Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2020:2274-1

Опубликовано: 19 авг. 2020
Источник: suse-cvrf

Описание

Security update for dovecot22

This update for dovecot22 fixes the following issues:

  • CVE-2020-12673: improper implementation of NTLM does not check message buffer size (bsc#1174922).
  • CVE-2020-12674: improper implementation of RPA mechanism (bsc#1174923).

Список пакетов

HPE Helion OpenStack 8
dovecot22-2.2.31-19.22.1
dovecot22-backend-mysql-2.2.31-19.22.1
dovecot22-backend-pgsql-2.2.31-19.22.1
dovecot22-backend-sqlite-2.2.31-19.22.1
SUSE Enterprise Storage 5
dovecot22-2.2.31-19.22.1
dovecot22-backend-mysql-2.2.31-19.22.1
dovecot22-backend-pgsql-2.2.31-19.22.1
dovecot22-backend-sqlite-2.2.31-19.22.1
SUSE Linux Enterprise Server 12 SP2-BCL
dovecot22-2.2.31-19.22.1
dovecot22-backend-mysql-2.2.31-19.22.1
dovecot22-backend-pgsql-2.2.31-19.22.1
dovecot22-backend-sqlite-2.2.31-19.22.1
SUSE Linux Enterprise Server 12 SP2-LTSS
dovecot22-2.2.31-19.22.1
dovecot22-backend-mysql-2.2.31-19.22.1
dovecot22-backend-pgsql-2.2.31-19.22.1
dovecot22-backend-sqlite-2.2.31-19.22.1
SUSE Linux Enterprise Server 12 SP3-BCL
dovecot22-2.2.31-19.22.1
dovecot22-backend-mysql-2.2.31-19.22.1
dovecot22-backend-pgsql-2.2.31-19.22.1
dovecot22-backend-sqlite-2.2.31-19.22.1
SUSE Linux Enterprise Server 12 SP3-LTSS
dovecot22-2.2.31-19.22.1
dovecot22-backend-mysql-2.2.31-19.22.1
dovecot22-backend-pgsql-2.2.31-19.22.1
dovecot22-backend-sqlite-2.2.31-19.22.1
SUSE Linux Enterprise Server 12 SP4-LTSS
dovecot22-2.2.31-19.22.1
dovecot22-backend-mysql-2.2.31-19.22.1
dovecot22-backend-pgsql-2.2.31-19.22.1
dovecot22-backend-sqlite-2.2.31-19.22.1
SUSE Linux Enterprise Server 12 SP5
dovecot22-2.2.31-19.22.1
dovecot22-backend-mysql-2.2.31-19.22.1
dovecot22-backend-pgsql-2.2.31-19.22.1
dovecot22-backend-sqlite-2.2.31-19.22.1
SUSE Linux Enterprise Server for SAP Applications 12 SP2
dovecot22-2.2.31-19.22.1
dovecot22-backend-mysql-2.2.31-19.22.1
dovecot22-backend-pgsql-2.2.31-19.22.1
dovecot22-backend-sqlite-2.2.31-19.22.1
SUSE Linux Enterprise Server for SAP Applications 12 SP3
dovecot22-2.2.31-19.22.1
dovecot22-backend-mysql-2.2.31-19.22.1
dovecot22-backend-pgsql-2.2.31-19.22.1
dovecot22-backend-sqlite-2.2.31-19.22.1
SUSE Linux Enterprise Server for SAP Applications 12 SP4
dovecot22-2.2.31-19.22.1
dovecot22-backend-mysql-2.2.31-19.22.1
dovecot22-backend-pgsql-2.2.31-19.22.1
dovecot22-backend-sqlite-2.2.31-19.22.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
dovecot22-2.2.31-19.22.1
dovecot22-backend-mysql-2.2.31-19.22.1
dovecot22-backend-pgsql-2.2.31-19.22.1
dovecot22-backend-sqlite-2.2.31-19.22.1
SUSE Linux Enterprise Software Development Kit 12 SP5
dovecot22-devel-2.2.31-19.22.1
SUSE OpenStack Cloud 7
dovecot22-2.2.31-19.22.1
dovecot22-backend-mysql-2.2.31-19.22.1
dovecot22-backend-pgsql-2.2.31-19.22.1
dovecot22-backend-sqlite-2.2.31-19.22.1
SUSE OpenStack Cloud 8
dovecot22-2.2.31-19.22.1
dovecot22-backend-mysql-2.2.31-19.22.1
dovecot22-backend-pgsql-2.2.31-19.22.1
dovecot22-backend-sqlite-2.2.31-19.22.1
SUSE OpenStack Cloud 9
dovecot22-2.2.31-19.22.1
dovecot22-backend-mysql-2.2.31-19.22.1
dovecot22-backend-pgsql-2.2.31-19.22.1
dovecot22-backend-sqlite-2.2.31-19.22.1
SUSE OpenStack Cloud Crowbar 8
dovecot22-2.2.31-19.22.1
dovecot22-backend-mysql-2.2.31-19.22.1
dovecot22-backend-pgsql-2.2.31-19.22.1
dovecot22-backend-sqlite-2.2.31-19.22.1
SUSE OpenStack Cloud Crowbar 9
dovecot22-2.2.31-19.22.1
dovecot22-backend-mysql-2.2.31-19.22.1
dovecot22-backend-pgsql-2.2.31-19.22.1
dovecot22-backend-sqlite-2.2.31-19.22.1

Ссылки

Описание

In Dovecot before 2.3.11.3, sending a specially formatted NTLM request will crash the auth service because of an out-of-bounds read.

Затронутые продукты
HPE Helion OpenStack 8:dovecot22-2.2.31-19.22.1
HPE Helion OpenStack 8:dovecot22-backend-mysql-2.2.31-19.22.1
HPE Helion OpenStack 8:dovecot22-backend-pgsql-2.2.31-19.22.1
HPE Helion OpenStack 8:dovecot22-backend-sqlite-2.2.31-19.22.1
Ссылки

Описание

In Dovecot before 2.3.11.3, sending a specially formatted RPA request will crash the auth service because a length of zero is mishandled.

Затронутые продукты
HPE Helion OpenStack 8:dovecot22-2.2.31-19.22.1
HPE Helion OpenStack 8:dovecot22-backend-mysql-2.2.31-19.22.1
HPE Helion OpenStack 8:dovecot22-backend-pgsql-2.2.31-19.22.1
HPE Helion OpenStack 8:dovecot22-backend-sqlite-2.2.31-19.22.1
Ссылки
Уязвимость SUSE-SU-2020:2274-1