{"type":"TYPE_SECURITY","shortCode":"RL","name":"RLSA-2022:7623","synopsis":"Moderate: dovecot security update","severity":"SEVERITY_MODERATE","topic":"An update for dovecot is now available for Rocky Linux 8.\nRocky Enterprise Software Foundation Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.","description":"Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. \nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\nAdditional Changes:\nFor detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section.","solution":null,"affectedProducts":["Rocky Linux 8"],"fixes":[{"ticket":"2105070","sourceBy":"Red Hat","sourceLink":"https:\/\/bugzilla.redhat.com\/show_bug.cgi?id=2105070","description":"CVE-2022-30550 dovecot: Privilege escalation when similar master and non-master passdbs are used"}],"cves":[{"name":"CVE-2022-30550","sourceBy":"Red Hat","sourceLink":"https:\/\/access.redhat.com\/hydra\/rest\/securitydata\/cve\/CVE-2022-30550.json","cvss3ScoringVector":"CVSS:3.1\/AV:N\/AC:H\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:N","cvss3BaseScore":"6.8","cwe":"CWE-284"}],"references":[],"publishedAt":"2022-11-13T07:54:01.468864Z","rpms":{},"rebootSuggested":false}