dovecot-2.3.13-2.fc32
FEDORA-2021-c90cb486f7 created by mhlavink 2 weeks ago for Fedora 32
stable

fix rundir location

  • dovecot updated to 2.3.13, pigeonhole to 0.5.13
  • CVE-2020-24386: Specially crafted command can cause IMAP hibernate to allow logged in user to access other people's emails and filesystem information.
  • Metric filter and global event filter variable syntax changed to a SQL-like format.
  • auth: Added new aliases for %{variables}. Usage of the old ones is possible, but discouraged.
  • auth: Removed RPA auth mechanism, SKEY auth mechanism, NTLM auth mechanism and related password schemes.
  • auth: Removed passdb-sia, passdb-vpopmail and userdb-vpopmail.
  • auth: Removed postfix postmap socket

How to install

sudo dnf upgrade --advisory=FEDORA-2021-c90cb486f7

This update has been submitted for testing by mhlavink.

2 weeks ago

This update's test gating status has been changed to 'ignored'.

2 weeks ago

This update's test gating status has been changed to 'waiting'.

2 weeks ago

This update's test gating status has been changed to 'ignored'.

2 weeks ago
User Icon rdtcustomercare commented & provided feedback 2 weeks ago
karma

TLS Bug seems to be fixed.. Update is working correctly as far as i can see on our cluster.

This update has been pushed to testing.

2 weeks ago

This update has obsoleted dovecot-2.3.13-1.fc32, and has inherited its bugs and notes.

2 weeks ago
User Icon imsedgar provided feedback 2 weeks ago
karma

This update can be pushed to stable now if the maintainer wishes

2 weeks ago

This update has been submitted for stable by mhlavink.

4 days ago

This update has been pushed to stable.

3 days ago

Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
2
Signed
Content Type
RPM
Test Gating
Builds
1
dovecot-2.3.13-2.fc32
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
7 days
Dates
submitted
2 weeks ago
in testing
2 weeks ago
in stable
3 days ago
BZ#1882939 dovecot fails to start with "key too small" - mkcert use too short bit length
0
0
BZ#1912455 CVE-2020-24386 dovecot: IMAP hibernation function allows mail access
0
0
BZ#1912456 CVE-2020-24386 dovecot: IMAP hibernation function allows mail access [fedora-all]
0
0
BZ#1912460 CVE-2020-25275 dovecot: Denial of service via mail MIME parsing
0
0
BZ#1912461 CVE-2020-25275 dovecot: Denial of service via mail MIME parsing [fedora-all]
0
0

Automated Test Results

Copyright © 2007-2019 Red Hat, Inc. and others.

Running bodhi-5.6.1 on bodhi-web-88-grzbv.

bodhi is Free Software. Please file issues if you have any problems. Read the documentation.

Composes Legal Privacy policy