Lucene search
OracleLinuxELSA-2020-3617HistorySep 03, 2020 - 12:00 a.m.
dovecot security update
2020-09-0300:00:00
linux.oracle.com
8
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
[1:2.2.36-6.1]
- fix CVE-2020-12100 resource exhaustion via deeply nested MIME parts (#1871841)
- fix CVE-2020-12673 out of bound reads in dovecot NTLM implementation (#1871843)
- fix CVE-2020-12674 crash due to assert in RPA implementation (#1871842)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 7 | src | dovecot | < 2.2.36-6.el7_8.1 | dovecot-2.2.36-6.el7_8.1.src.rpm |
| oracle linux | 7 | aarch64 | dovecot | < 2.2.36-6.el7_8.1 | dovecot-2.2.36-6.el7_8.1.aarch64.rpm |
| oracle linux | 7 | aarch64 | dovecot-devel | < 2.2.36-6.el7_8.1 | dovecot-devel-2.2.36-6.el7_8.1.aarch64.rpm |
| oracle linux | 7 | aarch64 | dovecot-mysql | < 2.2.36-6.el7_8.1 | dovecot-mysql-2.2.36-6.el7_8.1.aarch64.rpm |
| oracle linux | 7 | aarch64 | dovecot-pgsql | < 2.2.36-6.el7_8.1 | dovecot-pgsql-2.2.36-6.el7_8.1.aarch64.rpm |
| oracle linux | 7 | aarch64 | dovecot-pigeonhole | < 2.2.36-6.el7_8.1 | dovecot-pigeonhole-2.2.36-6.el7_8.1.aarch64.rpm |
| oracle linux | 7 | src | dovecot | < 2.2.36-6.el7_8.1 | dovecot-2.2.36-6.el7_8.1.src.rpm |
| oracle linux | 7 | i686 | dovecot | < 2.2.36-6.el7_8.1 | dovecot-2.2.36-6.el7_8.1.i686.rpm |
| oracle linux | 7 | x86_64 | dovecot | < 2.2.36-6.el7_8.1 | dovecot-2.2.36-6.el7_8.1.x86_64.rpm |
| oracle linux | 7 | x86_64 | dovecot-devel | < 2.2.36-6.el7_8.1 | dovecot-devel-2.2.36-6.el7_8.1.x86_64.rpm |
Related
osv
osv
dovecot - security update
2020-08-15 00:00:00
dovecot - security update
2020-08-12 00:00:00
CVE-2020-12100
2020-08-12 16:15:11
nessus
nessus
Oracle Linux 7 : dovecot (ELSA-2020-3617)
2020-09-03 00:00:00
Amazon Linux AMI : dovecot (ALAS-2020-1435)
2020-10-28 00:00:00
redhat
redhat
(RHSA-2020:3735) Important: dovecot security update
2020-09-14 12:27:13
(RHSA-2020:3713) Important: dovecot security update
2020-09-10 12:36:17
(RHSA-2020:3736) Important: dovecot security update
2020-09-14 12:28:19
centos
centos
dovecot security update
2020-09-14 14:40:04
openvas
openvas
Debian: Security Advisory (DLA-2328-1)
2020-08-17 00:00:00
Mageia: Security Advisory (MGASA-2020-0330)
2022-01-28 00:00:00
CentOS: Security Advisory for dovecot (CESA-2020:3617)
2020-09-15 00:00:00
debian
debian
[SECURITY] [DSA 4745-1] dovecot security update
2020-08-12 15:52:48
[SECURITY] [DSA 4745-1] dovecot security update
2020-08-12 15:52:48
[SECURITY] [DLA 2328-1] dovecot security update
2020-08-15 22:00:26
amazon
amazon
Important: dovecot
2020-10-26 17:59:00
Important: dovecot
2020-09-15 17:18:00
gentoo
gentoo
Dovecot: Multiple vulnerabilities
2020-09-06 00:00:00
ubuntu
ubuntu
Dovecot vulnerabilities
2020-08-12 00:00:00
Dovecot vulnerabilities
2020-08-17 00:00:00
oraclelinux
oraclelinux
dovecot security update
2020-09-11 00:00:00
dovecot security update
2020-11-10 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package dovecot version 2.3.11.3-alt1
2020-12-07 00:00:00
mageia
mageia
Updated dovecot packages fix security vulnerability
2020-08-18 20:41:27
fedora
fedora
[SECURITY] Fedora 31 Update: dovecot-2.3.11.3-4.fc31
2020-09-03 16:27:31
[SECURITY] Fedora 32 Update: dovecot-2.3.11.3-5.fc32
2020-10-13 20:35:04
[SECURITY] Fedora 33 Update: dovecot-2.3.11.3-5.fc33
2020-09-25 17:07:13
freebsd
freebsd
mail/dovecot -- multiple vulnerabilities
2020-04-23 00:00:00
mail/dovecot -- multiple vulnerabilities
2020-08-17 00:00:00
suse
suse
Security update for dovecot23 (important)
2020-08-21 00:00:00
Security update for dovecot23 (important)
2020-08-27 00:00:00
Security update for dovecot23 (important)
2021-01-16 00:00:00
prion
prion
Out-of-bounds
2020-08-12 16:15:00
Cross site request forgery (csrf)
2020-08-12 16:15:00
Design/Logic Flaw
2020-08-12 16:15:00
hackerone
hackerone
redhatcve
redhatcve
debiancve
debiancve
veracode
veracode
Denial Of Service (DoS)
2020-08-18 08:31:42
Denial Of Service (DoS)
2020-08-18 08:31:49
Denial Of Service (DoS)
2020-08-18 08:22:29
cve
cve
alpinelinux
alpinelinux
ubuntucve
ubuntucve
cloudlinux
cloudlinux
Fix of CVE: CVE-2020-25275, CVE-2020-12100
2021-10-07 15:19:39
Fix of CVE: CVE-2020-25275, CVE-2020-12100
2021-10-18 16:15:45
zdt
zdt
Dovecot 2.3.11.3 Denial Of Service Vulnerability
2021-01-07 00:00:00
archlinux
archlinux
[ASA-202101-4] dovecot: multiple issues
2021-01-04 00:00:00
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related for ELSA-2020-3617