From 97319e6620fa2185613b630e61b623c365b2cfe2 Mon Sep 17 00:00:00 2001
From: Markus Koschany <apo@debian.org>
Date: Mon, 20 Jun 2022 09:00:38 +0200
Subject: DLA-3052-1

---
 english/lts/security/2022/dla-3052.data | 10 ++++++++++
 english/lts/security/2022/dla-3052.wml  | 25 +++++++++++++++++++++++++
 2 files changed, 35 insertions(+)
 create mode 100644 english/lts/security/2022/dla-3052.data
 create mode 100644 english/lts/security/2022/dla-3052.wml

diff --git a/english/lts/security/2022/dla-3052.data b/english/lts/security/2022/dla-3052.data
new file mode 100644
index 00000000000..d4df7c7c0f1
--- /dev/null
+++ b/english/lts/security/2022/dla-3052.data
@@ -0,0 +1,10 @@
+<define-tag pagetitle>DLA-3052-1 cyrus-imapd</define-tag>
+<define-tag report_date>2022-6-20</define-tag>
+<define-tag secrefs>CVE-2019-18928 CVE-2021-33582 Bug#993433</define-tag>
+<define-tag packages>cyrus-imapd</define-tag>
+<define-tag isvulnerable>yes</define-tag>
+<define-tag fixed>yes</define-tag>
+<define-tag fixed-section>no</define-tag>
+
+#use wml::debian::security
+
diff --git a/english/lts/security/2022/dla-3052.wml b/english/lts/security/2022/dla-3052.wml
new file mode 100644
index 00000000000..c91a8d0a2f6
--- /dev/null
+++ b/english/lts/security/2022/dla-3052.wml
@@ -0,0 +1,25 @@
+<define-tag description>LTS security update</define-tag>
+<define-tag moreinfo>
+<p>It was discovered that the Cyrus IMAP server was prone to a denial of service
+attack via input that is mishandled during hash-table interaction. Furthermore
+it allowed privilege escalation because an HTTP request may be interpreted in
+the authentication context of an unrelated previous request that arrived over
+the same connection.</p>
+
+<p>For Debian 9 stretch, these problems have been fixed in version
+2.5.10-3+deb9u3.</p>
+
+<p>We recommend that you upgrade your cyrus-imapd packages.</p>
+
+<p>For the detailed security status of cyrus-imapd please refer to
+its security tracker page at:
+<a rel="nofollow" href="https://security-tracker.debian.org/tracker/cyrus-imapd">https://security-tracker.debian.org/tracker/cyrus-imapd</a></p>
+
+<p>Further information about Debian LTS security advisories, how to apply
+these updates to your system and frequently asked questions can be
+found at: <a rel="nofollow" href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p>
+</define-tag>
+
+# do not modify the following line
+#include "$(ENGLISHDIR)/lts/security/2022/dla-3052.data"
+# $Id: $
-- 
cgit v1.2.3