\{'type': 'Security', 'shortCode': 'RL', 'name': 'RLSA-2022:1950', 'synopsis': 'Moderate: dovecot security update', 'severity': 'Moderate', 'topic': 'An update for dovecot is now available for Rocky Linux 8.\nRocky Linux Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.', 'description': 'Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. \nThe following packages have been upgraded to a later upstream version: dovecot (2.3.16). (BZ#1980014)\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\nAdditional Changes:\nFor detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section.', 'solution': None, 'affectedProducts': ['Rocky Linux 8'], 'fixes': ['1973610', '1974508'], 'cves': ['Red Hat:::https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33515.json:::CVE-2021-33515'], 'references': [], 'publishedAt': '2022-05-18T19:45:00.249923Z', 'rpms': ['dovecot-2.3.16-2.el8.aarch64.rpm', 'dovecot-2.3.16-2.el8.i686.rpm', 'dovecot-2.3.16-2.el8.src.rpm', 'dovecot-2.3.16-2.el8.x86_64.rpm', 'dovecot-debuginfo-2.3.16-2.el8.aarch64.rpm', 'dovecot-debuginfo-2.3.16-2.el8.i686.rpm', 'dovecot-debuginfo-2.3.16-2.el8.x86_64.rpm', 'dovecot-debugsource-2.3.16-2.el8.aarch64.rpm', 'dovecot-debugsource-2.3.16-2.el8.i686.rpm', 'dovecot-debugsource-2.3.16-2.el8.x86_64.rpm', 'dovecot-devel-2.3.16-2.el8.aarch64.rpm', 'dovecot-devel-2.3.16-2.el8.i686.rpm', 'dovecot-devel-2.3.16-2.el8.x86_64.rpm', 'dovecot-mysql-2.3.16-2.el8.aarch64.rpm', 'dovecot-mysql-2.3.16-2.el8.x86_64.rpm', 'dovecot-mysql-debuginfo-2.3.16-2.el8.aarch64.rpm', 'dovecot-mysql-debuginfo-2.3.16-2.el8.x86_64.rpm', 'dovecot-pgsql-2.3.16-2.el8.aarch64.rpm', 'dovecot-pgsql-2.3.16-2.el8.x86_64.rpm', 'dovecot-pgsql-debuginfo-2.3.16-2.el8.aarch64.rpm', 'dovecot-pgsql-debuginfo-2.3.16-2.el8.x86_64.rpm', 'dovecot-pigeonhole-2.3.16-2.el8.aarch64.rpm', 'dovecot-pigeonhole-2.3.16-2.el8.x86_64.rpm', 'dovecot-pigeonhole-debuginfo-2.3.16-2.el8.aarch64.rpm', 'dovecot-pigeonhole-debuginfo-2.3.16-2.el8.x86_64.rpm']}\

Rocky Linux: RLSA-2022:1950 dovecot security update

September 2, 2022
An update for dovecot is now available for Rocky Linux 8. Rocky Linux Product Security has rated this update as having a security impact of Moderate

Summary

An update for dovecot is now available for Rocky Linux 8. Rocky Linux Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.


Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. The following packages have been upgraded to a later upstream version: dovecot (2.3.16). (BZ#1980014) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section.

RPMs

dovecot-2.3.16-2.el8.aarch64.rpm

dovecot-2.3.16-2.el8.i686.rpm

dovecot-2.3.16-2.el8.src.rpm

dovecot-2.3.16-2.el8.x86_64.rpm

dovecot-debuginfo-2.3.16-2.el8.aarch64.rpm

dovecot-debuginfo-2.3.16-2.el8.i686.rpm

dovecot-debuginfo-2.3.16-2.el8.x86_64.rpm

dovecot-debugsource-2.3.16-2.el8.aarch64.rpm

dovecot-debugsource-2.3.16-2.el8.i686.rpm

dovecot-debugsource-2.3.16-2.el8.x86_64.rpm

dovecot-devel-2.3.16-2.el8.aarch64.rpm

dovecot-devel-2.3.16-2.el8.i686.rpm

dovecot-devel-2.3.16-2.el8.x86_64.rpm

dovecot-mysql-2.3.16-2.el8.aarch64.rpm

dovecot-mysql-2.3.16-2.el8.x86_64.rpm

dovecot-mysql-debuginfo-2.3.16-2.el8.aarch64.rpm

dovecot-mysql-debuginfo-2.3.16-2.el8.x86_64.rpm

dovecot-pgsql-2.3.16-2.el8.aarch64.rpm

dovecot-pgsql-2.3.16-2.el8.x86_64.rpm

dovecot-pgsql-debuginfo-2.3.16-2.el8.aarch64.rpm

dovecot-pgsql-debuginfo-2.3.16-2.el8.x86_64.rpm

dovecot-pigeonhole-2.3.16-2.el8.aarch64.rpm

dovecot-pigeonhole-2.3.16-2.el8.x86_64.rpm

dovecot-pigeonhole-debuginfo-2.3.16-2.el8.aarch64.rpm

dovecot-pigeonhole-debuginfo-2.3.16-2.el8.x86_64.rpm

References

No References

CVEs

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33515.json

Severity
Name: RLSA-2022:1950
Affected Products: Rocky Linux 8

Fixes

https://bugzilla.redhat.com/show_bug.cgi?id=

https://bugzilla.redhat.com/show_bug.cgi?id=


Related News

Linux Mint 22: Elevating Security and Usability for Admins
3 - 5 min read
Linux Mint has has long been recognized as a versatile and user-friendly distribution and has earned great popularity among administrators and
Exim 4.98 Addresses Critical Vulnerabilities, Bolsters Email Server Security
2 - 4 min read
Exim is one of Unix-like systems' most widely used mail transfer agents. It's essential for email delivery and handling and is a significant part of
Recent OpenSSH RCE Bug Explained: Impact & Mitigations
2 - 4 min read
In an era where cybersecurity threats loom larger than ever, the discovery of a Remote Code Execution (RCE) vulnerability in OpenSSH by Qualys’
CVE-2024-4577: A Swiftly Weaponized Vulnerability for Ransomware Distribution
2 - 4 min read
Security researchers recently issued an update detailing how attackers are exploiting a PHP code execution vulnerability to spread TellYouThePass
Play Ransomware Group Unleashes New Threat on ESXi Environments: Analysis & Mitigation Strategies
3 - 5 min read
The Play ransomware group, well-known for its double-extortion tactics, recently unveiled a Linux variant targeting ESXi environments. This
Critical Linux Kernel Vulnerabilities Patched in Ubuntu Azure Systems
2 - 4 min read
Canonical has fixed several recently identified critical Linux kernel vulnerabilities in July 2024. These vulnerabilities primarily affect Microsoft
The Urgent Need for Secure Software Development: New Report Serves as a Wake-Up Call for the Industry
3 - 5 min read
The Linux Foundation and Open Source Security Foundation recently published a report entitled "Secure Software Development Education 2024
Severe Linux Kernel Privilege Escalation Bugs Could Compromise Entire Systems
2 - 4 min read
The Cybersecurity and Infrastructure Security Agency (CISA) recently added a new Linux kernel privilege escalation bug ( CVE-2024-1086 ) to its

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved