Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2022-30550 (GCVE-0-2022-30550)
Vulnerability from cvelistv5 – Published: 2022-07-17 00:00 – Updated: 2024-10-15 18:35
VLAI
EPSS
Summary
An issue was discovered in the auth component in Dovecot 2.2 and 2.3 before 2.3.20. When two passdb configuration entries exist with the same driver and args settings, incorrect username_filter and mechanism settings can be applied to passdb definitions. These incorrectly applied settings can lead to an unintended security configuration and can permit privilege escalation in certain configurations. The documentation does not advise against the use of passdb definitions that have the same driver and args settings. One such configuration would be where an administrator wishes to use the same PAM configuration or passwd file for both normal and master users but use the username_filter setting to restrict which of the users is able to be a master user.
Severity
8.8 (High)
CWE
- n/a
Assigner
References
5 references
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:48:36.356Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://dovecot.org/security"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.dovecot.org/download/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2022/07/08/1"
},
{
"name": "[debian-lts-announce] 20220927 [SECURITY] [DLA 3122-1] dovecot security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00032.html"
},
{
"name": "GLSA-202310-19",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202310-19"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-30550",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-15T17:16:02.736424Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-15T18:35:00.129Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the auth component in Dovecot 2.2 and 2.3 before 2.3.20. When two passdb configuration entries exist with the same driver and args settings, incorrect username_filter and mechanism settings can be applied to passdb definitions. These incorrectly applied settings can lead to an unintended security configuration and can permit privilege escalation in certain configurations. The documentation does not advise against the use of passdb definitions that have the same driver and args settings. One such configuration would be where an administrator wishes to use the same PAM configuration or passwd file for both normal and master users but use the username_filter setting to restrict which of the users is able to be a master user."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-30T11:06:19.441Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://dovecot.org/security"
},
{
"url": "https://www.dovecot.org/download/"
},
{
"url": "https://www.openwall.com/lists/oss-security/2022/07/08/1"
},
{
"name": "[debian-lts-announce] 20220927 [SECURITY] [DLA 3122-1] dovecot security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00032.html"
},
{
"name": "GLSA-202310-19",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202310-19"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-30550",
"datePublished": "2022-07-17T00:00:00.000Z",
"dateReserved": "2022-05-11T00:00:00.000Z",
"dateUpdated": "2024-10-15T18:35:00.129Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2022-30550",
"date": "2026-05-27",
"epss": "0.00307",
"percentile": "0.5403"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:dovecot:dovecot:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"2.3\", \"versionEndExcluding\": \"2.3.20\", \"matchCriteriaId\": \"23962064-4385-496A-9651-128C6A5898F0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:dovecot:dovecot:2.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C2580849-4977-4475-9E1F-CFFA52793E36\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"An issue was discovered in the auth component in Dovecot 2.2 and 2.3 before 2.3.20. When two passdb configuration entries exist with the same driver and args settings, incorrect username_filter and mechanism settings can be applied to passdb definitions. These incorrectly applied settings can lead to an unintended security configuration and can permit privilege escalation in certain configurations. The documentation does not advise against the use of passdb definitions that have the same driver and args settings. One such configuration would be where an administrator wishes to use the same PAM configuration or passwd file for both normal and master users but use the username_filter setting to restrict which of the users is able to be a master user.\"}, {\"lang\": \"es\", \"value\": \"Se ha detectado un problema en el componente auth en Dovecot versiones 2.2 y 2.3 anteriores a 2.3.20. Cuando se presentan dos entradas de configuraci\\u00f3n de passdb con los mismos ajustes de driver y args, pueden aplicarse ajustes incorrectos de username_filter y mechanism a las definiciones de passdb. Estos ajustes aplicados incorrectamente pueden conllevar a una configuraci\\u00f3n de seguridad no deseada y pueden permitir una escalada de privilegios en determinadas configuraciones. La documentaci\\u00f3n no aconseja contra el uso de definiciones de passdb que tengan la misma configuraci\\u00f3n de driver y args. Una de estas configuraciones ser\\u00eda cuando un administrador desea usar la misma configuraci\\u00f3n PAM o archivo passwd para los usuarios normales y maestros, pero usa la configuraci\\u00f3n username_filter para restringir cu\\u00e1l de los usuarios puede ser un usuario maestro\"}]",
"id": "CVE-2022-30550",
"lastModified": "2024-11-21T07:02:55.463",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.9}, {\"source\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.9}]}",
"published": "2022-07-17T19:15:18.540",
"references": "[{\"url\": \"https://dovecot.org/security\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2022/09/msg00032.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/202310-19\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.dovecot.org/download/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Product\"]}, {\"url\": \"https://www.openwall.com/lists/oss-security/2022/07/08/1\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://dovecot.org/security\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2022/09/msg00032.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/202310-19\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.dovecot.org/download/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Product\"]}, {\"url\": \"https://www.openwall.com/lists/oss-security/2022/07/08/1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Patch\", \"Third Party Advisory\"]}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-287\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2022-30550\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2022-07-17T19:15:18.540\",\"lastModified\":\"2025-05-23T16:43:11.880\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An issue was discovered in the auth component in Dovecot 2.2 and 2.3 before 2.3.20. When two passdb configuration entries exist with the same driver and args settings, incorrect username_filter and mechanism settings can be applied to passdb definitions. These incorrectly applied settings can lead to an unintended security configuration and can permit privilege escalation in certain configurations. The documentation does not advise against the use of passdb definitions that have the same driver and args settings. One such configuration would be where an administrator wishes to use the same PAM configuration or passwd file for both normal and master users but use the username_filter setting to restrict which of the users is able to be a master user.\"},{\"lang\":\"es\",\"value\":\"Se ha detectado un problema en el componente auth en Dovecot versiones 2.2 y 2.3 anteriores a 2.3.20. Cuando se presentan dos entradas de configuraci\u00f3n de passdb con los mismos ajustes de driver y args, pueden aplicarse ajustes incorrectos de username_filter y mechanism a las definiciones de passdb. Estos ajustes aplicados incorrectamente pueden conllevar a una configuraci\u00f3n de seguridad no deseada y pueden permitir una escalada de privilegios en determinadas configuraciones. La documentaci\u00f3n no aconseja contra el uso de definiciones de passdb que tengan la misma configuraci\u00f3n de driver y args. Una de estas configuraciones ser\u00eda cuando un administrador desea usar la misma configuraci\u00f3n PAM o archivo passwd para los usuarios normales y maestros, pero usa la configuraci\u00f3n username_filter para restringir cu\u00e1l de los usuarios puede ser un usuario maestro\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-287\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:dovecot:dovecot:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.3\",\"versionEndExcluding\":\"2.4.0\",\"matchCriteriaId\":\"D7F00326-2087-4836-8421-EF182F09517A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:dovecot:dovecot:2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2580849-4977-4475-9E1F-CFFA52793E36\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"}]}]}],\"references\":[{\"url\":\"https://dovecot.org/security\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2022/09/msg00032.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202310-19\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.dovecot.org/download/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Product\"]},{\"url\":\"https://www.openwall.com/lists/oss-security/2022/07/08/1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://dovecot.org/security\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2022/09/msg00032.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202310-19\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.dovecot.org/download/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Product\"]},{\"url\":\"https://www.openwall.com/lists/oss-security/2022/07/08/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://dovecot.org/security\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.dovecot.org/download/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.openwall.com/lists/oss-security/2022/07/08/1\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2022/09/msg00032.html\", \"name\": \"[debian-lts-announce] 20220927 [SECURITY] [DLA 3122-1] dovecot security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://security.gentoo.org/glsa/202310-19\", \"name\": \"GLSA-202310-19\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T06:48:36.356Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-30550\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-10-15T17:16:02.736424Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"description\": \"CWE-noinfo Not enough information\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-10-15T18:06:51.145Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"references\": [{\"url\": \"https://dovecot.org/security\"}, {\"url\": \"https://www.dovecot.org/download/\"}, {\"url\": \"https://www.openwall.com/lists/oss-security/2022/07/08/1\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2022/09/msg00032.html\", \"name\": \"[debian-lts-announce] 20220927 [SECURITY] [DLA 3122-1] dovecot security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://security.gentoo.org/glsa/202310-19\", \"name\": \"GLSA-202310-19\", \"tags\": [\"vendor-advisory\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"An issue was discovered in the auth component in Dovecot 2.2 and 2.3 before 2.3.20. When two passdb configuration entries exist with the same driver and args settings, incorrect username_filter and mechanism settings can be applied to passdb definitions. These incorrectly applied settings can lead to an unintended security configuration and can permit privilege escalation in certain configurations. The documentation does not advise against the use of passdb definitions that have the same driver and args settings. One such configuration would be where an administrator wishes to use the same PAM configuration or passwd file for both normal and master users but use the username_filter setting to restrict which of the users is able to be a master user.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2023-10-30T11:06:19.441Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2022-30550\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-10-15T18:35:00.129Z\", \"dateReserved\": \"2022-05-11T00:00:00.000Z\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2022-07-17T00:00:00.000Z\", \"assignerShortName\": \"mitre\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
alsa-2022:7623
Vulnerability from osv_almalinux
Published
2022-11-08 00:00
Modified
2022-11-14 20:26
Summary
Moderate: dovecot security update
Details
Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages.
Security Fix(es):
- dovecot: Privilege escalation when similar master and non-master passdbs are used (CVE-2022-30550)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
References
{
"affected": [
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "dovecot"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:2.3.16-3.el8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "dovecot-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:2.3.16-3.el8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "dovecot-mysql"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:2.3.16-3.el8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "dovecot-pgsql"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:2.3.16-3.el8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "dovecot-pigeonhole"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:2.3.16-3.el8"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": "Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. \n\nSecurity Fix(es):\n\n* dovecot: Privilege escalation when similar master and non-master passdbs are used (CVE-2022-30550)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.",
"id": "ALSA-2022:7623",
"modified": "2022-11-14T20:26:20Z",
"published": "2022-11-08T00:00:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://access.redhat.com/errata/RHSA-2022:7623"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-30550"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2105070"
},
{
"type": "ADVISORY",
"url": "https://errata.almalinux.org/8/ALSA-2022-7623.html"
}
],
"related": [
"CVE-2022-30550"
],
"summary": "Moderate: dovecot security update"
}
alsa-2022:8208
Vulnerability from osv_almalinux
Published
2022-11-15 00:00
Modified
2022-11-18 13:11
Summary
Moderate: dovecot security and enhancement update
Details
Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages.
Security Fix(es):
- dovecot: Privilege escalation when similar master and non-master passdbs are used (CVE-2022-30550)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
References
{
"affected": [
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "dovecot"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:2.3.16-7.el9"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "dovecot-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:2.3.16-7.el9"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "dovecot-mysql"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:2.3.16-7.el9"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "dovecot-pgsql"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:2.3.16-7.el9"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "dovecot-pigeonhole"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:2.3.16-7.el9"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": "Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. \n\nSecurity Fix(es):\n\n* dovecot: Privilege escalation when similar master and non-master passdbs are used (CVE-2022-30550)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.",
"id": "ALSA-2022:8208",
"modified": "2022-11-18T13:11:11Z",
"published": "2022-11-15T00:00:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://access.redhat.com/errata/RHSA-2022:8208"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-30550"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2105070"
},
{
"type": "ADVISORY",
"url": "https://errata.almalinux.org/9/ALSA-2022-8208.html"
}
],
"related": [
"CVE-2022-30550"
],
"summary": "Moderate: dovecot security and enhancement update"
}
BDU:2022-04273
Vulnerability from fstec - Published: 06.07.2022
VLAI
Title
Уязвимость базы данных учетных записей passdb почтового сервера Dovecot. позволяющая нарушителю повысить свои привилегии
Description
Уязвимость базы данных учетных записей passdb почтового сервера Dovecot связана с ошибками в конфигурации. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, повысить свои привилегии
Severity
Vendor
ООО «Ред Софт», ООО «РусБИТех-Астра», ФССП России, АО «ИВК», Timo Sirainen, АО "НППКТ", АО «НТЦ ИТ РОСА»
Software Name
РЕД ОС (запись в едином реестре российских программ №3751), Astra Linux Special Edition (запись в едином реестре российских программ №369), ОС ТД АИС ФССП России, Альт 8 СП (запись в едином реестре российских программ №4305), Dovecot, ОСОН ОСнова Оnyx (запись в едином реестре российских программ №5913), РОСА ХРОМ (запись в едином реестре российских программ №1607)
Software Version
7.3 (РЕД ОС), 1.7 (Astra Linux Special Edition), ИК6 (ОС ТД АИС ФССП России), - (Альт 8 СП), до 2.2 включительно (Dovecot), 4.7 (Astra Linux Special Edition), до 2.6 (ОСОН ОСнова Оnyx), 12.4 (РОСА ХРОМ)
Possible Mitigations
Использование рекомендаций:
Для Devocot:
Обновление программного обеспечения до актуальной версии
Для РедОС:
http://repo.red-soft.ru/redos/7.3c/x86_64/updates/
Для ОС ТД АИС ФССП России:
https://goslinux.fssp.gov.ru/2726972/
Для ОСОН ОСнова Оnyx:
Обновление программного обеспечения dovecot до версии 1:2.3.19.1+dfsg1-2osnova0
Для Astra Linux Special Edition 1.7: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2022-1110SE17
Для Astra Linux Special Edition 4.7: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2022-1121SE47
Для ОС Альт 8 СП: установка обновления из публичного репозитория программного средства
Для операционной системы РОСА ХРОМ:
https://abf.rosa.ru/advisories/ROSA-SA-2025-3015
https://abf.rosa.ru/advisories/ROSA-SA-2025-3014
Reference
https://github.com/dovecot/core/commit/7bad6a24160e34bce8f10e73dbbf9e5fbbcd1904
https://github.com/dovecot/core/commit/a1022072e2ce36f853873d910287f466165b184b
https://www.openwall.com/lists/oss-security/2022/07/06/9
https://github.com/dovecot/core/compare/7bad6a24%5E..a1022072.patch
http://repo.red-soft.ru/redos/7.3c/x86_64/updates/
https://goslinux.fssp.gov.ru/2726972/
https://поддержка.нппкт.рф/bin/view/ОСнова/Обновления/2.6/
https://wiki.astralinux.ru/astra-linux-se17-bulletin-2022-1110SE17
https://wiki.astralinux.ru/astra-linux-se47-bulletin-2022-1121SE47
https://altsp.su/obnovleniya-bezopasnosti/
https://abf.rosa.ru/advisories/ROSA-SA-2025-3015
https://abf.rosa.ru/advisories/ROSA-SA-2025-3014
CWE
CWE-284
{
"CVSS 2.0": "AV:N/AC:H/Au:S/C:C/I:C/A:N",
"CVSS 3.0": "AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb, \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb, \u0424\u0421\u0421\u041f \u0420\u043e\u0441\u0441\u0438\u0438, \u0410\u041e \u00ab\u0418\u0412\u041a\u00bb, Timo Sirainen, \u0410\u041e \"\u041d\u041f\u041f\u041a\u0422\", \u0410\u041e \u00ab\u041d\u0422\u0426 \u0418\u0422 \u0420\u041e\u0421\u0410\u00bb",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "7.3 (\u0420\u0415\u0414 \u041e\u0421), 1.7 (Astra Linux Special Edition), \u0418\u041a6 (\u041e\u0421 \u0422\u0414 \u0410\u0418\u0421 \u0424\u0421\u0421\u041f \u0420\u043e\u0441\u0441\u0438\u0438), - (\u0410\u043b\u044c\u0442 8 \u0421\u041f), \u0434\u043e 2.2 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Dovecot), 4.7 (Astra Linux Special Edition), \u0434\u043e 2.6 (\u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx), 12.4 (\u0420\u041e\u0421\u0410 \u0425\u0420\u041e\u041c)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f Devocot:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0434\u043e \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438\n\n\u0414\u043b\u044f \u0420\u0435\u0434\u041e\u0421:\nhttp://repo.red-soft.ru/redos/7.3c/x86_64/updates/\n\n\u0414\u043b\u044f \u041e\u0421 \u0422\u0414 \u0410\u0418\u0421 \u0424\u0421\u0421\u041f \u0420\u043e\u0441\u0441\u0438\u0438:\nhttps://goslinux.fssp.gov.ru/2726972/\n\n\u0414\u043b\u044f \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f dovecot \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 1:2.3.19.1+dfsg1-2osnova0\n\n\u0414\u043b\u044f Astra Linux Special Edition 1.7: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2022-1110SE17\n\n\u0414\u043b\u044f Astra Linux Special Edition 4.7: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2022-1121SE47\n\n\u0414\u043b\u044f \u041e\u0421 \u0410\u043b\u044c\u0442 8 \u0421\u041f: \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0438\u0437 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u0433\u043e \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430\n\n\u0414\u043b\u044f \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0420\u041e\u0421\u0410 \u0425\u0420\u041e\u041c:\nhttps://abf.rosa.ru/advisories/ROSA-SA-2025-3015\nhttps://abf.rosa.ru/advisories/ROSA-SA-2025-3014",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "06.07.2022",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "06.11.2025",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "11.07.2022",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2022-04273",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2022-30550",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "\u0420\u0415\u0414 \u041e\u0421 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), Astra Linux Special Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u041e\u0421 \u0422\u0414 \u0410\u0418\u0421 \u0424\u0421\u0421\u041f \u0420\u043e\u0441\u0441\u0438\u0438, \u0410\u043b\u044c\u0442 8 \u0421\u041f (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164305), Dovecot, \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21165913), \u0420\u041e\u0421\u0410 \u0425\u0420\u041e\u041c (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21161607)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb \u0420\u0415\u0414 \u041e\u0421 7.3 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.7 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u0424\u0421\u0421\u041f \u0420\u043e\u0441\u0441\u0438\u0438 \u041e\u0421 \u0422\u0414 \u0410\u0418\u0421 \u0424\u0421\u0421\u041f \u0420\u043e\u0441\u0441\u0438\u0438 \u0418\u041a6 , \u0410\u041e \u00ab\u0418\u0412\u041a\u00bb \u0410\u043b\u044c\u0442 8 \u0421\u041f - (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164305), \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 4.7 ARM (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u0410\u041e \"\u041d\u041f\u041f\u041a\u0422\" \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx \u0434\u043e 2.6 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21165913), \u0410\u041e \u00ab\u041d\u0422\u0426 \u0418\u0422 \u0420\u041e\u0421\u0410\u00bb \u0420\u041e\u0421\u0410 \u0425\u0420\u041e\u041c 12.4 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21161607)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u0430\u0437\u044b \u0434\u0430\u043d\u043d\u044b\u0445 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0437\u0430\u043f\u0438\u0441\u0435\u0439 passdb \u043f\u043e\u0447\u0442\u043e\u0432\u043e\u0433\u043e \u0441\u0435\u0440\u0432\u0435\u0440\u0430 Dovecot. \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u0434\u043e\u0441\u0442\u0443\u043f\u0430 (CWE-284)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u0430\u0437\u044b \u0434\u0430\u043d\u043d\u044b\u0445 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0437\u0430\u043f\u0438\u0441\u0435\u0439 passdb \u043f\u043e\u0447\u0442\u043e\u0432\u043e\u0433\u043e \u0441\u0435\u0440\u0432\u0435\u0440\u0430 Dovecot \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043e\u0448\u0438\u0431\u043a\u0430\u043c\u0438 \u0432 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u0435 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://github.com/dovecot/core/commit/7bad6a24160e34bce8f10e73dbbf9e5fbbcd1904\nhttps://github.com/dovecot/core/commit/a1022072e2ce36f853873d910287f466165b184b\nhttps://www.openwall.com/lists/oss-security/2022/07/06/9\nhttps://github.com/dovecot/core/compare/7bad6a24%5E..a1022072.patch\nhttp://repo.red-soft.ru/redos/7.3c/x86_64/updates/\nhttps://goslinux.fssp.gov.ru/2726972/\nhttps://\u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430.\u043d\u043f\u043f\u043a\u0442.\u0440\u0444/bin/view/\u041e\u0421\u043d\u043e\u0432\u0430/\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f/2.6/\nhttps://wiki.astralinux.ru/astra-linux-se17-bulletin-2022-1110SE17\nhttps://wiki.astralinux.ru/astra-linux-se47-bulletin-2022-1121SE47\nhttps://altsp.su/obnovleniya-bezopasnosti/\nhttps://abf.rosa.ru/advisories/ROSA-SA-2025-3015\nhttps://abf.rosa.ru/advisories/ROSA-SA-2025-3014",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u0421\u0435\u0442\u0435\u0432\u043e\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-284",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,6)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.1 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,8)"
}
FKIE_CVE-2022-30550
Vulnerability from fkie_nvd - Published: 2022-07-17 19:15 - Updated: 2025-05-23 16:43
Severity
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
An issue was discovered in the auth component in Dovecot 2.2 and 2.3 before 2.3.20. When two passdb configuration entries exist with the same driver and args settings, incorrect username_filter and mechanism settings can be applied to passdb definitions. These incorrectly applied settings can lead to an unintended security configuration and can permit privilege escalation in certain configurations. The documentation does not advise against the use of passdb definitions that have the same driver and args settings. One such configuration would be where an administrator wishes to use the same PAM configuration or passwd file for both normal and master users but use the username_filter setting to restrict which of the users is able to be a master user.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://dovecot.org/security | Vendor Advisory | |
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2022/09/msg00032.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://security.gentoo.org/glsa/202310-19 | Third Party Advisory | |
| cve@mitre.org | https://www.dovecot.org/download/ | Product | |
| cve@mitre.org | https://www.openwall.com/lists/oss-security/2022/07/08/1 | Mailing List, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://dovecot.org/security | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2022/09/msg00032.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202310-19 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.dovecot.org/download/ | Product | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.openwall.com/lists/oss-security/2022/07/08/1 | Mailing List, Patch, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:dovecot:dovecot:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D7F00326-2087-4836-8421-EF182F09517A",
"versionEndExcluding": "2.4.0",
"versionStartIncluding": "2.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dovecot:dovecot:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C2580849-4977-4475-9E1F-CFFA52793E36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the auth component in Dovecot 2.2 and 2.3 before 2.3.20. When two passdb configuration entries exist with the same driver and args settings, incorrect username_filter and mechanism settings can be applied to passdb definitions. These incorrectly applied settings can lead to an unintended security configuration and can permit privilege escalation in certain configurations. The documentation does not advise against the use of passdb definitions that have the same driver and args settings. One such configuration would be where an administrator wishes to use the same PAM configuration or passwd file for both normal and master users but use the username_filter setting to restrict which of the users is able to be a master user."
