ELSA-2020-1062 -- Oracle dovecot| ID: oval:org.secpod.oval:def:1504402 | Date: (C)2021-01-10 (M)2023-12-20 |
| Class: PATCH | Family: unix |
[1:2.2.36-6] - fix CVE-2019-11500: IMAP protocol parser does not properly handle NUL byte when scanning data in quoted strings, leading to out of bounds heap memory writes [1:2.2.36-5] - fix CVE-2019-3814: improper certificate validation - fix CVE-2019-7524: buffer overflow in indexer-worker process resulting in privilege escalation [1:2.2.36-4] - use portreserve to avoid port conflicts
