Описание
Security update for dovecot22
This update for dovecot22 fixes the following issues:
- CVE-2019-11500: Fixed a potential remote code execution in the IMAP and ManageSieve protocol parsers (bsc#1145559).
Список пакетов
HPE Helion OpenStack 8
dovecot22-2.2.31-19.17.1
dovecot22-backend-mysql-2.2.31-19.17.1
dovecot22-backend-pgsql-2.2.31-19.17.1
dovecot22-backend-sqlite-2.2.31-19.17.1
SUSE Enterprise Storage 4
dovecot22-2.2.31-19.17.1
dovecot22-backend-mysql-2.2.31-19.17.1
dovecot22-backend-pgsql-2.2.31-19.17.1
dovecot22-backend-sqlite-2.2.31-19.17.1
SUSE Enterprise Storage 5
dovecot22-2.2.31-19.17.1
dovecot22-backend-mysql-2.2.31-19.17.1
dovecot22-backend-pgsql-2.2.31-19.17.1
dovecot22-backend-sqlite-2.2.31-19.17.1
SUSE Linux Enterprise Server 12 SP1-LTSS
dovecot22-2.2.31-19.17.1
dovecot22-backend-mysql-2.2.31-19.17.1
dovecot22-backend-pgsql-2.2.31-19.17.1
dovecot22-backend-sqlite-2.2.31-19.17.1
SUSE Linux Enterprise Server 12 SP2-BCL
dovecot22-2.2.31-19.17.1
dovecot22-backend-mysql-2.2.31-19.17.1
dovecot22-backend-pgsql-2.2.31-19.17.1
dovecot22-backend-sqlite-2.2.31-19.17.1
SUSE Linux Enterprise Server 12 SP2-LTSS
dovecot22-2.2.31-19.17.1
dovecot22-backend-mysql-2.2.31-19.17.1
dovecot22-backend-pgsql-2.2.31-19.17.1
dovecot22-backend-sqlite-2.2.31-19.17.1
SUSE Linux Enterprise Server 12 SP3-BCL
dovecot22-2.2.31-19.17.1
dovecot22-backend-mysql-2.2.31-19.17.1
dovecot22-backend-pgsql-2.2.31-19.17.1
dovecot22-backend-sqlite-2.2.31-19.17.1
SUSE Linux Enterprise Server 12 SP3-LTSS
dovecot22-2.2.31-19.17.1
dovecot22-backend-mysql-2.2.31-19.17.1
dovecot22-backend-pgsql-2.2.31-19.17.1
dovecot22-backend-sqlite-2.2.31-19.17.1
SUSE Linux Enterprise Server 12 SP4
dovecot22-2.2.31-19.17.1
dovecot22-backend-mysql-2.2.31-19.17.1
dovecot22-backend-pgsql-2.2.31-19.17.1
dovecot22-backend-sqlite-2.2.31-19.17.1
SUSE Linux Enterprise Server 12 SP5
dovecot22-2.2.31-19.17.1
dovecot22-backend-mysql-2.2.31-19.17.1
dovecot22-backend-pgsql-2.2.31-19.17.1
dovecot22-backend-sqlite-2.2.31-19.17.1
SUSE Linux Enterprise Server for SAP Applications 12 SP1
dovecot22-2.2.31-19.17.1
dovecot22-backend-mysql-2.2.31-19.17.1
dovecot22-backend-pgsql-2.2.31-19.17.1
dovecot22-backend-sqlite-2.2.31-19.17.1
SUSE Linux Enterprise Server for SAP Applications 12 SP2
dovecot22-2.2.31-19.17.1
dovecot22-backend-mysql-2.2.31-19.17.1
dovecot22-backend-pgsql-2.2.31-19.17.1
dovecot22-backend-sqlite-2.2.31-19.17.1
SUSE Linux Enterprise Server for SAP Applications 12 SP3
dovecot22-2.2.31-19.17.1
dovecot22-backend-mysql-2.2.31-19.17.1
dovecot22-backend-pgsql-2.2.31-19.17.1
dovecot22-backend-sqlite-2.2.31-19.17.1
SUSE Linux Enterprise Server for SAP Applications 12 SP4
dovecot22-2.2.31-19.17.1
dovecot22-backend-mysql-2.2.31-19.17.1
dovecot22-backend-pgsql-2.2.31-19.17.1
dovecot22-backend-sqlite-2.2.31-19.17.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
dovecot22-2.2.31-19.17.1
dovecot22-backend-mysql-2.2.31-19.17.1
dovecot22-backend-pgsql-2.2.31-19.17.1
dovecot22-backend-sqlite-2.2.31-19.17.1
SUSE Linux Enterprise Software Development Kit 12 SP4
dovecot22-devel-2.2.31-19.17.1
SUSE Linux Enterprise Software Development Kit 12 SP5
dovecot22-devel-2.2.31-19.17.1
SUSE OpenStack Cloud 7
dovecot22-2.2.31-19.17.1
dovecot22-backend-mysql-2.2.31-19.17.1
dovecot22-backend-pgsql-2.2.31-19.17.1
dovecot22-backend-sqlite-2.2.31-19.17.1
SUSE OpenStack Cloud 8
dovecot22-2.2.31-19.17.1
dovecot22-backend-mysql-2.2.31-19.17.1
dovecot22-backend-pgsql-2.2.31-19.17.1
dovecot22-backend-sqlite-2.2.31-19.17.1
SUSE OpenStack Cloud Crowbar 8
dovecot22-2.2.31-19.17.1
dovecot22-backend-mysql-2.2.31-19.17.1
dovecot22-backend-pgsql-2.2.31-19.17.1
dovecot22-backend-sqlite-2.2.31-19.17.1
Ссылки
- Link for SUSE-SU-2019:2454-1
- E-Mail link for SUSE-SU-2019:2454-1
- SUSE Security Ratings
- SUSE Bug 1145559
- SUSE CVE CVE-2019-11500 page
Описание
In Dovecot before 2.2.36.4 and 2.3.x before 2.3.7.2 (and Pigeonhole before 0.5.7.2), protocol processing can fail for quoted strings. This occurs because '\0' characters are mishandled, and can lead to out-of-bounds writes and remote code execution.
Затронутые продукты
HPE Helion OpenStack 8:dovecot22-2.2.31-19.17.1
HPE Helion OpenStack 8:dovecot22-backend-mysql-2.2.31-19.17.1
HPE Helion OpenStack 8:dovecot22-backend-pgsql-2.2.31-19.17.1
HPE Helion OpenStack 8:dovecot22-backend-sqlite-2.2.31-19.17.1
Ссылки
- CVE-2019-11500
- SUSE Bug 1145559