[ALSA-2020:4763] Moderate: dovecot security update
Release date:
Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Security Fix(es): * dovecot: command followed by sufficient number of newlines leads to use-after-free (CVE-2020-10958) * dovecot: sending mail with empty quoted localpart leads to DoS (CVE-2020-10967) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
Updated packages listed below:
Architecture Package Checksum
i686 dovecot-devel-2.3.8-4.el8.i686.rpm 3d51c176a4cecd1b28c998c9b0b27fb62da44a76a9977735c89ef85caf62b562
i686 dovecot-2.3.8-4.el8.i686.rpm 9324049119e6a1e8d40ac4da979dfb9b56249f208e1b18149b3c7389a0a7014e
x86_64 dovecot-devel-2.3.8-4.el8.x86_64.rpm e64405f9af4301a9bb5704b0206ef51b5c6ef8b21d812731881fdb68694f5475
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.