ELSA-2020-3617

ULN >
Oracle Linux Errata repository >
ELSA-2020-3617

ELSA-2020-3617 - dovecot security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2020-09-03

Description

[1:2.2.36-6.1]
- fix CVE-2020-12100 resource exhaustion via deeply nested MIME parts (#1871841)
- fix CVE-2020-12673 out of bound reads in dovecot NTLM implementation (#1871843)
- fix CVE-2020-12674 crash due to assert in RPA implementation (#1871842)

Related CVEs

CVE-2020-12673

CVE-2020-12100

CVE-2020-12674

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 7 (aarch64)	dovecot-2.2.36-6.el7_8.1.src.rpm	5e157a26fbd47ec2cc80e6c7cba452d2de9c2712b0bec2e1f8673b3560a74c20	ELBA-2020-3921	ol7_aarch64_latest
	dovecot-2.2.36-6.el7_8.1.src.rpm	5e157a26fbd47ec2cc80e6c7cba452d2de9c2712b0bec2e1f8673b3560a74c20	ELBA-2020-3921	ol7_aarch64_optional_latest
	dovecot-2.2.36-6.el7_8.1.aarch64.rpm	8f0f711516d99d5a6ed22d33e6416142a64a22a69db18ac42cc7b8326a5366e8	ELBA-2020-3921	ol7_aarch64_latest
	dovecot-devel-2.2.36-6.el7_8.1.aarch64.rpm	c15bb4b170953f5f95278a9bec65f260a55fd64f845300f71daf0d46aa6f1b37	ELBA-2020-3921	ol7_aarch64_optional_latest
	dovecot-mysql-2.2.36-6.el7_8.1.aarch64.rpm	86516722fd5fc9440305867b25b94054d68a33cb054372f7d5e06420d001be15	ELBA-2020-3921	ol7_aarch64_latest
	dovecot-pgsql-2.2.36-6.el7_8.1.aarch64.rpm	01a6fc9862fb7dbd953d08df94ac025589d7cc10f0d2b4110ee075ff79077797	ELBA-2020-3921	ol7_aarch64_latest
	dovecot-pigeonhole-2.2.36-6.el7_8.1.aarch64.rpm	60729c6de4cb97f42d40259cb7f1d67daa940810dec13894fad1c8cc0406b8e4	ELBA-2020-3921	ol7_aarch64_latest

Oracle Linux 7 (x86_64)	dovecot-2.2.36-6.el7_8.1.src.rpm	5e157a26fbd47ec2cc80e6c7cba452d2de9c2712b0bec2e1f8673b3560a74c20	ELBA-2020-3921	ol7_x86_64_latest
	dovecot-2.2.36-6.el7_8.1.src.rpm	5e157a26fbd47ec2cc80e6c7cba452d2de9c2712b0bec2e1f8673b3560a74c20	ELBA-2020-3921	ol7_x86_64_optional_latest
	dovecot-2.2.36-6.el7_8.1.src.rpm	5e157a26fbd47ec2cc80e6c7cba452d2de9c2712b0bec2e1f8673b3560a74c20	ELBA-2020-3921	ol7_x86_64_u8_patch
	dovecot-2.2.36-6.el7_8.1.i686.rpm	2cd62348563c95a0cd8ddb227f0638ef53b704893def579c7a5477c8414ad672	ELBA-2020-3921	ol7_x86_64_latest
	dovecot-2.2.36-6.el7_8.1.i686.rpm	2cd62348563c95a0cd8ddb227f0638ef53b704893def579c7a5477c8414ad672	ELBA-2020-3921	ol7_x86_64_u8_patch
	dovecot-2.2.36-6.el7_8.1.x86_64.rpm	721d3da42105a9ea1dd4e02d8e70ea93f1c2f3fd5de7cdcff1f067c11a30d9f2	ELBA-2020-3921	ol7_x86_64_latest
	dovecot-2.2.36-6.el7_8.1.x86_64.rpm	721d3da42105a9ea1dd4e02d8e70ea93f1c2f3fd5de7cdcff1f067c11a30d9f2	ELBA-2020-3921	ol7_x86_64_u8_patch
	dovecot-devel-2.2.36-6.el7_8.1.x86_64.rpm	0c5a315dbc3163ec85dfe80967b8a3734f98da535da9396689b69c46933bdc2a	ELBA-2020-3921	ol7_x86_64_optional_latest
	dovecot-mysql-2.2.36-6.el7_8.1.x86_64.rpm	40d3b1a78d9dbbed9da62d10799b31512f731d4f6d808bf92a2be47ef860fd1e	ELBA-2020-3921	ol7_x86_64_latest
	dovecot-mysql-2.2.36-6.el7_8.1.x86_64.rpm	40d3b1a78d9dbbed9da62d10799b31512f731d4f6d808bf92a2be47ef860fd1e	ELBA-2020-3921	ol7_x86_64_u8_patch
	dovecot-pgsql-2.2.36-6.el7_8.1.x86_64.rpm	46be4dc37c539e925e29c32243839f59697144c34e8daab851cfe1248208b1e1	ELBA-2020-3921	ol7_x86_64_latest
	dovecot-pgsql-2.2.36-6.el7_8.1.x86_64.rpm	46be4dc37c539e925e29c32243839f59697144c34e8daab851cfe1248208b1e1	ELBA-2020-3921	ol7_x86_64_u8_patch
	dovecot-pigeonhole-2.2.36-6.el7_8.1.x86_64.rpm	af6726bc41d3194ff4f04bbfa93ef520e9055cab8187e4fca8d6220f3a9f104a	ELBA-2020-3921	ol7_x86_64_latest
	dovecot-pigeonhole-2.2.36-6.el7_8.1.x86_64.rpm	af6726bc41d3194ff4f04bbfa93ef520e9055cab8187e4fca8d6220f3a9f104a	ELBA-2020-3921	ol7_x86_64_u8_patch

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691