Lucene search
CentOS ProjectCESA-2019:2836HistorySep 26, 2019 - 1:00 p.m.
dovecot security update
2019-09-2613:00:35
CentOS Project
lists.centos.org
166
0.614 Medium
EPSS
Percentile
97.8%
CentOS Errata and Security Advisory CESA-2019:2836
Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages.
Security Fix(es):
- dovecot: improper NULL byte handling in IMAP and ManageSieve protocol parsers leads to out of bounds writes (CVE-2019-11500)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2019-September/085613.html
Affected packages:
dovecot
dovecot-devel
dovecot-mysql
dovecot-pgsql
dovecot-pigeonhole
Upstream details at:
https://access.redhat.com/errata/RHSA-2019:2836
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| CentOS | 7 | i686 | dovecot | <Â 2.2.36-3.el7_7.1 | dovecot-2.2.36-3.el7_7.1.i686.rpm |
| CentOS | 7 | x86_64 | dovecot | <Â 2.2.36-3.el7_7.1 | dovecot-2.2.36-3.el7_7.1.x86_64.rpm |
| CentOS | 7 | x86_64 | dovecot-devel | <Â 2.2.36-3.el7_7.1 | dovecot-devel-2.2.36-3.el7_7.1.x86_64.rpm |
| CentOS | 7 | x86_64 | dovecot-mysql | <Â 2.2.36-3.el7_7.1 | dovecot-mysql-2.2.36-3.el7_7.1.x86_64.rpm |
| CentOS | 7 | x86_64 | dovecot-pgsql | <Â 2.2.36-3.el7_7.1 | dovecot-pgsql-2.2.36-3.el7_7.1.x86_64.rpm |
| CentOS | 7 | x86_64 | dovecot-pigeonhole | <Â 2.2.36-3.el7_7.1 | dovecot-pigeonhole-2.2.36-3.el7_7.1.x86_64.rpm |
Related
osv
osv
dovecot - security update
2019-08-29 00:00:00
CVE-2019-11500
2019-08-29 14:15:11
dovecot - security update
2019-08-28 00:00:00
nessus
nessus
EulerOS 2.0 SP8 : dovecot (EulerOS-SA-2019-2071)
2019-09-30 00:00:00
CentOS 6 : dovecot (CESA-2019:2885)
2019-10-01 00:00:00
Oracle Linux 6 : dovecot (ELSA-2019-2885)
2019-09-24 00:00:00
veracode
veracode
Remote Code Execution (RCE)
2019-09-21 00:17:27
prion
prion
Remote code execution
2019-08-29 14:15:00
openvas
openvas
Huawei EulerOS: Security Advisory for dovecot (EulerOS-SA-2019-2071)
2020-01-23 00:00:00
Ubuntu: Security Advisory (USN-4110-1)
2019-08-29 00:00:00
CentOS Update for dovecot CESA-2019:2836 centos7
2019-09-27 00:00:00
oraclelinux
oraclelinux
dovecot security update
2019-09-23 00:00:00
dovecot security update
2019-09-20 00:00:00
dovecot security update
2019-09-23 00:00:00
debiancve
debiancve
CVE-2019-11500
2019-08-29 14:15:00
checkpoint_advisories
checkpoint_advisories
Dovecot And Pigeonhole Remote Code Execution (CVE-2019-11500)
2020-03-01 00:00:00
debian
debian
[SECURITY] [DSA 4510-1] dovecot security update
2019-08-28 12:15:27
[SECURITY] [DLA 1901-1] dovecot security update
2019-08-29 19:03:07
[SECURITY] [DSA 4510-1] dovecot security update
2019-08-28 12:15:48
ubuntu
ubuntu
Dovecot vulnerability
2019-08-28 00:00:00
Dovecot regression
2019-08-28 00:00:00
Dovecot vulnerability
2019-08-28 00:00:00
centos
centos
dovecot security update
2019-09-27 12:11:33
archlinux
archlinux
[ASA-201908-18] dovecot: arbitrary code execution
2019-08-28 00:00:00
[ASA-201908-19] pigeonhole: arbitrary code execution
2019-08-28 00:00:00
cve
cve
CVE-2019-11500
2019-08-29 14:15:00
amazon
amazon
Important: dovecot
2019-11-04 22:10:00
ubuntucve
ubuntucve
CVE-2019-11500
2019-08-28 00:00:00
freebsd
freebsd
Dovecot -- improper input validation
2019-04-13 00:00:00
alpinelinux
alpinelinux
CVE-2019-11500
2019-08-29 14:15:00
altlinux
altlinux
redhat
redhat
(RHSA-2019:2885) Important: dovecot security update
2019-09-23 19:48:53
(RHSA-2019:2822) Important: dovecot security update
2019-09-20 01:37:54
(RHSA-2019:2836) Important: dovecot security update
2019-09-20 08:22:52
redhatcve
redhatcve
CVE-2019-11500
2019-10-10 05:23:44
fedora
fedora
[SECURITY] Fedora 31 Update: dovecot-2.3.7.2-1.fc31
2019-09-14 16:38:16
[SECURITY] Fedora 30 Update: dovecot-2.3.7.2-1.fc30
2019-08-30 14:21:41
[SECURITY] Fedora 29 Update: dovecot-2.3.7.2-1.fc29
2019-09-06 12:59:59
mageia
mageia
Updated dovecot packages fix security vulnerability
2019-09-08 17:09:05
cvelist
cvelist
CVE-2019-11500
2019-08-29 13:51:46
gentoo
gentoo
Dovecot: Multiple vulnerabilities
2019-08-31 00:00:00
suse
suse
Security update for dovecot23 (important)
2019-10-07 00:00:00
Security update for dovecot23 (important)
2019-10-07 00:00:00