Описание
Security update for dovecot22
This update for dovecot22 fixes one issue.
This security issue was fixed:
- CVE-2017-15132: An abort of SASL authentication resulted in a memory leak in dovecot's auth client used by login processes. The leak has impact in high performance configuration where same login processes are reused and can cause the process to crash due to memory exhaustion (bsc#1075608).
This update was imported from the SUSE:SLE-12:Update update project.
Список пакетов
openSUSE Leap 42.3
dovecot22-2.2.31-2.3.1
dovecot22-backend-mysql-2.2.31-2.3.1
dovecot22-backend-pgsql-2.2.31-2.3.1
dovecot22-backend-sqlite-2.2.31-2.3.1
dovecot22-devel-2.2.31-2.3.1
dovecot22-fts-2.2.31-2.3.1
dovecot22-fts-lucene-2.2.31-2.3.1
dovecot22-fts-solr-2.2.31-2.3.1
dovecot22-fts-squat-2.2.31-2.3.1
Ссылки
- E-Mail link for openSUSE-SU-2018:0492-1
- SUSE Security Ratings
Описание
A flaw was found in dovecot 2.0 up to 2.2.33 and 2.3.0. An abort of SASL authentication results in a memory leak in dovecot's auth client used by login processes. The leak has impact in high performance configuration where same login processes are reused and can cause the process to crash due to memory exhaustion.
Затронутые продукты
openSUSE Leap 42.3:dovecot22-2.2.31-2.3.1
openSUSE Leap 42.3:dovecot22-backend-mysql-2.2.31-2.3.1
openSUSE Leap 42.3:dovecot22-backend-pgsql-2.2.31-2.3.1
openSUSE Leap 42.3:dovecot22-backend-sqlite-2.2.31-2.3.1
Ссылки
- CVE-2017-15132
- SUSE Bug 1075608