Security update for dovecot22
This update for dovecot22 fixes the following issues:
Security issues fixed:
- CVE-2019-7524: Fixed an improper file handling which could result in stack overflow allowing
local root escalation (bsc#1130116).
- CVE-2019-3814: Fixed a vulnerability related to SSL client certificate authentication (bsc#1123022).
Other issue fixed:
- Fixed handling of command continuation (bsc#1111789).
This update was imported from the SUSE:SLE-12:Update update project.
-
Submitted by
Peter Varkoly (varkoly)
Fixed bugs
bnc#1123022
VUL-0: CVE-2019-3814: dovecot: Vulnerability in Dovecot related to SSL client certificate authentication
bnc#1111789
Dovecot managesieve(pigeonhole)-issue with Sogo-Groupware
bnc#1130116
VUL-0: CVE-2019-7524: dovecot,dovecot23,dovecot22: FTS or POP3-UIDL header from dovecot index overflow
