ELSA-2019-2836

ELSA-2019-2836 - dovecot security update

Type:SECURITY
Severity:IMPORTANT
Release Date:2019-09-20

Description


[1:2.2.36-3.1]
- fix CVE-2019-11500: IMAP protocol parser does not properly handle NUL byte
when scanning data in quoted strings, leading to out of bounds heap
memory writes (#1751383)


Related CVEs


CVE-2019-11500

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 7 (aarch64) dovecot-2.2.36-3.el7_7.1.src.rpmff39d01b7c1a9eb688b14cbbb192b670-
dovecot-2.2.36-3.el7_7.1.aarch64.rpm9bc0d4bf81310b941a38aa5fa47d715b-
dovecot-devel-2.2.36-3.el7_7.1.aarch64.rpmd98a41abfe721bbd291e3932eaccfb7a-
dovecot-mysql-2.2.36-3.el7_7.1.aarch64.rpm681abb9c70da1db3937fae57ef7f5670-
dovecot-pgsql-2.2.36-3.el7_7.1.aarch64.rpm0b1985bd3e55f3aa2f1a61e1a98d7837-
dovecot-pigeonhole-2.2.36-3.el7_7.1.aarch64.rpm59acd61c82bd559dc2ae7e4f6a0f3742-
Oracle Linux 7 (x86_64) dovecot-2.2.36-3.el7_7.1.src.rpmff39d01b7c1a9eb688b14cbbb192b670-
dovecot-2.2.36-3.el7_7.1.i686.rpmef67c5831982bb3c8f97c3c770d1f0bc-
dovecot-2.2.36-3.el7_7.1.x86_64.rpm3aa0ad26fad0598585eb721c0945b11b-
dovecot-devel-2.2.36-3.el7_7.1.x86_64.rpm6689f2fda2464ccc1e1edb66b604c6d4-
dovecot-mysql-2.2.36-3.el7_7.1.x86_64.rpm40e79e4ca28f0faa2a11ba70c8cca7ae-
dovecot-pgsql-2.2.36-3.el7_7.1.x86_64.rpmbf97fbc0ed03eea9debad4e9e9ab5311-
dovecot-pigeonhole-2.2.36-3.el7_7.1.x86_64.rpmf3e5f15dd3b584eeec3d73b25988989b-



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete