ELSA-2020-3713

ULN >
Oracle Linux Errata repository >
ELSA-2020-3713

ELSA-2020-3713 - dovecot security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2020-09-11

Description

[1:2.3.8-2.2]
- fix CVE-2020-12100 resource exhaustion via deeply nested MIME parts (#1866755)
- fix CVE-2020-12673 out of bound reads in dovecot NTLM implementation (#1866760)
- fix CVE-2020-12674 crash due to assert in RPA implementation (#1866767)

Related CVEs

CVE-2020-12674

CVE-2020-12100

CVE-2020-12673

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 8 (aarch64)	dovecot-2.3.8-2.el8_2.2.src.rpm	cc8ceb9af59f6b28a60accf47a1faee7042dcfa794e26be964b8d49dd12e9a19	-	ol8_aarch64_appstream
	dovecot-2.3.8-2.el8_2.2.src.rpm	cc8ceb9af59f6b28a60accf47a1faee7042dcfa794e26be964b8d49dd12e9a19	-	ol8_aarch64_codeready_builder
	dovecot-2.3.8-2.el8_2.2.aarch64.rpm	3c9b7d47623f3c1725008c6668527493ef7beec52d4708cf5383954aacbe8092	-	ol8_aarch64_appstream
	dovecot-devel-2.3.8-2.el8_2.2.aarch64.rpm	66079901681427870b2340fe797b8ed0d725fdfe455289ed51215c4c25e68bd8	-	ol8_aarch64_codeready_builder
	dovecot-mysql-2.3.8-2.el8_2.2.aarch64.rpm	6d25b7dc80531389d881bbf78b09a64e9098fd923d367c46ba33bbe6f2c73c54	-	ol8_aarch64_appstream
	dovecot-pgsql-2.3.8-2.el8_2.2.aarch64.rpm	607f2b89937ccf94291e1c5c9468dedeb62606944efc741f642b51058469e809	-	ol8_aarch64_appstream
	dovecot-pigeonhole-2.3.8-2.el8_2.2.aarch64.rpm	a71f79b01ed9cb2afa500ceca78f521ae20d43feed2a027eda8b5eb7d14e943e	-	ol8_aarch64_appstream

Oracle Linux 8 (x86_64)	dovecot-2.3.8-2.el8_2.2.src.rpm	cc8ceb9af59f6b28a60accf47a1faee7042dcfa794e26be964b8d49dd12e9a19	-	ol8_x86_64_appstream
	dovecot-2.3.8-2.el8_2.2.src.rpm	cc8ceb9af59f6b28a60accf47a1faee7042dcfa794e26be964b8d49dd12e9a19	-	ol8_x86_64_codeready_builder
	dovecot-2.3.8-2.el8_2.2.i686.rpm	fbe78165444412bf21260ca2099c58854727105a516ab85c1b409270dbc2e6de	-	ol8_x86_64_codeready_builder
	dovecot-2.3.8-2.el8_2.2.x86_64.rpm	f425b9e3513b7afe10bb1f29e304d4f8442487fe58f385634d638701d1586b22	-	ol8_x86_64_appstream
	dovecot-devel-2.3.8-2.el8_2.2.i686.rpm	9dbf97f5b0fbffbcba16c27e36fee99ab3250647fb36fd8a71498c86ec21e0a4	-	ol8_x86_64_codeready_builder
	dovecot-devel-2.3.8-2.el8_2.2.x86_64.rpm	94fa6df4588f13ce1d7a7dfad5c1753cdabd68f1a5650290baa0d2d9c49af2b7	-	ol8_x86_64_codeready_builder
	dovecot-mysql-2.3.8-2.el8_2.2.x86_64.rpm	ef19b1a50c2342415f1a3c1416ffa6b7888aa1477dc4f74c5a59d98b33d2be3f	-	ol8_x86_64_appstream
	dovecot-pgsql-2.3.8-2.el8_2.2.x86_64.rpm	2cbf29c98b0b333a398fba9413e58292cbfc8365b3c385a5e8953986d24b270d	-	ol8_x86_64_appstream
	dovecot-pigeonhole-2.3.8-2.el8_2.2.x86_64.rpm	cc9ba5d3bacf6cb2828eed0297c078d6e92d64b23b59667c57fe63e75121f6fd	-	ol8_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691