},
{
"lang": "es",
"value": "Se ha detectado un problema en el componente auth en Dovecot versiones 2.2 y 2.3 anteriores a 2.3.20. Cuando se presentan dos entradas de configuraci\u00f3n de passdb con los mismos ajustes de driver y args, pueden aplicarse ajustes incorrectos de username_filter y mechanism a las definiciones de passdb. Estos ajustes aplicados incorrectamente pueden conllevar a una configuraci\u00f3n de seguridad no deseada y pueden permitir una escalada de privilegios en determinadas configuraciones. La documentaci\u00f3n no aconseja contra el uso de definiciones de passdb que tengan la misma configuraci\u00f3n de driver y args. Una de estas configuraciones ser\u00eda cuando un administrador desea usar la misma configuraci\u00f3n PAM o archivo passwd para los usuarios normales y maestros, pero usa la configuraci\u00f3n username_filter para restringir cu\u00e1l de los usuarios puede ser un usuario maestro"
}
],
"id": "CVE-2022-30550",
"lastModified": "2025-05-23T16:43:11.880",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2022-07-17T19:15:18.540",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://dovecot.org/security"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00032.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202310-19"
},
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "https://www.dovecot.org/download/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2022/07/08/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://dovecot.org/security"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00032.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202310-19"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://www.dovecot.org/download/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2022/07/08/1"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-CCH8-VP96-G53M
Vulnerability from github – Published: 2022-07-18 00:00 – Updated: 2024-10-15 21:30
VLAI
Details
An issue was discovered in the auth component in Dovecot 2.2 and 2.3 before 2.3.20. When two passdb configuration entries exist with the same driver and args settings, incorrect username_filter and mechanism settings can be applied to passdb definitions. These incorrectly applied settings can lead to an unintended security configuration and can permit privilege escalation in certain configurations. The documentation does not advise against the use of passdb definitions that have the same driver and args settings. One such configuration would be where an administrator wishes to use the same PAM configuration or passwd file for both normal and master users but use the username_filter setting to restrict which of the users is able to be a master user.
Severity
8.8 (High)
{
"affected": [],
"aliases": [
"CVE-2022-30550"
],
"database_specific": {
"cwe_ids": [
"CWE-287"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-07-17T19:15:00Z",
"severity": "HIGH"
},
"details": "An issue was discovered in the auth component in Dovecot 2.2 and 2.3 before 2.3.20. When two passdb configuration entries exist with the same driver and args settings, incorrect username_filter and mechanism settings can be applied to passdb definitions. These incorrectly applied settings can lead to an unintended security configuration and can permit privilege escalation in certain configurations. The documentation does not advise against the use of passdb definitions that have the same driver and args settings. One such configuration would be where an administrator wishes to use the same PAM configuration or passwd file for both normal and master users but use the username_filter setting to restrict which of the users is able to be a master user.",
"id": "GHSA-cch8-vp96-g53m",
"modified": "2024-10-15T21:30:32Z",
"published": "2022-07-18T00:00:32Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30550"
},
{
"type": "WEB",
"url": "https://dovecot.org/security"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00032.html"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202310-19"
},
{
"type": "WEB",
"url": "https://www.dovecot.org/download"
},
{
"type": "WEB",
"url": "https://www.openwall.com/lists/oss-security/2022/07/08/1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GSD-2022-30550
Vulnerability from gsd - Updated: 2023-12-13 01:19Details
An issue was discovered in the auth component in Dovecot 2.2 and 2.3 before 2.3.20. When two passdb configuration entries exist with the same driver and args settings, incorrect username_filter and mechanism settings can be applied to passdb definitions. These incorrectly applied settings can lead to an unintended security configuration and can permit privilege escalation in certain configurations. The documentation does not advise against the use of passdb definitions that have the same driver and args settings. One such configuration would be where an administrator wishes to use the same PAM configuration or passwd file for both normal and master users but use the username_filter setting to restrict which of the users is able to be a master user.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2022-30550",
"description": "An issue was discovered in the auth component in Dovecot 2.2 and 2.3 before 2.3.20. When two passdb configuration entries exist with the same driver and args settings, incorrect username_filter and mechanism settings can be applied to passdb definitions. These incorrectly applied settings can lead to an unintended security configuration and can permit privilege escalation in certain configurations. The documentation does not advise against the use of passdb definitions that have the same driver and args settings. One such configuration would be where an administrator wishes to use the same PAM configuration or passwd file for both normal and master users but use the username_filter setting to restrict which of the users is able to be a master user.",
"id": "GSD-2022-30550",
"references": [
"https://www.suse.com/security/cve/CVE-2022-30550.html",
"https://ubuntu.com/security/CVE-2022-30550",
"https://security.archlinux.org/CVE-2022-30550",
"https://advisories.mageia.org/CVE-2022-30550.html",
"https://access.redhat.com/errata/RHSA-2022:7623",
"https://access.redhat.com/errata/RHSA-2022:8208"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2022-30550"
],
"details": "An issue was discovered in the auth component in Dovecot 2.2 and 2.3 before 2.3.20. When two passdb configuration entries exist with the same driver and args settings, incorrect username_filter and mechanism settings can be applied to passdb definitions. These incorrectly applied settings can lead to an unintended security configuration and can permit privilege escalation in certain configurations. The documentation does not advise against the use of passdb definitions that have the same driver and args settings. One such configuration would be where an administrator wishes to use the same PAM configuration or passwd file for both normal and master users but use the username_filter setting to restrict which of the users is able to be a master user.",
"id": "GSD-2022-30550",
"modified": "2023-12-13T01:19:37.024759Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-30550",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in the auth component in Dovecot 2.2 and 2.3 before 2.3.20. When two passdb configuration entries exist with the same driver and args settings, incorrect username_filter and mechanism settings can be applied to passdb definitions. These incorrectly applied settings can lead to an unintended security configuration and can permit privilege escalation in certain configurations. The documentation does not advise against the use of passdb definitions that have the same driver and args settings. One such configuration would be where an administrator wishes to use the same PAM configuration or passwd file for both normal and master users but use the username_filter setting to restrict which of the users is able to be a master user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://dovecot.org/security",
"refsource": "MISC",
"url": "https://dovecot.org/security"
},
{
"name": "https://www.dovecot.org/download/",
"refsource": "MISC",
"url": "https://www.dovecot.org/download/"
},
{
"name": "https://www.openwall.com/lists/oss-security/2022/07/08/1",
"refsource": "CONFIRM",
"url": "https://www.openwall.com/lists/oss-security/2022/07/08/1"
},
{
"name": "[debian-lts-announce] 20220927 [SECURITY] [DLA 3122-1] dovecot security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00032.html"
},
{
"name": "GLSA-202310-19",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202310-19"
}
]
}
},
"nvd.nist.gov": {
"cve": {
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:dovecot:dovecot:*:*:*:*:*:*:*:*",
"matchCriteriaId": "23962064-4385-496A-9651-128C6A5898F0",
"versionEndExcluding": "2.3.20",
"versionStartIncluding": "2.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dovecot:dovecot:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C2580849-4977-4475-9E1F-CFFA52793E36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the auth component in Dovecot 2.2 and 2.3 before 2.3.20. When two passdb configuration entries exist with the same driver and args settings, incorrect username_filter and mechanism settings can be applied to passdb definitions. These incorrectly applied settings can lead to an unintended security configuration and can permit privilege escalation in certain configurations. The documentation does not advise against the use of passdb definitions that have the same driver and args settings. One such configuration would be where an administrator wishes to use the same PAM configuration or passwd file for both normal and master users but use the username_filter setting to restrict which of the users is able to be a master user."
