ELSA-2021-1887

ELSA-2021-1887 - dovecot security and bug fix update

Type:	SECURITY
Severity:	MODERATE
Release Date:	2021-05-25

Description

[1:2.3.8-9]
- fix CVE-2020-24386 IMAP hibernation function allows mail access (#1913534)

[1:2.3.8-8]
- fix CVE-2020-25275 denial of service via mail MIME parsing (#1914019)

[1:2.3.8-7]
- change run directory from /var/run to /run (#1805947)

[1:2.3.8-6]
- fix mail storage block count parsing (#1894418)
- MIME parser crashed when boundaries were wrong (#1888111)

[1:2.3.8-5]
- multilib compatibility (#1853137)

Related CVEs

CVE-2020-25275

CVE-2020-24386

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory
Oracle Linux 8 (aarch64)	dovecot-2.3.8-9.el8.src.rpm	84ee424843a97a74ad41b3e4137e1cd1	-
	dovecot-2.3.8-9.el8.aarch64.rpm	67e9ddb7ecf4d301ce5bc07499be036a	-
	dovecot-devel-2.3.8-9.el8.aarch64.rpm	ab265c568c45aacb3ccc439cdeaffbd5	-
	dovecot-mysql-2.3.8-9.el8.aarch64.rpm	0040f7bae53f53d292b3b4cd3f83d3ca	-
	dovecot-pgsql-2.3.8-9.el8.aarch64.rpm	aff22c79627e1cf7cd1cfc3921962f50	-
	dovecot-pigeonhole-2.3.8-9.el8.aarch64.rpm	29a7c1c0177843f081bee9b5491612eb	-
Oracle Linux 8 (x86_64)	dovecot-2.3.8-9.el8.src.rpm	84ee424843a97a74ad41b3e4137e1cd1	-
	dovecot-2.3.8-9.el8.i686.rpm	0b23303f2e54176c4379677c8be35c1e	-
	dovecot-2.3.8-9.el8.x86_64.rpm	a1a58f884d76890a05df47770e1622bd	-
	dovecot-devel-2.3.8-9.el8.i686.rpm	b8b0d64946ae7cfc82a3ba96d90ff800	-
	dovecot-devel-2.3.8-9.el8.x86_64.rpm	8d4baa85e5f0f8c987c6d90ba6b61d57	-
	dovecot-mysql-2.3.8-9.el8.x86_64.rpm	b91ece88cf3fd644907ad5bac4405613	-
	dovecot-pgsql-2.3.8-9.el8.x86_64.rpm	62119b14f6cd239ed2b5cee1c65c3a9a	-
	dovecot-pigeonhole-2.3.8-9.el8.x86_64.rpm	f5d5f7bc985f81266df43ce9b6194926	-

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team