Lucene search

K
suseSuseOPENSUSE-SU-2019:2281-1
HistoryOct 07, 2019 - 12:00 a.m.

Security update for dovecot23 (important)

2019-10-0700:00:00
lists.opensuse.org
64

0.614 Medium

EPSS

Percentile

97.8%

An update that fixes three vulnerabilities is now available.

Description:

This update for dovecot23 fixes the following issues:

  • CVE-2019-11500: Fixed the NUL byte handling in IMAP and ManageSieve
    protocol parsers. (bsc#1145559)
  • CVE-2019-11499: Fixed a vulnerability where the submission-login would
    crash over a TLS secured channel (bsc#1133625).
  • CVE-2019-11494: Fixed a denial of service if the authentication is
    aborted by disconnecting (bsc#1133624).

This update was imported from the SUSE:SLE-15-SP1:Update update project.

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or β€œzypper patch”.

Alternatively you can run the command listed for your product:

  • openSUSE Leap 15.1:

    zypper in -t patch openSUSE-2019-2281=1

OSVersionArchitecturePackageVersionFilename
openSUSE Leap15.1x86_64<Β - openSUSE Leap 15.1 (x86_64):- openSUSE Leap 15.1 (x86_64):.x86_64.rpm