pool/dovecot23
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

- add bugnumbers

Browse Source 
OBS-URL: https://build.opensuse.org/package/show/server:mail/dovecot23?expand=0&rev=72
This commit is contained in:
Marcus Rückert 2020-05-18 16:29:39 +00:00 committed by Git OBS Bridge
parent 28dac82f7b
commit 99d7c3bd24
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
dovecot23.changes
View File

@ -4,12 +4,13 @@ Mon May 18 14:04:52 UTC 2020 - Michael Ströder <michael@stroeder.com>
- update to 2.3.10.1 with security fixes for - update to 2.3.10.1 with security fixes for
* CVE-2020-10957: lmtp/submission: A client can crash the server by * CVE-2020-10957: lmtp/submission: A client can crash the server by
sending a NOOP command with an invalid string parameter. sending a NOOP command with an invalid string parameter.
(boo#1171457)
* CVE-2020-10958: lmtp/submission: Sending many invalid or unknown * CVE-2020-10958: lmtp/submission: Sending many invalid or unknown
commands can cause the server to access freed memory, which can lead commands can cause the server to access freed memory, which can lead
to a server crash. to a server crash. (boo#1171458)
* CVE-2020-10967: lmtp/submission: Issuing the RCPT command with an * CVE-2020-10967: lmtp/submission: Issuing the RCPT command with an
address that has the empty quoted string as local-part causes the address that has the empty quoted string as local-part causes the
lmtp service to crash. lmtp service to crash. (boo#1171456)
------------------------------------------------------------------- -------------------------------------------------------------------
Wed Apr 29 21:25:30 UTC 2020 - Marcus Rueckert <mrueckert@suse.de> Wed Apr 29 21:25:30 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>