SUSE-SU-2018:0466-1

See a problem?
Please try reporting it to the source first.

Source

https://www.suse.com/support/update/announcement/2018/suse-su-20180466-1/

Import Source

https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2018:0466-1.json

JSON Data

https://api.test.osv.dev/v1/vulns/SUSE-SU-2018:0466-1

Related

CVE-2017-15132

Published

2018-02-16T14:59:05Z

Modified

2018-02-16T14:59:05Z

Summary

Security update for dovecot22

Details

This update for dovecot22 fixes one issue.

This security issue was fixed:

CVE-2017-15132: An abort of SASL authentication resulted in a memory leak in dovecot's auth client used by login processes. The leak has impact in high performance configuration where same login processes are reused and can cause the process to crash due to memory exhaustion (bsc#1075608).

References

Affected packages

SUSE:Linux Enterprise Server for Raspberry Pi 12 SP2 / dovecot22

Package

Name: dovecot22
Purl: pkg:rpm/suse/dovecot22&distro=SUSE%20Linux%20Enterprise%20Server%20for%20Raspberry%20Pi%2012%20SP2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.2.31-19.5.1

Ecosystem specific

{
    "binaries": [
        {
            "dovecot22-backend-pgsql": "2.2.31-19.5.1",
            "dovecot22-backend-sqlite": "2.2.31-19.5.1",
            "dovecot22": "2.2.31-19.5.1",
            "dovecot22-backend-mysql": "2.2.31-19.5.1"
        }
    ]
}

SUSE:Linux Enterprise Software Development Kit 12 SP2 / dovecot22

Package

Name: dovecot22
Purl: pkg:rpm/suse/dovecot22&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.2.31-19.5.1

Ecosystem specific

{
    "binaries": [
        {
            "dovecot22-devel": "2.2.31-19.5.1"
        }
    ]
}

SUSE:Linux Enterprise Software Development Kit 12 SP3 / dovecot22

Package

Name: dovecot22
Purl: pkg:rpm/suse/dovecot22&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.2.31-19.5.1

Ecosystem specific

{
    "binaries": [
        {
            "dovecot22-devel": "2.2.31-19.5.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP2 / dovecot22

Package

Name: dovecot22
Purl: pkg:rpm/suse/dovecot22&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.2.31-19.5.1

Ecosystem specific

{
    "binaries": [
        {
            "dovecot22-backend-pgsql": "2.2.31-19.5.1",
            "dovecot22-backend-sqlite": "2.2.31-19.5.1",
            "dovecot22": "2.2.31-19.5.1",
            "dovecot22-backend-mysql": "2.2.31-19.5.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP2 / dovecot22

Package

Name: dovecot22
Purl: pkg:rpm/suse/dovecot22&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.2.31-19.5.1

Ecosystem specific

{
    "binaries": [
        {
            "dovecot22-backend-pgsql": "2.2.31-19.5.1",
            "dovecot22-backend-sqlite": "2.2.31-19.5.1",
            "dovecot22": "2.2.31-19.5.1",
            "dovecot22-backend-mysql": "2.2.31-19.5.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP3 / dovecot22

Package

Name: dovecot22
Purl: pkg:rpm/suse/dovecot22&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.2.31-19.5.1

Ecosystem specific

{
    "binaries": [
        {
            "dovecot22-backend-pgsql": "2.2.31-19.5.1",
            "dovecot22-backend-sqlite": "2.2.31-19.5.1",
            "dovecot22": "2.2.31-19.5.1",
            "dovecot22-backend-mysql": "2.2.31-19.5.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP3 / dovecot22

Package

Name: dovecot22
Purl: pkg:rpm/suse/dovecot22&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.2.31-19.5.1

Ecosystem specific

{
    "binaries": [
        {
            "dovecot22-backend-pgsql": "2.2.31-19.5.1",
            "dovecot22-backend-sqlite": "2.2.31-19.5.1",
            "dovecot22": "2.2.31-19.5.1",
            "dovecot22-backend-mysql": "2.2.31-19.5.1"
        }
    ]
}