Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 496
Alerts This Week
Warning Icon 1 496

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -8 articles for you...
100

SUSE: 2021:0029-1 Critical Security Update for Dovecot23 Released

An update that fixes three vulnerabilities is now available. . SUSE Security Update: Security update for dovecot23 ______________________________________________________________________________ Announcement ID: SUSE-SU-2021:0029-1 Rating: important References: #1174920 #1180405 #1180406 Cross-References: CVE-2020-12100 CVE-2020-24386 CVE-2020-25275 Affected Products: SUSE Linux Enterprise Server for SAP 15 SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise High Performance Computing 15-LTSS SUSE Linux Enterprise High Performance Computing 15-ESPOS ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: This update for dovecot23 fixes the following issues: Security issues fixed: - CVE-2020-12100: Fixed a resource exhaustion caused by deeply nested MIME parts (bsc#1174920). - CVE-2020-24386: Fixed an issue with IMAP hibernation that allowed users to access other users' emails (bsc#1180405). - CVE-2020-25275: Fixed a crash when the 10000th MIME part was message/rfc822 (bsc#1180406). Non-security issues fixed: - Pigeonhole was updated to version 0.5.11. - Dovecot was updated to version 2.3.11.3. Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 15: zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2021-29=1 - SUSE Linux Enterprise Server 15-LTSS: zypper in -t patch SUSE-SLE-Product-SLES-15-2021-29=1 - SUSE Linux Enterprise High Performance Computing 15-LTSS: zypper in -t patch SUSE-SLE-Product-HPC-15-2021-29=1 - SUSE Linux Enterprise High Performance Computing 15-ESPOS: zypper in -tpatch SUSE-SLE-Product-HPC-15-2021-29=1 Package List: - SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64): dovecot23-2.3.11.3-4.32.1 dovecot23-backend-mysql-2.3.11.3-4.32.1 dovecot23-backend-mysql-debuginfo-2.3.11.3-4.32.1 dovecot23-backend-pgsql-2.3.11.3-4.32.1 dovecot23-backend-pgsql-debuginfo-2.3.11.3-4.32.1 dovecot23-backend-sqlite-2.3.11.3-4.32.1 dovecot23-backend-sqlite-debuginfo-2.3.11.3-4.32.1 dovecot23-debuginfo-2.3.11.3-4.32.1 dovecot23-debugsource-2.3.11.3-4.32.1 dovecot23-devel-2.3.11.3-4.32.1 dovecot23-fts-2.3.11.3-4.32.1 dovecot23-fts-debuginfo-2.3.11.3-4.32.1 dovecot23-fts-lucene-2.3.11.3-4.32.1 dovecot23-fts-lucene-debuginfo-2.3.11.3-4.32.1 dovecot23-fts-solr-2.3.11.3-4.32.1 dovecot23-fts-solr-debuginfo-2.3.11.3-4.32.1 dovecot23-fts-squat-2.3.11.3-4.32.1 dovecot23-fts-squat-debuginfo-2.3.11.3-4.32.1 - SUSE Linux Enterprise Server 15-LTSS (aarch64 s390x): dovecot23-2.3.11.3-4.32.1 dovecot23-backend-mysql-2.3.11.3-4.32.1 dovecot23-backend-mysql-debuginfo-2.3.11.3-4.32.1 dovecot23-backend-pgsql-2.3.11.3-4.32.1 dovecot23-backend-pgsql-debuginfo-2.3.11.3-4.32.1 dovecot23-backend-sqlite-2.3.11.3-4.32.1 dovecot23-backend-sqlite-debuginfo-2.3.11.3-4.32.1 dovecot23-debuginfo-2.3.11.3-4.32.1 dovecot23-debugsource-2.3.11.3-4.32.1 dovecot23-devel-2.3.11.3-4.32.1 dovecot23-fts-2.3.11.3-4.32.1 dovecot23-fts-debuginfo-2.3.11.3-4.32.1 dovecot23-fts-lucene-2.3.11.3-4.32.1 dovecot23-fts-lucene-debuginfo-2.3.11.3-4.32.1 dovecot23-fts-solr-2.3.11.3-4.32.1 dovecot23-fts-solr-debuginfo-2.3.11.3-4.32.1 dovecot23-fts-squat-2.3.11.3-4.32.1 dovecot23-fts-squat-debuginfo-2.3.11.3-4.32.1 - SUSE Linux Enterprise High Performance Computing 15-LTSS (aarch64 x86_64): dovecot23-2.3.11.3-4.32.1 dovecot23-backend-mysql-2.3.11.3-4.32.1 dovecot23-backend-mysql-debuginfo-2.3.11.3-4.32.1 dovecot23-backend-pgsql-2.3.11.3-4.32.1 dovecot23-backend-pgsql-debuginfo-2.3.11.3-4.32.1 dovecot23-backend-sqlite-2.3.11.3-4.32.1 dovecot23-backend-sqlite-debuginfo-2.3.11.3-4.32.1 dovecot23-debuginfo-2.3.11.3-4.32.1 dovecot23-debugsource-2.3.11.3-4.32.1 dovecot23-devel-2.3.11.3-4.32.1 dovecot23-fts-2.3.11.3-4.32.1 dovecot23-fts-debuginfo-2.3.11.3-4.32.1 dovecot23-fts-lucene-2.3.11.3-4.32.1 dovecot23-fts-lucene-debuginfo-2.3.11.3-4.32.1 dovecot23-fts-solr-2.3.11.3-4.32.1 dovecot23-fts-solr-debuginfo-2.3.11.3-4.32.1 dovecot23-fts-squat-2.3.11.3-4.32.1 dovecot23-fts-squat-debuginfo-2.3.11.3-4.32.1 - SUSE Linux Enterprise High Performance Computing 15-ESPOS (aarch64 x86_64): dovecot23-2.3.11.3-4.32.1 dovecot23-backend-mysql-2.3.11.3-4.32.1 dovecot23-backend-mysql-debuginfo-2.3.11.3-4.32.1 dovecot23-backend-pgsql-2.3.11.3-4.32.1 dovecot23-backend-pgsql-debuginfo-2.3.11.3-4.32.1 dovecot23-backend-sqlite-2.3.11.3-4.32.1 dovecot23-backend-sqlite-debuginfo-2.3.11.3-4.32.1 dovecot23-debuginfo-2.3.11.3-4.32.1 dovecot23-debugsource-2.3.11.3-4.32.1 dovecot23-devel-2.3.11.3-4.32.1 dovecot23-fts-2.3.11.3-4.32.1 dovecot23-fts-debuginfo-2.3.11.3-4.32.1 dovecot23-fts-lucene-2.3.11.3-4.32.1 dovecot23-fts-lucene-debuginfo-2.3.11.3-4.32.1 dovecot23-fts-solr-2.3.11.3-4.32.1 dovecot23-fts-solr-debuginfo-2.3.11.3-4.32.1 dovecot23-fts-squat-2.3.11.3-4.32.1 dovecot23-fts-squat-debuginfo-2.3.11.3-4.32.1 References: https://www.suse.com/security/cve/CVE-2020-12100.html https://www.suse.com/security/cve/CVE-2020-24386.html https://www.suse.com/security/cve/CVE-2020-25275.html https://bugzilla.suse.com/1174920 https://bugzilla.suse.com/1180405 https://bugzilla.suse.com/1180406 . Critical SUSE patch for dovecot23 addresses several vulnerabilities. Discover the changesand impacted versions.. SUSE Linux, dovecot23, resource exhaustion, IMAP access, security fix. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jan 05, 2021 Important SuSE
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200