},
{
"lang": "es",
"value": "Se ha detectado un problema en el componente auth en Dovecot versiones 2.2 y 2.3 anteriores a 2.3.20. Cuando se presentan dos entradas de configuraci\u00f3n de passdb con los mismos ajustes de driver y args, pueden aplicarse ajustes incorrectos de username_filter y mechanism a las definiciones de passdb. Estos ajustes aplicados incorrectamente pueden conllevar a una configuraci\u00f3n de seguridad no deseada y pueden permitir una escalada de privilegios en determinadas configuraciones. La documentaci\u00f3n no aconseja contra el uso de definiciones de passdb que tengan la misma configuraci\u00f3n de driver y args. Una de estas configuraciones ser\u00eda cuando un administrador desea usar la misma configuraci\u00f3n PAM o archivo passwd para los usuarios normales y maestros, pero usa la configuraci\u00f3n username_filter para restringir cu\u00e1l de los usuarios puede ser un usuario maestro"
}
],
"id": "CVE-2022-30550",
"lastModified": "2024-01-12T20:47:18.010",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-07-17T19:15:18.540",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://dovecot.org/security"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00032.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202310-19"
},
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "https://www.dovecot.org/download/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2022/07/08/1"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
}
}
}
MSRC_CVE-2022-30550
Vulnerability from csaf_microsoft - Published: 2022-07-02 00:00 - Updated: 2022-07-26 00:00Summary
An issue was discovered in the auth component in Dovecot 2.2 and 2.3 before 2.3.20. When two passdb configuration entries exist with the same driver and args settings incorrect username_filter and mechanism settings can be applied to passdb definitions. These incorrectly applied settings can lead to an unintended security configuration and can permit privilege escalation in certain configurations. The documentation does not advise against the use of passdb definitions that have the same driver and args settings. One such configuration would be where an administrator wishes to use the same PAM configuration or passwd file for both normal and master users but use the username_filter setting to restrict which of the users is able to be a master user.
Notes
Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
References
4 references
| URL | Category |
|---|---|
| https://msrc.microsoft.com/csaf/vex/2022/msrc_cve… | self |
| https://support.microsoft.com/lifecycle | external |
| https://www.first.org/cvss | external |
| https://msrc.microsoft.com/csaf/vex/2022/msrc_cve… | self |
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2022-30550 An issue was discovered in the auth component in Dovecot 2.2 and 2.3 before 2.3.20. When two passdb configuration entries exist with the same driver and args settings incorrect username_filter and mechanism settings can be applied to passdb definitions. These incorrectly applied settings can lead to an unintended security configuration and can permit privilege escalation in certain configurations. The documentation does not advise against the use of passdb definitions that have the same driver and args settings. One such configuration would be where an administrator wishes to use the same PAM configuration or passwd file for both normal and master users but use the username_filter setting to restrict which of the users is able to be a master user. - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2022/msrc_cve-2022-30550.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "An issue was discovered in the auth component in Dovecot 2.2 and 2.3 before 2.3.20. When two passdb configuration entries exist with the same driver and args settings incorrect username_filter and mechanism settings can be applied to passdb definitions. These incorrectly applied settings can lead to an unintended security configuration and can permit privilege escalation in certain configurations. The documentation does not advise against the use of passdb definitions that have the same driver and args settings. One such configuration would be where an administrator wishes to use the same PAM configuration or passwd file for both normal and master users but use the username_filter setting to restrict which of the users is able to be a master user.",
"tracking": {
"current_release_date": "2022-07-26T00:00:00.000Z",
"generator": {
"date": "2025-10-19T23:43:30.799Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2022-30550",
"initial_release_date": "2022-07-02T00:00:00.000Z",
"revision_history": [
{
"date": "2022-07-26T00:00:00.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "2.0",
"product": {
"name": "CBL Mariner 2.0",
"product_id": "17086"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003ccbl2 dovecot 2.3.20-1",
"product": {
"name": "\u003ccbl2 dovecot 2.3.20-1",
"product_id": "1"
}
},
{
"category": "product_version",
"name": "cbl2 dovecot 2.3.20-1",
"product": {
"name": "cbl2 dovecot 2.3.20-1",
"product_id": "19201"
}
}
],
"category": "product_name",
"name": "dovecot"
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 dovecot 2.3.20-1 as a component of CBL Mariner 2.0",
"product_id": "17086-1"
},
"product_reference": "1",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 dovecot 2.3.20-1 as a component of CBL Mariner 2.0",
"product_id": "19201-17086"
},
"product_reference": "19201",
"relates_to_product_reference": "17086"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-30550",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"notes": [
{
"category": "general",
"text": "mitre",
"title": "Assigning CNA"
}
],
"product_status": {
"fixed": [
"19201-17086"
],
"known_affected": [
"17086-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-30550 An issue was discovered in the auth component in Dovecot 2.2 and 2.3 before 2.3.20. When two passdb configuration entries exist with the same driver and args settings incorrect username_filter and mechanism settings can be applied to passdb definitions. These incorrectly applied settings can lead to an unintended security configuration and can permit privilege escalation in certain configurations. The documentation does not advise against the use of passdb definitions that have the same driver and args settings. One such configuration would be where an administrator wishes to use the same PAM configuration or passwd file for both normal and master users but use the username_filter setting to restrict which of the users is able to be a master user. - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2022/msrc_cve-2022-30550.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2022-07-26T00:00:00.000Z",
"details": "2.3.20-1:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17086-1"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalsScore": 0.0,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 8.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"17086-1"
]
}
],
"title": "An issue was discovered in the auth component in Dovecot 2.2 and 2.3 before 2.3.20. When two passdb configuration entries exist with the same driver and args settings incorrect username_filter and mechanism settings can be applied to passdb definitions. These incorrectly applied settings can lead to an unintended security configuration and can permit privilege escalation in certain configurations. The documentation does not advise against the use of passdb definitions that have the same driver and args settings. One such configuration would be where an administrator wishes to use the same PAM configuration or passwd file for both normal and master users but use the username_filter setting to restrict which of the users is able to be a master user."
}
]
}
RHSA-2022:7623
Vulnerability from csaf_redhat - Published: 2022-11-08 10:08 - Updated: 2025-11-21 18:34Summary
Red Hat Security Advisory: dovecot security update
Severity
Moderate
Notes
Topic: An update for dovecot is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages.
Security Fix(es):
* dovecot: Privilege escalation when similar master and non-master passdbs are used (CVE-2022-30550)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.7 Release Notes linked from the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A vulnerability was found in the Dovecot IMAP Server. When two passdb configuration entries exist in the Dovecot configuration, which have the same driver and args settings, the incorrect username_filter and mechanism settings can be applied to passdb definitions. These incorrect settings can lead to an unintended security configuration and can permit privilege escalation with certain configurations involving a master user authentication. If the same passwd file or PAM is used for both normal and master users, an attacker could easily become a master user, potentially escalating privileges on the system.
