HCE1-SA-2023-0013
An update for dovecot is now available for HCE 1.1
Moderate
HCE 1.1
Security Fix(es):
An issue was discovered in Dovecot before 2.3.13. By using IMAP IDLE, an authenticated attacker can trigger unhibernation via attacker-controlled parameters, leading to access to other users' email messages (and path disclosure). (CVE-2020-24386)
HCE 1.1
dovecot-2.2.36-9.hce1c.x86_64.rpm
dovecot-mysql-2.2.36-9.hce1c.x86_64.rpm
dovecot-pgsql-2.2.36-9.hce1c.x86_64.rpm
dovecot-pigeonhole-2.2.36-9.hce1c.x86_64.rpm