SUSE-SU-2021:2122-1
- Source
- https://www.suse.com/support/update/announcement/2021/suse-su-20212122-1/
- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2021:2122-1.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/SUSE-SU-2021:2122-1
- Related
- Published
- 2021-06-22T12:13:42Z
- Modified
- 2021-06-22T12:13:42Z
- Summary
- Security update for dovecot23
- Details
-
This update for dovecot23 fixes the following issues:
- CVE-2021-29157: Local attacker can login as any user and access their emails (bsc#1187418)
- CVE-2021-33515: Attacker can potentially steal user credentials and mails (bsc#1187419)
- References
Affected packages
SUSE:Linux Enterprise High Performance Computing 15-ESPOS / dovecot23
Package
- Name
- dovecot23
- Purl
- pkg:rpm/suse/dovecot23&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-ESPOS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.3.11.3-4.35.1
Ecosystem specific
{
"binaries": [
{
"dovecot23-fts-lucene": "2.3.11.3-4.35.1",
"dovecot23-devel": "2.3.11.3-4.35.1",
"dovecot23-backend-pgsql": "2.3.11.3-4.35.1",
"dovecot23-fts": "2.3.11.3-4.35.1",
"dovecot23": "2.3.11.3-4.35.1",
"dovecot23-backend-sqlite": "2.3.11.3-4.35.1",
"dovecot23-backend-mysql": "2.3.11.3-4.35.1",
"dovecot23-fts-solr": "2.3.11.3-4.35.1",
"dovecot23-fts-squat": "2.3.11.3-4.35.1"
}
]
}
SUSE:Linux Enterprise High Performance Computing 15-LTSS / dovecot23
Package
- Name
- dovecot23
- Purl
- pkg:rpm/suse/dovecot23&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.3.11.3-4.35.1
Ecosystem specific
{
"binaries": [
{
"dovecot23-fts-lucene": "2.3.11.3-4.35.1",
"dovecot23-devel": "2.3.11.3-4.35.1",
"dovecot23-backend-pgsql": "2.3.11.3-4.35.1",
"dovecot23-fts": "2.3.11.3-4.35.1",
"dovecot23": "2.3.11.3-4.35.1",
"dovecot23-backend-sqlite": "2.3.11.3-4.35.1",
"dovecot23-backend-mysql": "2.3.11.3-4.35.1",
"dovecot23-fts-solr": "2.3.11.3-4.35.1",
"dovecot23-fts-squat": "2.3.11.3-4.35.1"
}
]
}
SUSE:Linux Enterprise Server 15-LTSS / dovecot23
Package
- Name
- dovecot23
- Purl
- pkg:rpm/suse/dovecot23&distro=SUSE%20Linux%20Enterprise%20Server%2015-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.3.11.3-4.35.1
Ecosystem specific
{
"binaries": [
{
"dovecot23-fts-lucene": "2.3.11.3-4.35.1",
"dovecot23-devel": "2.3.11.3-4.35.1",
"dovecot23-backend-pgsql": "2.3.11.3-4.35.1",
"dovecot23-fts": "2.3.11.3-4.35.1",
"dovecot23": "2.3.11.3-4.35.1",
"dovecot23-backend-sqlite": "2.3.11.3-4.35.1",
"dovecot23-backend-mysql": "2.3.11.3-4.35.1",
"dovecot23-fts-solr": "2.3.11.3-4.35.1",
"dovecot23-fts-squat": "2.3.11.3-4.35.1"
}
]
}
SUSE:Linux Enterprise Server for SAP Applications 15 / dovecot23
Package
- Name
- dovecot23
- Purl
- pkg:rpm/suse/dovecot23&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.3.11.3-4.35.1
Ecosystem specific
{
"binaries": [
{
"dovecot23-fts-lucene": "2.3.11.3-4.35.1",
"dovecot23-devel": "2.3.11.3-4.35.1",
"dovecot23-backend-pgsql": "2.3.11.3-4.35.1",
"dovecot23-fts": "2.3.11.3-4.35.1",
"dovecot23": "2.3.11.3-4.35.1",
"dovecot23-backend-sqlite": "2.3.11.3-4.35.1",
"dovecot23-backend-mysql": "2.3.11.3-4.35.1",
"dovecot23-fts-solr": "2.3.11.3-4.35.1",
"dovecot23-fts-squat": "2.3.11.3-4.35.1"
}
]
}