6.8 (Medium)
Affected products
Fixed
96 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
10 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for dovecot is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. \n\nSecurity Fix(es):\n\n* dovecot: Privilege escalation when similar master and non-master passdbs are used (CVE-2022-30550)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.7 Release Notes linked from the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:7623",
"url": "https://access.redhat.com/errata/RHSA-2022:7623"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.7_release_notes/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.7_release_notes/index"
},
{
"category": "external",
"summary": "2105070",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105070"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_7623.json"
}
],
"title": "Red Hat Security Advisory: dovecot security update",
"tracking": {
"current_release_date": "2025-11-21T18:34:37+00:00",
"generator": {
"date": "2025-11-21T18:34:37+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2022:7623",
"initial_release_date": "2022-11-08T10:08:10+00:00",
"revision_history": [
{
"date": "2022-11-08T10:08:10+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-11-08T10:08:10+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:34:37+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat CodeReady Linux Builder (v. 8)",
"product": {
"name": "Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::crb"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "dovecot-1:2.3.16-3.el8.i686",
"product": {
"name": "dovecot-1:2.3.16-3.el8.i686",
"product_id": "dovecot-1:2.3.16-3.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot@2.3.16-3.el8?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-devel-1:2.3.16-3.el8.i686",
"product": {
"name": "dovecot-devel-1:2.3.16-3.el8.i686",
"product_id": "dovecot-devel-1:2.3.16-3.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-devel@2.3.16-3.el8?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-debugsource-1:2.3.16-3.el8.i686",
"product": {
"name": "dovecot-debugsource-1:2.3.16-3.el8.i686",
"product_id": "dovecot-debugsource-1:2.3.16-3.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-debugsource@2.3.16-3.el8?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-debuginfo-1:2.3.16-3.el8.i686",
"product": {
"name": "dovecot-debuginfo-1:2.3.16-3.el8.i686",
"product_id": "dovecot-debuginfo-1:2.3.16-3.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-debuginfo@2.3.16-3.el8?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.i686",
"product": {
"name": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.i686",
"product_id": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-mysql-debuginfo@2.3.16-3.el8?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.i686",
"product": {
"name": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.i686",
"product_id": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-pgsql-debuginfo@2.3.16-3.el8?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.i686",
"product": {
"name": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.i686",
"product_id": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-pigeonhole-debuginfo@2.3.16-3.el8?arch=i686\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "dovecot-devel-1:2.3.16-3.el8.x86_64",
"product": {
"name": "dovecot-devel-1:2.3.16-3.el8.x86_64",
"product_id": "dovecot-devel-1:2.3.16-3.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-devel@2.3.16-3.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-debugsource-1:2.3.16-3.el8.x86_64",
"product": {
"name": "dovecot-debugsource-1:2.3.16-3.el8.x86_64",
"product_id": "dovecot-debugsource-1:2.3.16-3.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-debugsource@2.3.16-3.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-debuginfo-1:2.3.16-3.el8.x86_64",
"product": {
"name": "dovecot-debuginfo-1:2.3.16-3.el8.x86_64",
"product_id": "dovecot-debuginfo-1:2.3.16-3.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-debuginfo@2.3.16-3.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.x86_64",
"product": {
"name": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.x86_64",
"product_id": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-mysql-debuginfo@2.3.16-3.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.x86_64",
"product": {
"name": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.x86_64",
"product_id": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-pgsql-debuginfo@2.3.16-3.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.x86_64",
"product": {
"name": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.x86_64",
"product_id": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-pigeonhole-debuginfo@2.3.16-3.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-1:2.3.16-3.el8.x86_64",
"product": {
"name": "dovecot-1:2.3.16-3.el8.x86_64",
"product_id": "dovecot-1:2.3.16-3.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot@2.3.16-3.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-mysql-1:2.3.16-3.el8.x86_64",
"product": {
"name": "dovecot-mysql-1:2.3.16-3.el8.x86_64",
"product_id": "dovecot-mysql-1:2.3.16-3.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-mysql@2.3.16-3.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-pgsql-1:2.3.16-3.el8.x86_64",
"product": {
"name": "dovecot-pgsql-1:2.3.16-3.el8.x86_64",
"product_id": "dovecot-pgsql-1:2.3.16-3.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-pgsql@2.3.16-3.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-pigeonhole-1:2.3.16-3.el8.x86_64",
"product": {
"name": "dovecot-pigeonhole-1:2.3.16-3.el8.x86_64",
"product_id": "dovecot-pigeonhole-1:2.3.16-3.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-pigeonhole@2.3.16-3.el8?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "dovecot-devel-1:2.3.16-3.el8.aarch64",
"product": {
"name": "dovecot-devel-1:2.3.16-3.el8.aarch64",
"product_id": "dovecot-devel-1:2.3.16-3.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-devel@2.3.16-3.el8?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-debugsource-1:2.3.16-3.el8.aarch64",
"product": {
"name": "dovecot-debugsource-1:2.3.16-3.el8.aarch64",
"product_id": "dovecot-debugsource-1:2.3.16-3.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-debugsource@2.3.16-3.el8?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-debuginfo-1:2.3.16-3.el8.aarch64",
"product": {
"name": "dovecot-debuginfo-1:2.3.16-3.el8.aarch64",
"product_id": "dovecot-debuginfo-1:2.3.16-3.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-debuginfo@2.3.16-3.el8?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.aarch64",
"product": {
"name": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.aarch64",
"product_id": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-mysql-debuginfo@2.3.16-3.el8?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.aarch64",
"product": {
"name": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.aarch64",
"product_id": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-pgsql-debuginfo@2.3.16-3.el8?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.aarch64",
"product": {
"name": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.aarch64",
"product_id": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-pigeonhole-debuginfo@2.3.16-3.el8?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-1:2.3.16-3.el8.aarch64",
"product": {
"name": "dovecot-1:2.3.16-3.el8.aarch64",
"product_id": "dovecot-1:2.3.16-3.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot@2.3.16-3.el8?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-mysql-1:2.3.16-3.el8.aarch64",
"product": {
"name": "dovecot-mysql-1:2.3.16-3.el8.aarch64",
"product_id": "dovecot-mysql-1:2.3.16-3.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-mysql@2.3.16-3.el8?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-pgsql-1:2.3.16-3.el8.aarch64",
"product": {
"name": "dovecot-pgsql-1:2.3.16-3.el8.aarch64",
"product_id": "dovecot-pgsql-1:2.3.16-3.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-pgsql@2.3.16-3.el8?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-pigeonhole-1:2.3.16-3.el8.aarch64",
"product": {
"name": "dovecot-pigeonhole-1:2.3.16-3.el8.aarch64",
"product_id": "dovecot-pigeonhole-1:2.3.16-3.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-pigeonhole@2.3.16-3.el8?arch=aarch64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "dovecot-devel-1:2.3.16-3.el8.ppc64le",
"product": {
"name": "dovecot-devel-1:2.3.16-3.el8.ppc64le",
"product_id": "dovecot-devel-1:2.3.16-3.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-devel@2.3.16-3.el8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-debugsource-1:2.3.16-3.el8.ppc64le",
"product": {
"name": "dovecot-debugsource-1:2.3.16-3.el8.ppc64le",
"product_id": "dovecot-debugsource-1:2.3.16-3.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-debugsource@2.3.16-3.el8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-debuginfo-1:2.3.16-3.el8.ppc64le",
"product": {
"name": "dovecot-debuginfo-1:2.3.16-3.el8.ppc64le",
"product_id": "dovecot-debuginfo-1:2.3.16-3.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-debuginfo@2.3.16-3.el8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.ppc64le",
"product": {
"name": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.ppc64le",
"product_id": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-mysql-debuginfo@2.3.16-3.el8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.ppc64le",
"product": {
"name": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.ppc64le",
"product_id": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-pgsql-debuginfo@2.3.16-3.el8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.ppc64le",
"product": {
"name": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.ppc64le",
"product_id": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-pigeonhole-debuginfo@2.3.16-3.el8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-1:2.3.16-3.el8.ppc64le",
"product": {
"name": "dovecot-1:2.3.16-3.el8.ppc64le",
"product_id": "dovecot-1:2.3.16-3.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot@2.3.16-3.el8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-mysql-1:2.3.16-3.el8.ppc64le",
"product": {
"name": "dovecot-mysql-1:2.3.16-3.el8.ppc64le",
"product_id": "dovecot-mysql-1:2.3.16-3.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-mysql@2.3.16-3.el8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-pgsql-1:2.3.16-3.el8.ppc64le",
"product": {
"name": "dovecot-pgsql-1:2.3.16-3.el8.ppc64le",
"product_id": "dovecot-pgsql-1:2.3.16-3.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-pgsql@2.3.16-3.el8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-pigeonhole-1:2.3.16-3.el8.ppc64le",
"product": {
"name": "dovecot-pigeonhole-1:2.3.16-3.el8.ppc64le",
"product_id": "dovecot-pigeonhole-1:2.3.16-3.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-pigeonhole@2.3.16-3.el8?arch=ppc64le\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "dovecot-devel-1:2.3.16-3.el8.s390x",
"product": {
"name": "dovecot-devel-1:2.3.16-3.el8.s390x",
"product_id": "dovecot-devel-1:2.3.16-3.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-devel@2.3.16-3.el8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-debugsource-1:2.3.16-3.el8.s390x",
"product": {
"name": "dovecot-debugsource-1:2.3.16-3.el8.s390x",
"product_id": "dovecot-debugsource-1:2.3.16-3.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-debugsource@2.3.16-3.el8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-debuginfo-1:2.3.16-3.el8.s390x",
"product": {
"name": "dovecot-debuginfo-1:2.3.16-3.el8.s390x",
"product_id": "dovecot-debuginfo-1:2.3.16-3.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-debuginfo@2.3.16-3.el8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.s390x",
"product": {
"name": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.s390x",
"product_id": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-mysql-debuginfo@2.3.16-3.el8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.s390x",
"product": {
"name": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.s390x",
"product_id": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-pgsql-debuginfo@2.3.16-3.el8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.s390x",
"product": {
"name": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.s390x",
"product_id": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-pigeonhole-debuginfo@2.3.16-3.el8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-1:2.3.16-3.el8.s390x",
"product": {
"name": "dovecot-1:2.3.16-3.el8.s390x",
"product_id": "dovecot-1:2.3.16-3.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot@2.3.16-3.el8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-mysql-1:2.3.16-3.el8.s390x",
"product": {
"name": "dovecot-mysql-1:2.3.16-3.el8.s390x",
"product_id": "dovecot-mysql-1:2.3.16-3.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-mysql@2.3.16-3.el8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-pgsql-1:2.3.16-3.el8.s390x",
"product": {
"name": "dovecot-pgsql-1:2.3.16-3.el8.s390x",
"product_id": "dovecot-pgsql-1:2.3.16-3.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-pgsql@2.3.16-3.el8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-pigeonhole-1:2.3.16-3.el8.s390x",
"product": {
"name": "dovecot-pigeonhole-1:2.3.16-3.el8.s390x",
"product_id": "dovecot-pigeonhole-1:2.3.16-3.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-pigeonhole@2.3.16-3.el8?arch=s390x\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "dovecot-1:2.3.16-3.el8.src",
"product": {
"name": "dovecot-1:2.3.16-3.el8.src",
"product_id": "dovecot-1:2.3.16-3.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot@2.3.16-3.el8?arch=src\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-1:2.3.16-3.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.aarch64"
},
"product_reference": "dovecot-1:2.3.16-3.el8.aarch64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-1:2.3.16-3.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.i686"
},
"product_reference": "dovecot-1:2.3.16-3.el8.i686",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-1:2.3.16-3.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.ppc64le"
},
"product_reference": "dovecot-1:2.3.16-3.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-1:2.3.16-3.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.s390x"
},
"product_reference": "dovecot-1:2.3.16-3.el8.s390x",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-1:2.3.16-3.el8.src as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.src"
