stable

dovecot-2.2.16-2.fc21

FEDORA-2015-7089 created by mhlavink 7 years ago for Fedora 21

fixes CVE-2015-3420: SSL/TLS handshake failures leading to a crash of the login process - dovecot updated to 2.2.16 - auth: Don't crash if master user login is attempted without any configured master=yes passdbs - Parsing UTF-8 text for mails could have caused broken results sometimes if buffering was split in the middle of a UTF-8 character. This affected at least searching messages. - String sanitization for some logged output wasn't done properly: UTF-8 text could have been truncated wrongly or the truncation may not have happened at all. - fts-lucene: Lookups from virtual mailbox consisting of over 32 physical mailboxes could have caused crashes. - dovecot updated to 2.2.16 - auth: Don't crash if master user login is attempted without any configured master=yes passdbs - Parsing UTF-8 text for mails could have caused broken results sometimes if buffering was split in the middle of a UTF-8 character. This affected at least searching messages. - String sanitization for some logged output wasn't done properly: UTF-8 text could have been truncated wrongly or the truncation may not have happened at all. - fts-lucene: Lookups from virtual mailbox consisting of over 32 physical mailboxes could have caused crashes.

How to install

sudo dnf upgrade --refresh --advisory=FEDORA-2015-7089

This update has been submitted for testing by mhlavink.

7 years ago
User Icon taskotron commented 7 years ago

Taskotron: depcheck test PASSED on i386. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/63030/steps/runtask/logs/stdio (results are informative only)

User Icon taskotron commented 7 years ago

Taskotron: depcheck test PASSED on x86_64. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/63030/steps/runtask/logs/stdio (results are informative only)

This update is currently being pushed to the Fedora 21 testing updates repository.

7 years ago

This update has been pushed to testing

7 years ago

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

7 years ago
User Icon till commented & provided feedback 7 years ago
karma

no problems noticed

User Icon bradw commented & provided feedback 7 years ago
karma

Personal LAMP and mail server running GNOME. All OK.

This update has been submitted for stable by mhlavink.

7 years ago
User Icon taskotron commented 7 years ago

Taskotron: upgradepath test PASSED on noarch. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/71249/steps/runtask/logs/stdio (results are informative only)

This update is currently being pushed to the Fedora 21 stable updates repository.

7 years ago

This update has been pushed to stable

7 years ago

Please login to add feedback.

Metadata
Type
security
Karma
2
Signed
Content Type
RPM
Test Gating
Builds
1
dovecot-2.2.16-2.fc21
Settings
Unstable by Karma
-3
Stable by Karma
disabled
Stable by Time
disabled
Dates
submitted
7 years ago
in testing
7 years ago
in stable
7 years ago
BZ#1216057 CVE-2015-3420 dovecot: SSL/TLS handshake failures leading to a crash of the login process.
0
0
BZ#1216059 CVE-2015-3420 dovecot: SSL/TLS handshake failures leading to a crash of the login process. [fedora-all]
0
0
dovecot-2.2.16-2.fc21

Automated Test Results

None

Copyright © 2007-2023 Red Hat, Inc. and others.

Running bodhi-server 7.0.1 on bodhi-web-66-dxxtt.

bodhi is Free Software. Please file issues if you have any problems. Read the documentation.

Composes Legal Privacy policy