Oval Definition:oval:org.opensuse.security:def:91791
Revision Date:2021-01-05Version:1
Title:Security update for dovecot23 (Important)
Description:

This update for dovecot23 fixes the following issues:

Security issues fixed:

- CVE-2020-12100: Fixed a resource exhaustion caused by deeply nested MIME parts (bsc#1174920). - CVE-2020-24386: Fixed an issue with IMAP hibernation that allowed users to access other users' emails (bsc#1180405). - CVE-2020-25275: Fixed a crash when the 10000th MIME part was message/rfc822 (bsc#1180406).

Non-security issues fixed:

- Pigeonhole was updated to version 0.5.11. - Dovecot was updated to version 2.3.11.3.
Family:unixClass:patch
Status:Reference(s):1174920
1180405
1180406
CVE-2020-12100
CVE-2020-24386
CVE-2020-25275
SUSE-SU-2021:0027-1
Platform(s):SUSE Linux Enterprise High Performance Computing 15 SP1
SUSE Linux Enterprise Module for Server Applications 15 SP1
SUSE Linux Enterprise Server 15 SP1
SUSE Linux Enterprise Server for SAP Applications 15 SP1
SUSE Linux Enterprise Storage 6
SUSE Manager Proxy 4.0
SUSE Manager Server 4.0
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed
  • AND Package Information
  • dovecot23-2.3.11.3-21.1 is installed
  • OR dovecot23-backend-mysql-2.3.11.3-21.1 is installed
  • OR dovecot23-backend-pgsql-2.3.11.3-21.1 is installed
  • OR dovecot23-backend-sqlite-2.3.11.3-21.1 is installed
  • OR dovecot23-devel-2.3.11.3-21.1 is installed
  • OR dovecot23-fts-2.3.11.3-21.1 is installed
  • OR dovecot23-fts-lucene-2.3.11.3-21.1 is installed
  • OR dovecot23-fts-solr-2.3.11.3-21.1 is installed
  • OR dovecot23-fts-squat-2.3.11.3-21.1 is installed
  • BACK