},
"product_reference": "dovecot-1:2.3.16-3.el8.src",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-1:2.3.16-3.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.x86_64"
},
"product_reference": "dovecot-1:2.3.16-3.el8.x86_64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-debuginfo-1:2.3.16-3.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.aarch64"
},
"product_reference": "dovecot-debuginfo-1:2.3.16-3.el8.aarch64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-debuginfo-1:2.3.16-3.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.i686"
},
"product_reference": "dovecot-debuginfo-1:2.3.16-3.el8.i686",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-debuginfo-1:2.3.16-3.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.ppc64le"
},
"product_reference": "dovecot-debuginfo-1:2.3.16-3.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-debuginfo-1:2.3.16-3.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.s390x"
},
"product_reference": "dovecot-debuginfo-1:2.3.16-3.el8.s390x",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-debuginfo-1:2.3.16-3.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.x86_64"
},
"product_reference": "dovecot-debuginfo-1:2.3.16-3.el8.x86_64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-debugsource-1:2.3.16-3.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.aarch64"
},
"product_reference": "dovecot-debugsource-1:2.3.16-3.el8.aarch64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-debugsource-1:2.3.16-3.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.i686"
},
"product_reference": "dovecot-debugsource-1:2.3.16-3.el8.i686",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-debugsource-1:2.3.16-3.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.ppc64le"
},
"product_reference": "dovecot-debugsource-1:2.3.16-3.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-debugsource-1:2.3.16-3.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.s390x"
},
"product_reference": "dovecot-debugsource-1:2.3.16-3.el8.s390x",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-debugsource-1:2.3.16-3.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.x86_64"
},
"product_reference": "dovecot-debugsource-1:2.3.16-3.el8.x86_64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-devel-1:2.3.16-3.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.aarch64"
},
"product_reference": "dovecot-devel-1:2.3.16-3.el8.aarch64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-devel-1:2.3.16-3.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.i686"
},
"product_reference": "dovecot-devel-1:2.3.16-3.el8.i686",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-devel-1:2.3.16-3.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.ppc64le"
},
"product_reference": "dovecot-devel-1:2.3.16-3.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-devel-1:2.3.16-3.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.s390x"
},
"product_reference": "dovecot-devel-1:2.3.16-3.el8.s390x",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-devel-1:2.3.16-3.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.x86_64"
},
"product_reference": "dovecot-devel-1:2.3.16-3.el8.x86_64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-mysql-1:2.3.16-3.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.aarch64"
},
"product_reference": "dovecot-mysql-1:2.3.16-3.el8.aarch64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-mysql-1:2.3.16-3.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.ppc64le"
},
"product_reference": "dovecot-mysql-1:2.3.16-3.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-mysql-1:2.3.16-3.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.s390x"
},
"product_reference": "dovecot-mysql-1:2.3.16-3.el8.s390x",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-mysql-1:2.3.16-3.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.x86_64"
},
"product_reference": "dovecot-mysql-1:2.3.16-3.el8.x86_64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.aarch64"
},
"product_reference": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.aarch64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.i686"
},
"product_reference": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.i686",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.ppc64le"
},
"product_reference": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.s390x"
},
"product_reference": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.s390x",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.x86_64"
},
"product_reference": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.x86_64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pgsql-1:2.3.16-3.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.aarch64"
},
"product_reference": "dovecot-pgsql-1:2.3.16-3.el8.aarch64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pgsql-1:2.3.16-3.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.ppc64le"
},
"product_reference": "dovecot-pgsql-1:2.3.16-3.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pgsql-1:2.3.16-3.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.s390x"
},
"product_reference": "dovecot-pgsql-1:2.3.16-3.el8.s390x",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pgsql-1:2.3.16-3.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.x86_64"
},
"product_reference": "dovecot-pgsql-1:2.3.16-3.el8.x86_64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.aarch64"
},
"product_reference": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.aarch64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.i686"
},
"product_reference": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.i686",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.ppc64le"
},
"product_reference": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.s390x"
},
"product_reference": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.s390x",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.x86_64"
},
"product_reference": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.x86_64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pigeonhole-1:2.3.16-3.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.aarch64"
},
"product_reference": "dovecot-pigeonhole-1:2.3.16-3.el8.aarch64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pigeonhole-1:2.3.16-3.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.ppc64le"
},
"product_reference": "dovecot-pigeonhole-1:2.3.16-3.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pigeonhole-1:2.3.16-3.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.s390x"
},
"product_reference": "dovecot-pigeonhole-1:2.3.16-3.el8.s390x",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pigeonhole-1:2.3.16-3.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.x86_64"
},
"product_reference": "dovecot-pigeonhole-1:2.3.16-3.el8.x86_64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.aarch64"
},
"product_reference": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.aarch64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.i686"
},
"product_reference": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.i686",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.ppc64le"
},
"product_reference": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.s390x"
},
"product_reference": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.s390x",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.x86_64"
},
"product_reference": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.x86_64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-1:2.3.16-3.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.aarch64"
},
"product_reference": "dovecot-1:2.3.16-3.el8.aarch64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-1:2.3.16-3.el8.i686 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.i686"
},
"product_reference": "dovecot-1:2.3.16-3.el8.i686",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-1:2.3.16-3.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.ppc64le"
},
"product_reference": "dovecot-1:2.3.16-3.el8.ppc64le",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-1:2.3.16-3.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.s390x"
},
"product_reference": "dovecot-1:2.3.16-3.el8.s390x",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-1:2.3.16-3.el8.src as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.src"
},
"product_reference": "dovecot-1:2.3.16-3.el8.src",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-1:2.3.16-3.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.x86_64"
},
"product_reference": "dovecot-1:2.3.16-3.el8.x86_64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-debuginfo-1:2.3.16-3.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.aarch64"
},
"product_reference": "dovecot-debuginfo-1:2.3.16-3.el8.aarch64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-debuginfo-1:2.3.16-3.el8.i686 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.i686"
},
"product_reference": "dovecot-debuginfo-1:2.3.16-3.el8.i686",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-debuginfo-1:2.3.16-3.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.ppc64le"
},
"product_reference": "dovecot-debuginfo-1:2.3.16-3.el8.ppc64le",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-debuginfo-1:2.3.16-3.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.s390x"
},
"product_reference": "dovecot-debuginfo-1:2.3.16-3.el8.s390x",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-debuginfo-1:2.3.16-3.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.x86_64"
},
"product_reference": "dovecot-debuginfo-1:2.3.16-3.el8.x86_64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-debugsource-1:2.3.16-3.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.aarch64"
},
"product_reference": "dovecot-debugsource-1:2.3.16-3.el8.aarch64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-debugsource-1:2.3.16-3.el8.i686 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.i686"
},
"product_reference": "dovecot-debugsource-1:2.3.16-3.el8.i686",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-debugsource-1:2.3.16-3.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.ppc64le"
},
"product_reference": "dovecot-debugsource-1:2.3.16-3.el8.ppc64le",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-debugsource-1:2.3.16-3.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.s390x"
},
"product_reference": "dovecot-debugsource-1:2.3.16-3.el8.s390x",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-debugsource-1:2.3.16-3.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.x86_64"
},
"product_reference": "dovecot-debugsource-1:2.3.16-3.el8.x86_64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-devel-1:2.3.16-3.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.aarch64"
},
"product_reference": "dovecot-devel-1:2.3.16-3.el8.aarch64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-devel-1:2.3.16-3.el8.i686 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.i686"
},
"product_reference": "dovecot-devel-1:2.3.16-3.el8.i686",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-devel-1:2.3.16-3.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.ppc64le"
},
"product_reference": "dovecot-devel-1:2.3.16-3.el8.ppc64le",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-devel-1:2.3.16-3.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.s390x"
},
"product_reference": "dovecot-devel-1:2.3.16-3.el8.s390x",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-devel-1:2.3.16-3.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.x86_64"
},
"product_reference": "dovecot-devel-1:2.3.16-3.el8.x86_64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-mysql-1:2.3.16-3.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.aarch64"
},
"product_reference": "dovecot-mysql-1:2.3.16-3.el8.aarch64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-mysql-1:2.3.16-3.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.ppc64le"
},
"product_reference": "dovecot-mysql-1:2.3.16-3.el8.ppc64le",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-mysql-1:2.3.16-3.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.s390x"
},
"product_reference": "dovecot-mysql-1:2.3.16-3.el8.s390x",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-mysql-1:2.3.16-3.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.x86_64"
},
"product_reference": "dovecot-mysql-1:2.3.16-3.el8.x86_64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.aarch64"
},
"product_reference": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.aarch64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.i686 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.i686"
},
"product_reference": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.i686",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.ppc64le"
},
"product_reference": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.ppc64le",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.s390x"
},
"product_reference": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.s390x",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.x86_64"
},
"product_reference": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.x86_64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pgsql-1:2.3.16-3.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.aarch64"
},
"product_reference": "dovecot-pgsql-1:2.3.16-3.el8.aarch64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pgsql-1:2.3.16-3.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.ppc64le"
},
"product_reference": "dovecot-pgsql-1:2.3.16-3.el8.ppc64le",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pgsql-1:2.3.16-3.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.s390x"
},
"product_reference": "dovecot-pgsql-1:2.3.16-3.el8.s390x",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pgsql-1:2.3.16-3.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.x86_64"
},
"product_reference": "dovecot-pgsql-1:2.3.16-3.el8.x86_64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.aarch64"
},
"product_reference": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.aarch64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.i686 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.i686"
},
"product_reference": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.i686",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.ppc64le"
},
"product_reference": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.ppc64le",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.s390x"
},
"product_reference": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.s390x",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.x86_64"
},
"product_reference": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.x86_64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pigeonhole-1:2.3.16-3.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.aarch64"
},
"product_reference": "dovecot-pigeonhole-1:2.3.16-3.el8.aarch64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pigeonhole-1:2.3.16-3.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.ppc64le"
},
"product_reference": "dovecot-pigeonhole-1:2.3.16-3.el8.ppc64le",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pigeonhole-1:2.3.16-3.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.s390x"
},
"product_reference": "dovecot-pigeonhole-1:2.3.16-3.el8.s390x",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pigeonhole-1:2.3.16-3.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.x86_64"
},
"product_reference": "dovecot-pigeonhole-1:2.3.16-3.el8.x86_64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.aarch64"
},
"product_reference": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.aarch64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.i686 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.i686"
},
"product_reference": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.i686",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.ppc64le"
},
"product_reference": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.ppc64le",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.s390x"
},
"product_reference": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.s390x",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.x86_64"
},
"product_reference": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.x86_64",
"relates_to_product_reference": "CRB-8.7.0.GA"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-30550",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2022-07-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2105070"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Dovecot IMAP Server. When two passdb configuration entries exist in the Dovecot configuration, which have the same driver and args settings, the incorrect username_filter and mechanism settings can be applied to passdb definitions. These incorrect settings can lead to an unintended security configuration and can permit privilege escalation with certain configurations involving a master user authentication. If the same passwd file or PAM is used for both normal and master users, an attacker could easily become a master user, potentially escalating privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "dovecot: Privilege escalation when similar master and non-master passdbs are used",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.i686",
"AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.src",
"AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.i686",
"AppStream-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.i686",
"AppStream-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.i686",
"AppStream-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.i686",
"AppStream-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.i686",
"AppStream-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.i686",
"AppStream-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.i686",
"CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.src",
"CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.i686",
"CRB-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.i686",
"CRB-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.i686",
"CRB-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.i686",
"CRB-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.i686",
"CRB-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.i686",
"CRB-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-30550"
},
{
"category": "external",
"summary": "RHBZ#2105070",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105070"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-30550",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30550"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30550",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30550"
},
{
"category": "external",
"summary": "https://dovecot.org/pipermail/dovecot-news/2022-July/000478.html",
"url": "https://dovecot.org/pipermail/dovecot-news/2022-July/000478.html"
}
],
"release_date": "2022-07-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-08T10:08:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.i686",
"AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.src",
"AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.i686",
"AppStream-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.i686",
"AppStream-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.i686",
"AppStream-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.i686",
"AppStream-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.i686",
"AppStream-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.i686",
"AppStream-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.i686",
"CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.src",
"CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.i686",
"CRB-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.i686",
"CRB-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.i686",
"CRB-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.i686",
"CRB-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.i686",
"CRB-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.i686",
"CRB-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:7623"
},
{
"category": "workaround",
"details": "Always authenticate master users from a different source than regular users, for example, use a separate passwd file. Alternatively, you can use global ACLs to ensure that only legitimate master users have privileged access.",
"product_ids": [
"AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.i686",
"AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.src",
"AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.i686",
"AppStream-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.i686",
"AppStream-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.i686",
"AppStream-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.i686",
"AppStream-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.i686",
"AppStream-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.i686",
"AppStream-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.i686",
"CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.src",
"CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.i686",
"CRB-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.i686",
"CRB-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.i686",
"CRB-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.i686",
"CRB-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.i686",
"CRB-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.i686",
"CRB-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.i686",
"AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.src",
"AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.i686",
"AppStream-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.i686",
"AppStream-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.i686",
"AppStream-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.i686",
"AppStream-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.i686",
"AppStream-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.i686",
"AppStream-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.i686",
"CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.src",
"CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.i686",
"CRB-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.i686",
"CRB-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.i686",
"CRB-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.i686",
"CRB-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.i686",
"CRB-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.i686",
"CRB-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "dovecot: Privilege escalation when similar master and non-master passdbs are used"
}
]
}
RHSA-2022:8208
Vulnerability from csaf_redhat - Published: 2022-11-15 09:45 - Updated: 2025-11-21 18:35Summary
Red Hat Security Advisory: dovecot security and enhancement update
Severity
Moderate
Notes
Topic: An update for dovecot is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages.
Security Fix(es):
* dovecot: Privilege escalation when similar master and non-master passdbs are used (CVE-2022-30550)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.1 Release Notes linked from the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A vulnerability was found in the Dovecot IMAP Server. When two passdb configuration entries exist in the Dovecot configuration, which have the same driver and args settings, the incorrect username_filter and mechanism settings can be applied to passdb definitions. These incorrect settings can lead to an unintended security configuration and can permit privilege escalation with certain configurations involving a master user authentication. If the same passwd file or PAM is used for both normal and master users, an attacker could easily become a master user, potentially escalating privileges on the system.
6.8 (Medium)
Affected products
Fixed
96 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.1.0.GA:dovecot-1:2.3.16-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:dovecot-1:2.3.16-7.el9.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:dovecot-1:2.3.16-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:dovecot-1:2.3.16-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:dovecot-1:2.3.16-7.el9.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:dovecot-1:2.3.16-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:dovecot-debuginfo-1:2.3.16-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:dovecot-debuginfo-1:2.3.16-7.el9.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:dovecot-debuginfo-1:2.3.16-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:dovecot-debuginfo-1:2.3.16-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:dovecot-debuginfo-1:2.3.16-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:dovecot-debugsource-1:2.3.16-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:dovecot-debugsource-1:2.3.16-7.el9.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:dovecot-debugsource-1:2.3.16-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:dovecot-debugsource-1:2.3.16-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:dovecot-debugsource-1:2.3.16-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:dovecot-devel-1:2.3.16-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:dovecot-devel-1:2.3.16-7.el9.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:dovecot-devel-1:2.3.16-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:dovecot-devel-1:2.3.16-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:dovecot-devel-1:2.3.16-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:dovecot-mysql-1:2.3.16-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:dovecot-mysql-1:2.3.16-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:dovecot-mysql-1:2.3.16-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:dovecot-mysql-1:2.3.16-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:dovecot-mysql-debuginfo-1:2.3.16-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:dovecot-mysql-debuginfo-1:2.3.16-7.el9.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:dovecot-mysql-debuginfo-1:2.3.16-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:dovecot-mysql-debuginfo-1:2.3.16-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:dovecot-mysql-debuginfo-1:2.3.16-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:dovecot-pgsql-1:2.3.16-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:dovecot-pgsql-1:2.3.16-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:dovecot-pgsql-1:2.3.16-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:dovecot-pgsql-1:2.3.16-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-7.el9.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:dovecot-pigeonhole-1:2.3.16-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:dovecot-pigeonhole-1:2.3.16-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:dovecot-pigeonhole-1:2.3.16-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:dovecot-pigeonhole-1:2.3.16-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.1.0.GA:dovecot-1:2.3.16-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.1.0.GA:dovecot-1:2.3.16-7.el9.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.1.0.GA:dovecot-1:2.3.16-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.1.0.GA:dovecot-1:2.3.16-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.1.0.GA:dovecot-1:2.3.16-7.el9.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.1.0.GA:dovecot-1:2.3.16-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.1.0.GA:dovecot-debuginfo-1:2.3.16-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.1.0.GA:dovecot-debuginfo-1:2.3.16-7.el9.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.1.0.GA:dovecot-debuginfo-1:2.3.16-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.1.0.GA:dovecot-debuginfo-1:2.3.16-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.1.0.GA:dovecot-debuginfo-1:2.3.16-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.1.0.GA:dovecot-debugsource-1:2.3.16-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.1.0.GA:dovecot-debugsource-1:2.3.16-7.el9.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.1.0.GA:dovecot-debugsource-1:2.3.16-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.1.0.GA:dovecot-debugsource-1:2.3.16-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.1.0.GA:dovecot-debugsource-1:2.3.16-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.1.0.GA:dovecot-devel-1:2.3.16-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.1.0.GA:dovecot-devel-1:2.3.16-7.el9.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.1.0.GA:dovecot-devel-1:2.3.16-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.1.0.GA:dovecot-devel-1:2.3.16-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.1.0.GA:dovecot-devel-1:2.3.16-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.1.0.GA:dovecot-mysql-1:2.3.16-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.1.0.GA:dovecot-mysql-1:2.3.16-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.1.0.GA:dovecot-mysql-1:2.3.16-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.1.0.GA:dovecot-mysql-1:2.3.16-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.1.0.GA:dovecot-mysql-debuginfo-1:2.3.16-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.1.0.GA:dovecot-mysql-debuginfo-1:2.3.16-7.el9.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.1.0.GA:dovecot-mysql-debuginfo-1:2.3.16-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.1.0.GA:dovecot-mysql-debuginfo-1:2.3.16-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.1.0.GA:dovecot-mysql-debuginfo-1:2.3.16-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.1.0.GA:dovecot-pgsql-1:2.3.16-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.1.0.GA:dovecot-pgsql-1:2.3.16-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.1.0.GA:dovecot-pgsql-1:2.3.16-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.1.0.GA:dovecot-pgsql-1:2.3.16-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.1.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.1.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-7.el9.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.1.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.1.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.1.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.1.0.GA:dovecot-pigeonhole-1:2.3.16-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.1.0.GA:dovecot-pigeonhole-1:2.3.16-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.1.0.GA:dovecot-pigeonhole-1:2.3.16-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.1.0.GA:dovecot-pigeonhole-1:2.3.16-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.1.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.1.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.1.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.1.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.1.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
