RHSA-2020:4655-01 -- Redhat cyrus-imapdID: oval:org.secpod.oval:def:504741 | Date: (C)2020-12-23 (M)2022-12-07 |
Class: PATCH | Family: unix |
The cyrus-imapd packages contain a high-performance mail server with IMAP, POP3, NNTP, and SIEVE support. Security Fix: * cyrus-imapd: privilege escalation in HTTP request * cyrus-imapd: lmtpd component created mailboxes with administrator privileges if the fileinto was used, bypassing ACL checks For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
Platform: |
Red Hat Enterprise Linux 8 |