|
|
Subscribe / Log in / New account

Mageia alert MGASA-2019-0261 (dovecot)



From:
              Mageia Updates <buildsystem-daemon@mageia.org> 


To:
              updates-announce@ml.mageia.org 


Subject:
              [updates-announce] MGASA-2019-0261: Updated dovecot packages fix security vulnerability 


Date:
              Sun, 8 Sep 2019 16:10:00 +0200


Message-ID:
              <20190908141000.624F39F94D@duvel.mageia.org>


MGASA-2019-0261 - Updated dovecot packages fix security vulnerability

Publication date: 08 Sep 2019
URL: https://advisories.mageia.org/MGASA-2019-0261.html
Type: security
Affected Mageia releases: 6, 7
CVE: CVE-2019-11500

Description:
Updated dovecot packages fix security vulnerability:

IMAP protocol parser does not properly handle NUL byte when scanning data
in quoted strings, leading to out of bounds heap memory writes.

References:
- https://bugs.mageia.org/show_bug.cgi?id=25371
- https://dovecot.org/pipermail/dovecot/2019-August/116875....
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1...

SRPMS:
- 6/core/dovecot-2.2.36.4-1.mga6
- 7/core/dovecot-2.3.7.2-1.mga7
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds