Security update for dovecot22
This update for dovecot22 fixes one issue.
This security issue was fixed:
- CVE-2017-15132: An abort of SASL authentication resulted in a memory leak in
dovecot's auth client used by login processes. The leak has impact in high
performance configuration where same login processes are reused and can cause
the process to crash due to memory exhaustion (bsc#1075608).
This update was imported from the SUSE:SLE-12:Update update project.
-
Submitted by
Peter Varkoly (varkoly)
Fixed bugs
bnc#1075608
VUL-0: CVE-2017-15132: dovecot,dovecot22: auth client leaks memory if SASL authentication is aborted.
