/[advisories]/27099.adv
ViewVC logotype

Contents of /27099.adv

Parent Directory Parent Directory | Revision Log Revision Log


Revision 10630 - (show annotations) (download)
Tue Aug 18 16:52:04 2020 UTC (3 years, 7 months ago) by neoclust
File size: 904 byte(s)
MGASA-2020-0330: dovecot-2.3.11.3-1.mga7
1 type: security
2 subject: Updated dovecot packages fix security vulnerability
3 CVE:
4 - CVE-2020-12100
5 - CVE-2020-12673
6 - CVE-2020-12674
7 src:
8 7:
9 core:
10 - dovecot-2.3.11.3-1.mga7
11 description: |
12 CVE-2020-12100: Receiving mail with deeply nested MIME parts leads to resource
13 exhaustion as Dovecot attempts to parse it.
14 CVE-2020-12673: Dovecot's NTLM implementation does not correctly check message
15 buffer size, which leads to reading past allocation which can lead to crash.
16 CVE-2020-12674: Dovecot's RPA mechanism implementation accepts zero-length
17 message, which leads to assert-crash later on.
18 references:
19 - https://bugs.mageia.org/show_bug.cgi?id=27099
20 - https://dovecot.org/pipermail/dovecot-news/2020-August/000441.html
21 - https://dovecot.org/pipermail/dovecot-news/2020-August/000442.html
22 - https://dovecot.org/pipermail/dovecot-news/2020-August/000443.html
23 ID: MGASA-2020-0330

  ViewVC Help
Powered by ViewVC 1.1.30