FEDORA-2021-c90cb486f7 created by mhlavink 4 months ago for Fedora 32
stable

fix rundir location


  • dovecot updated to 2.3.13, pigeonhole to 0.5.13
  • CVE-2020-24386: Specially crafted command can cause IMAP hibernate to allow logged in user to access other people's emails and filesystem information.
  • Metric filter and global event filter variable syntax changed to a SQL-like format.
  • auth: Added new aliases for %{variables}. Usage of the old ones is possible, but discouraged.
  • auth: Removed RPA auth mechanism, SKEY auth mechanism, NTLM auth mechanism and related password schemes.
  • auth: Removed passdb-sia, passdb-vpopmail and userdb-vpopmail.
  • auth: Removed postfix postmap socket

How to install

sudo dnf upgrade --advisory=FEDORA-2021-c90cb486f7

This update has been submitted for testing by mhlavink.

4 months ago

This update's test gating status has been changed to 'ignored'.

4 months ago

This update's test gating status has been changed to 'waiting'.

4 months ago

This update's test gating status has been changed to 'ignored'.

4 months ago
User Icon rdtcustomercare commented & provided feedback 4 months ago
karma

TLS Bug seems to be fixed.. Update is working correctly as far as i can see on our cluster.

This update has been pushed to testing.

4 months ago

This update has obsoleted dovecot-2.3.13-1.fc32, and has inherited its bugs and notes.

4 months ago
User Icon imsedgar provided feedback 4 months ago
karma

This update can be pushed to stable now if the maintainer wishes

4 months ago

This update has been submitted for stable by mhlavink.

4 months ago

This update has been pushed to stable.

4 months ago

Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
2
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
7 days
Dates
submitted
4 months ago
in testing
4 months ago
in stable
4 months ago
BZ#1882939 dovecot fails to start with "key too small" - mkcert use too short bit length
0
0
BZ#1912455 CVE-2020-24386 dovecot: IMAP hibernation function allows mail access
0
0
BZ#1912456 CVE-2020-24386 dovecot: IMAP hibernation function allows mail access [fedora-all]
0
0
BZ#1912460 CVE-2020-25275 dovecot: Denial of service via mail MIME parsing
0
0
BZ#1912461 CVE-2020-25275 dovecot: Denial of service via mail MIME parsing [fedora-all]
0
0

Automated Test Results