Commit Graph

2 Commits

Author SHA1 Message Date
Michal Hlavinka
91c7c1a6c5 dovecot updated to 2.3.15, pigeonhole updated to 0.5.15
CVE-2021-29157: Dovecot does not correctly escape kid and azp fields in
  JWT tokens. This may be used to supply attacker controlled keys to
  validate tokens, if attacker has local access (#1979833)
CVE-2021-33515: On-path attacker could have injected plaintext commands
  before STARTTLS negotiation that would be executed after STARTTLS
  finished with the client
Add TSLv1.3 support to min_protocols.
Resolves: #1979833
2021-07-21 11:29:52 +02:00
Petr Šabata
a4ed96afc1 RHEL 9.0.0 Alpha bootstrap
The content of this branch was automatically imported from Fedora ELN
with the following as its source:
https://src.fedoraproject.org/rpms/dovecot#29ed947aaea4a89dbadcab2fd9c843ae48a7d156
2020-10-14 23:50:22 +02:00