Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP2:GA
patchinfo.4673
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.4673
<patchinfo incident="4673"> <issue id="854512" tracker="bnc">VUL-1: dovecot, dovecot21, dovecot22: insecure openssl cipher suite</issue> <issue id="1032248" tracker="bnc">VUL-0: CVE-2017-2669: dovecot: DoS when passdb dict was used for authentication</issue> <issue id="932386" tracker="bnc">dovecot does not start after update</issue> <issue id="2017-2669" tracker="cve" /> <category>security</category> <rating>moderate</rating> <packager>darix</packager> <description> This update for dovecot22 to version 2.2.29.1 fixes the following issues: This security issue was fixed: - CVE-2017-2669: Don't double-expand %variables in keys. If dict was used as the authentication passdb, using specially crafted %variables in the username could be used to cause DoS (bsc#1032248) Additionally stronger SSL default ciphers are now used. This non-security issue was fixed: - Remove all references /etc/ssl/certs/. It should not be used anymore (bsc#932386) More changes are available in the changelog. Please make sure you read README.SUSE after installing this update. </description> <summary>Security update for dovecot22</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor