Oval Definition:oval:org.opensuse.security:def:110668
Revision Date:2021-01-16Version:1
Title:Security update for dovecot23 (Important)
Description:

This update for dovecot23 fixes the following issues:

Security issues fixed:

- CVE-2020-12100: Fixed a resource exhaustion caused by deeply nested MIME parts (bsc#1174920). - CVE-2020-24386: Fixed an issue with IMAP hibernation that allowed users to access other users' emails (bsc#1180405). - CVE-2020-25275: Fixed a crash when the 10000th MIME part was message/rfc822 (bsc#1180406).

Non-security issues fixed:

- Pigeonhole was updated to version 0.5.11. - Dovecot was updated to version 2.3.11.3.

This update was imported from the SUSE:SLE-15-SP1:Update update project.
Family:unixClass:patch
Status:Reference(s):1174920
1180405
1180406
CVE-2020-12100
CVE-2020-24386
CVE-2020-25275
openSUSE-SU-2021:0072-1
Platform(s):openSUSE Leap 15.1
Product(s):
Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • dovecot23-2.3.11.3-lp151.2.15.1 is installed
  • OR dovecot23-backend-mysql-2.3.11.3-lp151.2.15.1 is installed
  • OR dovecot23-backend-pgsql-2.3.11.3-lp151.2.15.1 is installed
  • OR dovecot23-backend-sqlite-2.3.11.3-lp151.2.15.1 is installed
  • OR dovecot23-devel-2.3.11.3-lp151.2.15.1 is installed
  • OR dovecot23-fts-2.3.11.3-lp151.2.15.1 is installed
  • OR dovecot23-fts-lucene-2.3.11.3-lp151.2.15.1 is installed
  • OR dovecot23-fts-solr-2.3.11.3-lp151.2.15.1 is installed
  • OR dovecot23-fts-squat-2.3.11.3-lp151.2.15.1 is installed
  • BACK