ELSA-2020-3713

ELSA-2020-3713 - dovecot security update

Type:SECURITY
Severity:IMPORTANT
Release Date:2020-09-11

Description


[1:2.3.8-2.2]
- fix CVE-2020-12100 resource exhaustion via deeply nested MIME parts (#1866755)
- fix CVE-2020-12673 out of bound reads in dovecot NTLM implementation (#1866760)
- fix CVE-2020-12674 crash due to assert in RPA implementation (#1866767)


Related CVEs


CVE-2020-12674
CVE-2020-12100
CVE-2020-12673

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 8 (aarch64) dovecot-2.3.8-2.el8_2.2.src.rpmadd3c58107ffcbc65fb09843004795ec-
dovecot-2.3.8-2.el8_2.2.aarch64.rpmd9fe782578416e10439e80523df511ea-
dovecot-devel-2.3.8-2.el8_2.2.aarch64.rpm8a15b9c9f4bd71f3fb81dc93a2dcda7c-
dovecot-mysql-2.3.8-2.el8_2.2.aarch64.rpmf2c4fb56900db0a49d122647b70bc2b5-
dovecot-pgsql-2.3.8-2.el8_2.2.aarch64.rpm5ec65d011487eb75236367da5683e597-
dovecot-pigeonhole-2.3.8-2.el8_2.2.aarch64.rpm50f247582d89b6bcd6cc09546c71269a-
Oracle Linux 8 (x86_64) dovecot-2.3.8-2.el8_2.2.src.rpmadd3c58107ffcbc65fb09843004795ec-
dovecot-2.3.8-2.el8_2.2.i686.rpm8762938d6a5f52c38eaa7be2787d5f9b-
dovecot-2.3.8-2.el8_2.2.x86_64.rpm872a9f886d08f7ab0add37d201f19af2-
dovecot-devel-2.3.8-2.el8_2.2.i686.rpmb78b0972d62d2b300338cfccbb3e04c9-
dovecot-devel-2.3.8-2.el8_2.2.x86_64.rpm5f1d169d9490e2a1885bc51b33125cf6-
dovecot-mysql-2.3.8-2.el8_2.2.x86_64.rpm93c99bcd1d09651f487d2d0ba6014df5-
dovecot-pgsql-2.3.8-2.el8_2.2.x86_64.rpmec7b51324afaf088f36924bd92365788-
dovecot-pigeonhole-2.3.8-2.el8_2.2.x86_64.rpm6de6409b949ce6badf71ad595aadfbce-



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete