Stay Connected:

ELSA-2013-0520

ELSA-2013-0520 - dovecot security and bug fix update

Type:SECURITY
Severity:LOW
Release Date:2013-02-22

Description


[1:2.0.9-5]
- script-login did not drop privileges correctly (#709095)
- fix directory traversal due to not obeying chroot directive (#709097)
- check proxy destination host against SSL certificate name (#754980)

[1:2.0.9-4]
- dovecot may not set correct premissions for mail folder (#697620)

[1:2.0.9-3]
- fix potential crash when parsing header names that contain NUL characters (#728673)


Related CVEs


CVE-2011-2166
CVE-2011-2167
CVE-2011-4318

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 6 (i386) dovecot-2.0.9-5.el6.src.rpm257146c31a796f77958060e4eb03c427ELSA-2019-2885
dovecot-2.0.9-5.el6.i686.rpm4c8c13fdd05a71f1557a8fde9abd6a0eELSA-2019-2885
dovecot-devel-2.0.9-5.el6.i686.rpm1ea52e4ad0971fbb3544542f5e2378caELSA-2019-2885
dovecot-mysql-2.0.9-5.el6.i686.rpm15664d94546bb741ee12144c8a4230c2ELSA-2019-2885
dovecot-pgsql-2.0.9-5.el6.i686.rpm3f4bb401e0bdccdd2f61065051209cbdELSA-2019-2885
dovecot-pigeonhole-2.0.9-5.el6.i686.rpm0a22ccc919397c5816fbc474b67b0b97ELSA-2019-2885
Oracle Linux 6 (x86_64) dovecot-2.0.9-5.el6.src.rpm257146c31a796f77958060e4eb03c427ELSA-2019-2885
dovecot-2.0.9-5.el6.i686.rpm4c8c13fdd05a71f1557a8fde9abd6a0eELSA-2019-2885
dovecot-2.0.9-5.el6.x86_64.rpm8f34781f09f0aa87a8135e1994d57847ELSA-2019-2885
dovecot-devel-2.0.9-5.el6.i686.rpm1ea52e4ad0971fbb3544542f5e2378caELSA-2019-2885
dovecot-devel-2.0.9-5.el6.x86_64.rpm38a4cad5478c2abb5a1c19d76f2237b0ELSA-2019-2885
dovecot-mysql-2.0.9-5.el6.x86_64.rpm60721d108f161f8a0c9772323d607828ELSA-2019-2885
dovecot-pgsql-2.0.9-5.el6.x86_64.rpmbce3a6dea84266d7a5f50f06b242520aELSA-2019-2885
dovecot-pigeonhole-2.0.9-5.el6.x86_64.rpmf9e1fc78dd7844ade3721ce53c8bc341ELSA-2019-2885



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights