Updated dovecot packages fix security vulnerabilitiesPublication date: 24 May 2020
Affected Mageia releases : 7
CVE: CVE-2020-10957 , CVE-2020-10958 , CVE-2020-10967
Dovecot has been updated to fix several security issues. Sending malformed NOOP command causes crash in submission, submission-login or lmtp service (CVE-2020-10957). Sending command followed by sufficient number of newlines triggers a use-after-free bug that might crash submission-login, submission or lmtp service (CVE-2020-10958). Sending mail with empty quoted localpart causes submission or lmtp component to crash (CVE-2020-10967).