Описание
ELSA-2022-1950: dovecot security update (MODERATE)
[1:2.3.16-2]
- do not disable xz/lzma for now despite being deprecated
[1:2.3.16-1]
- dovecot updated to 2.3.16, pigeonhole to 0.5.16
- fix CVE-2021-33515 plaintext commands injection (#1980014)
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
dovecot
2.3.16-2.el8
dovecot-devel
2.3.16-2.el8
dovecot-mysql
2.3.16-2.el8
dovecot-pgsql
2.3.16-2.el8
dovecot-pigeonhole
2.3.16-2.el8
Oracle Linux x86_64
dovecot
2.3.16-2.el8
dovecot-devel
2.3.16-2.el8
dovecot-mysql
2.3.16-2.el8
dovecot-pgsql
2.3.16-2.el8
dovecot-pigeonhole
2.3.16-2.el8
Связанные CVE
Связанные уязвимости
The submission service in Dovecot before 2.3.15 allows STARTTLS command injection in lib-smtp. Sensitive information can be redirected to an attacker-controlled address.
The submission service in Dovecot before 2.3.15 allows STARTTLS command injection in lib-smtp. Sensitive information can be redirected to an attacker-controlled address.
The submission service in Dovecot before 2.3.15 allows STARTTLS command injection in lib-smtp. Sensitive information can be redirected to an attacker-controlled address.
The submission service in Dovecot before 2.3.15 allows STARTTLS command injection in lib-smtp. Sensitive information can be redirected to an attacker-controlled address.
The submission service in Dovecot before 2.3.15 allows STARTTLS comman ...