Overview

File _patchinfo of Package patchinfo.12668

<patchinfo incident="12668">
  <issue tracker="bnc" id="1145559">VUL-0: CVE-2019-11500: dovecot22, dovecot23: IMAP and ManageSieve protocol parsers do not properly handle NUL byte</issue>
  <issue tracker="bnc" id="1133624">VUL-0: CVE-2019-11494: dovecot23: Submission-login crashes over aborted/disconected authentication</issue>
  <issue tracker="bnc" id="1133625">VUL-0: CVE-2019-11499: dovecot23: Submission-login crashes over TLS authentication</issue>
  <issue tracker="cve" id="2019-11499"/>
  <issue tracker="cve" id="2019-11494"/>
  <issue tracker="cve" id="2019-11500"/>
  <packager>varkoly</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for dovecot23</summary>
  <description>This update for dovecot23 fixes the following issue:

- CVE-2019-11500: Fixed the NUL byte handling in IMAP and ManageSieve protocol parsers. (bsc#1145559)
- CVE-2019-11499: Fixed a vulnerability where the submission-login would crash over a TLS secured channel (bsc#1133625).
- CVE-2019-11494: Fixed a denial of service if the authentication is aborted by disconnecting (bsc#1133624).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places