Oval Definition:oval:org.opensuse.security:def:66135
Revision Date:2020-12-01Version:1
Title:Security update for dovecot23 (Important)
Description:

This update for dovecot23 to 2.3.10 fixes the following issues:

Security issues fixed:

- CVE-2020-10957: Fixed a crash caused by malformed NOOP commands (bsc#1171457). - CVE-2020-10958: Fixed a use-after-free when receiving too many newlines (bsc#1171458). - CVE-2020-10967: Fixed a crash in the lmtp and submission components caused by mails with empty quoted localparts (bsc#1171456).

Non-security issues fixed:

- The update to 2.3.10 fixes several bugs. Please refer to https://dovecot.org/doc/NEWS for a complete list of changes.
Family:unixClass:patch
Status:Reference(s):1141267
1144059
1171456
1171457
1171458
CVE-2019-10197
CVE-2020-10957
CVE-2020-10958
CVE-2020-10967
SUSE-SU-2020:1380-1
Platform(s):SUSE Linux Enterprise High Availability 15 SP1
SUSE Linux Enterprise Module for Server Applications 15 SP1
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise High Availability 15 SP1 is installed
  • AND Package Information
  • ctdb-4.9.5+git.187.71edee57d5a-3.9 is installed
  • OR samba-4.9.5+git.187.71edee57d5a-3.9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed
  • AND Package Information
  • dovecot23-2.3.10-11 is installed
  • OR dovecot23-backend-mysql-2.3.10-11 is installed
  • OR dovecot23-backend-pgsql-2.3.10-11 is installed
  • OR dovecot23-backend-sqlite-2.3.10-11 is installed
  • OR dovecot23-devel-2.3.10-11 is installed
  • OR dovecot23-fts-2.3.10-11 is installed
  • OR dovecot23-fts-lucene-2.3.10-11 is installed
  • OR dovecot23-fts-solr-2.3.10-11 is installed
  • OR dovecot23-fts-squat-2.3.10-11 is installed
    • BACK