Stay Connected:

ELSA-2020-3617

ELSA-2020-3617 - dovecot security update

Type:SECURITY
Severity:IMPORTANT
Release Date:2020-09-03

Description


[1:2.2.36-6.1]
- fix CVE-2020-12100 resource exhaustion via deeply nested MIME parts (#1871841)
- fix CVE-2020-12673 out of bound reads in dovecot NTLM implementation (#1871843)
- fix CVE-2020-12674 crash due to assert in RPA implementation (#1871842)


Related CVEs


CVE-2020-12100
CVE-2020-12674
CVE-2020-12673

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 7 (aarch64) dovecot-2.2.36-6.el7_8.1.src.rpm5ceb9dcf3ac17da050d7e6755459a35bELBA-2020-3921
dovecot-2.2.36-6.el7_8.1.aarch64.rpma3caa4b4061f993f94e34bf1a76ff87fELBA-2020-3921
dovecot-devel-2.2.36-6.el7_8.1.aarch64.rpme6bb46500a17cc5e78e98ea947017267ELBA-2020-3921
dovecot-mysql-2.2.36-6.el7_8.1.aarch64.rpm0ed723be999e4fbb5b793c2b0a026fbbELBA-2020-3921
dovecot-pgsql-2.2.36-6.el7_8.1.aarch64.rpm68b4ae27cbe38162b1075f30d3f87f41ELBA-2020-3921
dovecot-pigeonhole-2.2.36-6.el7_8.1.aarch64.rpme65bce3f5ca4ff8d0118145f65cae076ELBA-2020-3921
Oracle Linux 7 (x86_64) dovecot-2.2.36-6.el7_8.1.src.rpm5ceb9dcf3ac17da050d7e6755459a35bELBA-2020-3921
dovecot-2.2.36-6.el7_8.1.i686.rpme3e28d1c27fae3a171d6129be55b6f14ELBA-2020-3921
dovecot-2.2.36-6.el7_8.1.x86_64.rpm14c0fd130d9437b6ecaf2804603dec41ELBA-2020-3921
dovecot-devel-2.2.36-6.el7_8.1.x86_64.rpm6e00bd2437295f8f7ab985cd0d4c1e73ELBA-2020-3921
dovecot-mysql-2.2.36-6.el7_8.1.x86_64.rpmcea1ed96270edb67d3da4e37a6d58253ELBA-2020-3921
dovecot-pgsql-2.2.36-6.el7_8.1.x86_64.rpma7e276d60cd582bc1d916eca9c80c1c0ELBA-2020-3921
dovecot-pigeonhole-2.2.36-6.el7_8.1.x86_64.rpmb105f02c81463d52c0e28b9a9e3c514bELBA-2020-3921



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights