CVE-2022-24407

NameCVE-2022-24407
DescriptionIn Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE statement.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDLA-2931-1, DSA-5087-1

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
cyrus-sasl2 (PTS)bullseye (security), bullseye2.1.27+dfsg-2.1+deb11u1fixed
bookworm2.1.28+dfsg-10fixed
sid, trixie2.1.28+dfsg1-8fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
cyrus-sasl2sourceexperimental2.1.28+dfsg-1
cyrus-sasl2sourcestretch2.1.27~101-g0780600+dfsg-3+deb9u2DLA-2931-1
cyrus-sasl2sourcebuster2.1.27+dfsg-1+deb10u2DSA-5087-1
cyrus-sasl2sourcebullseye2.1.27+dfsg-2.1+deb11u1DSA-5087-1
cyrus-sasl2source(unstable)2.1.28+dfsg-2

Notes

Fixed by: https://github.com/cyrusimap/cyrus-sasl/commit/9eff746c9daecbcc0041b09a5a51ba30738cdcbc (cyrus-sasl-2.1.28)
Fixed by: https://github.com/cyrusimap/cyrus-sasl/commit/2d2e97b0eb53fa7f87a3bf1529d8f712dd954480 (master)
https://www.cyrusimap.org/sasl/sasl/release-notes/2.1/index.html#new-in-2-1-28
Search for package or bug name: Reporting problems