Oval Definition:oval:org.opensuse.security:def:201910691
Revision Date:2022-09-02Version:1
Title:CVE-2019-10691
Description:

The JSON encoder in Dovecot before 2.3.5.2 allows attackers to repeatedly crash the authentication service by attempting to authenticate with an invalid UTF-8 sequence as the username.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2019-10691
SUSE-SU-2019:0997-1
openSUSE-SU-2019:1312-1
Mitre CVE-2019-10691
SUSE CVE-2019-10691
SUSE-SU-2019:0997-1
openSUSE-SU-2019:1312-1
Platform(s):openSUSE Leap 15.0
openSUSE Tumbleweed
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Module for Server Applications 15
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server for SAP Applications 12
SUSE Linux Enterprise Server for SAP Applications 12 SP2
SUSE Linux Enterprise Server for SAP Applications 12 SP4
SUSE Linux Enterprise Software Development Kit 12 SP4
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 is installed
  • AND Package Information
  • dovecot23-2.3.3-4.13 is installed
  • OR dovecot23-backend-mysql-2.3.3-4.13 is installed
  • OR dovecot23-backend-pgsql-2.3.3-4.13 is installed
  • OR dovecot23-backend-sqlite-2.3.3-4.13 is installed
  • OR dovecot23-devel-2.3.3-4.13 is installed
  • OR dovecot23-fts-2.3.3-4.13 is installed
  • OR dovecot23-fts-lucene-2.3.3-4.13 is installed
  • OR dovecot23-fts-solr-2.3.3-4.13 is installed
  • OR dovecot23-fts-squat-2.3.3-4.13 is installed
    • Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • dovecot23-2.3.3-lp150.11 is installed
  • AND dovecot23 is signed with openSUSE key
  • OR
  • dovecot23-backend-mysql-2.3.3-lp150.11 is installed
  • AND dovecot23-backend-mysql is signed with openSUSE key
  • OR
  • dovecot23-backend-pgsql-2.3.3-lp150.11 is installed
  • AND dovecot23-backend-pgsql is signed with openSUSE key
  • OR
  • dovecot23-backend-sqlite-2.3.3-lp150.11 is installed
  • AND dovecot23-backend-sqlite is signed with openSUSE key
  • OR
  • dovecot23-devel-2.3.3-lp150.11 is installed
  • AND dovecot23-devel is signed with openSUSE key
  • OR
  • dovecot23-fts-2.3.3-lp150.11 is installed
  • AND dovecot23-fts is signed with openSUSE key
  • OR
  • dovecot23-fts-lucene-2.3.3-lp150.11 is installed
  • AND dovecot23-fts-lucene is signed with openSUSE key
  • OR
  • dovecot23-fts-solr-2.3.3-lp150.11 is installed
  • AND dovecot23-fts-solr is signed with openSUSE key
  • OR
  • dovecot23-fts-squat-2.3.3-lp150.11 is installed
  • AND dovecot23-fts-squat is signed with openSUSE key
    • Definition Synopsis
  • openSUSE Tumbleweed is installed
  • AND Package Information
  • dovecot23-2.3.16-1.6 is installed
  • OR dovecot23-backend-mysql-2.3.16-1.6 is installed
  • OR dovecot23-backend-pgsql-2.3.16-1.6 is installed
  • OR dovecot23-backend-sqlite-2.3.16-1.6 is installed
  • OR dovecot23-devel-2.3.16-1.6 is installed
  • OR dovecot23-fts-2.3.16-1.6 is installed
  • OR dovecot23-fts-lucene-2.3.16-1.6 is installed
  • OR dovecot23-fts-solr-2.3.16-1.6 is installed
  • OR dovecot23-fts-squat-2.3.16-1.6 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • OR SUSE Linux Enterprise Server 12 SP4 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP2 is installed
  • OR SUSE Linux Enterprise Software Development Kit 12 SP4 is installed
  • AND dovecot22 is not affected
  • OR Package Information
  • SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed
  • AND
  • dovecot22 is not affected
  • OR dovecot22-backend-mysql is not affected
  • OR dovecot22-backend-pgsql is not affected
  • OR dovecot22-backend-sqlite is not affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • OR SUSE Linux Enterprise Server 12 SP4 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP2 is installed
  • AND dovecot22 is not affected
  • OR Package Information
  • SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed
  • AND
  • dovecot22 is not affected
  • OR dovecot22-backend-mysql is not affected
  • OR dovecot22-backend-pgsql is not affected
  • OR dovecot22-backend-sqlite is not affected
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND dovecot22 is not affected
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND dovecot22 is not affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • OR SUSE Linux Enterprise Server 12 SP4 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed
  • OR SUSE Linux Enterprise Software Development Kit 12 SP4 is installed
  • AND dovecot22 is not affected
  • OR Package Information
  • SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed
  • AND
  • dovecot22 is not affected
  • OR dovecot22-backend-mysql is not affected
  • OR dovecot22-backend-pgsql is not affected
  • OR dovecot22-backend-sqlite is not affected
    • BACK