dovecot -- multiple vulnerabilities

Aki Tuomi reports:

lib-smtp doesn’t handle truncated command parameters properly, resulting
in infinite loop taking 100% CPU for the process. This happens for LMTP
(where it doesn’t matter so much) and also for submission-login where
unauthenticated users can trigger it.

Aki also reports:

Snippet generation crashes if:

 message is large enough that message-parser returns multiple body

blocks
The first block(s) don’t contain the full snippet (e.g. full of
whitespace)
input ends with ‘>’