb10u1_i386.deb
Debian	10	armhf	python3-mapi	< 8.7.0-3+deb10u1	python3-mapi_8.7.0-3+deb10u1_armhf.deb
Debian	10	all	kopano-presence	< 8.7.0-3+deb10u1	kopano-presence_8.7.0-3+deb10u1_all.deb
Debian	10	arm64	kopano-utils	< 8.7.0-3+deb10u1	kopano-utils_8.7.0-3+deb10u1_arm64.deb