Oval Definition:oval:org.opensuse.security:def:74893
Revision Date:2020-12-01Version:1
Title:Security update for dovecot23 (Important)
Description:

This update for dovecot23 to 2.3.10 fixes the following issues:

Security issues fixed:

- CVE-2020-10957: Fixed a crash caused by malformed NOOP commands (bsc#1171457). - CVE-2020-10958: Fixed a use-after-free when receiving too many newlines (bsc#1171458). - CVE-2020-10967: Fixed a crash in the lmtp and submission components caused by mails with empty quoted localparts (bsc#1171456).

Non-security issues fixed:

- The update to 2.3.10 fixes several bugs. Please refer to https://dovecot.org/doc/NEWS for a complete list of changes.

This update was imported from the SUSE:SLE-15-SP1:Update update project.
Family:unixClass:patch
Status:Reference(s):1171456
1171457
1171458
1173580
CVE-2020-10957
CVE-2020-10958
CVE-2020-10967
CVE-2020-4044
openSUSE-SU-2020:0720-1
openSUSE-SU-2020:1200-1
Platform(s):openSUSE Leap 15.1
openSUSE Leap 15.2
Product(s):
Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • dovecot23-2.3.10-lp151.2.9 is installed
  • OR dovecot23-backend-mysql-2.3.10-lp151.2.9 is installed
  • OR dovecot23-backend-pgsql-2.3.10-lp151.2.9 is installed
  • OR dovecot23-backend-sqlite-2.3.10-lp151.2.9 is installed
  • OR dovecot23-devel-2.3.10-lp151.2.9 is installed
  • OR dovecot23-fts-2.3.10-lp151.2.9 is installed
  • OR dovecot23-fts-lucene-2.3.10-lp151.2.9 is installed
  • OR dovecot23-fts-solr-2.3.10-lp151.2.9 is installed
  • OR dovecot23-fts-squat-2.3.10-lp151.2.9 is installed
    • Definition Synopsis
  • openSUSE Leap 15.2 is installed
  • AND Package Information
  • libpainter0-0.9.13.1-lp152.3.3 is installed
  • OR librfxencode0-0.9.13.1-lp152.3.3 is installed
  • OR xrdp-0.9.13.1-lp152.3.3 is installed
  • OR xrdp-devel-0.9.13.1-lp152.3.3 is installed
    • BACK