Lucene search

K
suseSuseOPENSUSE-SU-2021:0920-1
HistoryJun 25, 2021 - 12:00 a.m.

Security update for dovecot23 (important)

2021-06-2500:00:00
lists.opensuse.org
9

0.004 Low

EPSS

Percentile

72.3%

An update that fixes two vulnerabilities is now available.

Description:

This update for dovecot23 fixes the following issues:

  • CVE-2021-29157: Local attacker can login as any user and access their
    emails (bsc#1187418)
  • CVE-2021-33515: Attacker can potentially steal user credentials and
    mails (bsc#1187419)

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or β€œzypper patch”.

Alternatively you can run the command listed for your product:

  • openSUSE Leap 15.2:

    zypper in -t patch openSUSE-2021-920=1

OSVersionArchitecturePackageVersionFilename
openSUSE Leap15.2x86_64<Β - openSUSE Leap 15.2 (x86_64):- openSUSE Leap 15.2 (x86_64):.x86_64.rpm