Overview

File _patchinfo of Package patchinfo.10738

<patchinfo incident="10738">
  <issue tracker="bnc" id="1123022">VUL-0: CVE-2019-3814: dovecot: Vulnerability in Dovecot related to SSL client certificate authentication</issue>
  <issue tracker="bnc" id="1111789">Dovecot managesieve(pigeonhole)-issue with Sogo-Groupware</issue>
  <issue tracker="bnc" id="1130116">VUL-0: CVE-2019-7524: dovecot,dovecot23,dovecot22: FTS or POP3-UIDL header from dovecot index overflow</issue>
  <issue tracker="cve" id="2019-7524"/>
  <issue tracker="cve" id="2019-3814"/>
  <category>security</category>
  <rating>important</rating>
  <packager>varkoly</packager>
  <description>This update for dovecot22 fixes the following issues:

Security issues fixed: 

- CVE-2019-7524: Fixed an improper file handling which could result in stack overflow allowing 
  local root escalation (bsc#1130116).
- CVE-2019-3814: Fixed a vulnerability related to SSL client certificate authentication (bsc#1123022).

Other issue fixed: 
- Fixed handling of command continuation(bsc#1111789)
</description>
  <summary>Security update for dovecot22</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places