12 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for dovecot is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. \n\nSecurity Fix(es):\n\n* dovecot: Privilege escalation when similar master and non-master passdbs are used (CVE-2022-30550)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 9.1 Release Notes linked from the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:8208",
"url": "https://access.redhat.com/errata/RHSA-2022:8208"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.1_release_notes/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.1_release_notes/index"
},
{
"category": "external",
"summary": "2053368",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053368"
},
{
"category": "external",
"summary": "2095399",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095399"
},
{
"category": "external",
"summary": "2105070",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105070"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_8208.json"
}
],
"title": "Red Hat Security Advisory: dovecot security and enhancement update",
"tracking": {
"current_release_date": "2025-11-21T18:35:00+00:00",
"generator": {
"date": "2025-11-21T18:35:00+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2022:8208",
"initial_release_date": "2022-11-15T09:45:44+00:00",
"revision_history": [
{
"date": "2022-11-15T09:45:44+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-11-15T09:45:44+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:35:00+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat CodeReady Linux Builder (v. 9)",
"product": {
"name": "Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.1.0.GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::crb"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "dovecot-1:2.3.16-7.el9.src",
"product": {
"name": "dovecot-1:2.3.16-7.el9.src",
"product_id": "dovecot-1:2.3.16-7.el9.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot@2.3.16-7.el9?arch=src\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "dovecot-1:2.3.16-7.el9.aarch64",
"product": {
"name": "dovecot-1:2.3.16-7.el9.aarch64",
"product_id": "dovecot-1:2.3.16-7.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot@2.3.16-7.el9?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-mysql-1:2.3.16-7.el9.aarch64",
"product": {
"name": "dovecot-mysql-1:2.3.16-7.el9.aarch64",
"product_id": "dovecot-mysql-1:2.3.16-7.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-mysql@2.3.16-7.el9?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-pgsql-1:2.3.16-7.el9.aarch64",
"product": {
"name": "dovecot-pgsql-1:2.3.16-7.el9.aarch64",
"product_id": "dovecot-pgsql-1:2.3.16-7.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-pgsql@2.3.16-7.el9?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-pigeonhole-1:2.3.16-7.el9.aarch64",
"product": {
"name": "dovecot-pigeonhole-1:2.3.16-7.el9.aarch64",
"product_id": "dovecot-pigeonhole-1:2.3.16-7.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-pigeonhole@2.3.16-7.el9?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-debugsource-1:2.3.16-7.el9.aarch64",
"product": {
"name": "dovecot-debugsource-1:2.3.16-7.el9.aarch64",
"product_id": "dovecot-debugsource-1:2.3.16-7.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-debugsource@2.3.16-7.el9?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-debuginfo-1:2.3.16-7.el9.aarch64",
"product": {
"name": "dovecot-debuginfo-1:2.3.16-7.el9.aarch64",
"product_id": "dovecot-debuginfo-1:2.3.16-7.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-debuginfo@2.3.16-7.el9?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-mysql-debuginfo-1:2.3.16-7.el9.aarch64",
"product": {
"name": "dovecot-mysql-debuginfo-1:2.3.16-7.el9.aarch64",
"product_id": "dovecot-mysql-debuginfo-1:2.3.16-7.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-mysql-debuginfo@2.3.16-7.el9?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-pgsql-debuginfo-1:2.3.16-7.el9.aarch64",
"product": {
"name": "dovecot-pgsql-debuginfo-1:2.3.16-7.el9.aarch64",
"product_id": "dovecot-pgsql-debuginfo-1:2.3.16-7.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-pgsql-debuginfo@2.3.16-7.el9?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.aarch64",
"product": {
"name": "dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.aarch64",
"product_id": "dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-pigeonhole-debuginfo@2.3.16-7.el9?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-devel-1:2.3.16-7.el9.aarch64",
"product": {
"name": "dovecot-devel-1:2.3.16-7.el9.aarch64",
"product_id": "dovecot-devel-1:2.3.16-7.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-devel@2.3.16-7.el9?arch=aarch64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "dovecot-1:2.3.16-7.el9.ppc64le",
"product": {
"name": "dovecot-1:2.3.16-7.el9.ppc64le",
"product_id": "dovecot-1:2.3.16-7.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot@2.3.16-7.el9?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-mysql-1:2.3.16-7.el9.ppc64le",
"product": {
"name": "dovecot-mysql-1:2.3.16-7.el9.ppc64le",
"product_id": "dovecot-mysql-1:2.3.16-7.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-mysql@2.3.16-7.el9?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-pgsql-1:2.3.16-7.el9.ppc64le",
"product": {
"name": "dovecot-pgsql-1:2.3.16-7.el9.ppc64le",
"product_id": "dovecot-pgsql-1:2.3.16-7.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-pgsql@2.3.16-7.el9?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-pigeonhole-1:2.3.16-7.el9.ppc64le",
"product": {
"name": "dovecot-pigeonhole-1:2.3.16-7.el9.ppc64le",
"product_id": "dovecot-pigeonhole-1:2.3.16-7.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-pigeonhole@2.3.16-7.el9?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-debugsource-1:2.3.16-7.el9.ppc64le",
"product": {
"name": "dovecot-debugsource-1:2.3.16-7.el9.ppc64le",
"product_id": "dovecot-debugsource-1:2.3.16-7.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-debugsource@2.3.16-7.el9?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-debuginfo-1:2.3.16-7.el9.ppc64le",
"product": {
"name": "dovecot-debuginfo-1:2.3.16-7.el9.ppc64le",
"product_id": "dovecot-debuginfo-1:2.3.16-7.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-debuginfo@2.3.16-7.el9?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-mysql-debuginfo-1:2.3.16-7.el9.ppc64le",
"product": {
"name": "dovecot-mysql-debuginfo-1:2.3.16-7.el9.ppc64le",
"product_id": "dovecot-mysql-debuginfo-1:2.3.16-7.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-mysql-debuginfo@2.3.16-7.el9?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-pgsql-debuginfo-1:2.3.16-7.el9.ppc64le",
"product": {
"name": "dovecot-pgsql-debuginfo-1:2.3.16-7.el9.ppc64le",
"product_id": "dovecot-pgsql-debuginfo-1:2.3.16-7.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-pgsql-debuginfo@2.3.16-7.el9?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.ppc64le",
"product": {
"name": "dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.ppc64le",
"product_id": "dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-pigeonhole-debuginfo@2.3.16-7.el9?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-devel-1:2.3.16-7.el9.ppc64le",
"product": {
"name": "dovecot-devel-1:2.3.16-7.el9.ppc64le",
"product_id": "dovecot-devel-1:2.3.16-7.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-devel@2.3.16-7.el9?arch=ppc64le\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "dovecot-1:2.3.16-7.el9.x86_64",
"product": {
"name": "dovecot-1:2.3.16-7.el9.x86_64",
"product_id": "dovecot-1:2.3.16-7.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot@2.3.16-7.el9?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-mysql-1:2.3.16-7.el9.x86_64",
"product": {
"name": "dovecot-mysql-1:2.3.16-7.el9.x86_64",
"product_id": "dovecot-mysql-1:2.3.16-7.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-mysql@2.3.16-7.el9?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-pgsql-1:2.3.16-7.el9.x86_64",
"product": {
"name": "dovecot-pgsql-1:2.3.16-7.el9.x86_64",
"product_id": "dovecot-pgsql-1:2.3.16-7.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-pgsql@2.3.16-7.el9?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-pigeonhole-1:2.3.16-7.el9.x86_64",
"product": {
"name": "dovecot-pigeonhole-1:2.3.16-7.el9.x86_64",
"product_id": "dovecot-pigeonhole-1:2.3.16-7.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-pigeonhole@2.3.16-7.el9?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-debugsource-1:2.3.16-7.el9.x86_64",
"product": {
"name": "dovecot-debugsource-1:2.3.16-7.el9.x86_64",
"product_id": "dovecot-debugsource-1:2.3.16-7.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-debugsource@2.3.16-7.el9?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-debuginfo-1:2.3.16-7.el9.x86_64",
"product": {
"name": "dovecot-debuginfo-1:2.3.16-7.el9.x86_64",
"product_id": "dovecot-debuginfo-1:2.3.16-7.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-debuginfo@2.3.16-7.el9?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-mysql-debuginfo-1:2.3.16-7.el9.x86_64",
"product": {
"name": "dovecot-mysql-debuginfo-1:2.3.16-7.el9.x86_64",
"product_id": "dovecot-mysql-debuginfo-1:2.3.16-7.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-mysql-debuginfo@2.3.16-7.el9?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-pgsql-debuginfo-1:2.3.16-7.el9.x86_64",
"product": {
"name": "dovecot-pgsql-debuginfo-1:2.3.16-7.el9.x86_64",
"product_id": "dovecot-pgsql-debuginfo-1:2.3.16-7.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-pgsql-debuginfo@2.3.16-7.el9?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.x86_64",
"product": {
"name": "dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.x86_64",
"product_id": "dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-pigeonhole-debuginfo@2.3.16-7.el9?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-devel-1:2.3.16-7.el9.x86_64",
"product": {
"name": "dovecot-devel-1:2.3.16-7.el9.x86_64",
"product_id": "dovecot-devel-1:2.3.16-7.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-devel@2.3.16-7.el9?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "dovecot-1:2.3.16-7.el9.s390x",
"product": {
"name": "dovecot-1:2.3.16-7.el9.s390x",
"product_id": "dovecot-1:2.3.16-7.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot@2.3.16-7.el9?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-mysql-1:2.3.16-7.el9.s390x",
"product": {
"name": "dovecot-mysql-1:2.3.16-7.el9.s390x",
"product_id": "dovecot-mysql-1:2.3.16-7.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-mysql@2.3.16-7.el9?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-pgsql-1:2.3.16-7.el9.s390x",
"product": {
"name": "dovecot-pgsql-1:2.3.16-7.el9.s390x",
"product_id": "dovecot-pgsql-1:2.3.16-7.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-pgsql@2.3.16-7.el9?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-pigeonhole-1:2.3.16-7.el9.s390x",
"product": {
"name": "dovecot-pigeonhole-1:2.3.16-7.el9.s390x",
"product_id": "dovecot-pigeonhole-1:2.3.16-7.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-pigeonhole@2.3.16-7.el9?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-debugsource-1:2.3.16-7.el9.s390x",
"product": {
"name": "dovecot-debugsource-1:2.3.16-7.el9.s390x",
"product_id": "dovecot-debugsource-1:2.3.16-7.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-debugsource@2.3.16-7.el9?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-debuginfo-1:2.3.16-7.el9.s390x",
"product": {
"name": "dovecot-debuginfo-1:2.3.16-7.el9.s390x",
"product_id": "dovecot-debuginfo-1:2.3.16-7.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-debuginfo@2.3.16-7.el9?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-mysql-debuginfo-1:2.3.16-7.el9.s390x",
"product": {
"name": "dovecot-mysql-debuginfo-1:2.3.16-7.el9.s390x",
"product_id": "dovecot-mysql-debuginfo-1:2.3.16-7.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-mysql-debuginfo@2.3.16-7.el9?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-pgsql-debuginfo-1:2.3.16-7.el9.s390x",
"product": {
"name": "dovecot-pgsql-debuginfo-1:2.3.16-7.el9.s390x",
"product_id": "dovecot-pgsql-debuginfo-1:2.3.16-7.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-pgsql-debuginfo@2.3.16-7.el9?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.s390x",
"product": {
"name": "dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.s390x",
"product_id": "dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-pigeonhole-debuginfo@2.3.16-7.el9?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-devel-1:2.3.16-7.el9.s390x",
"product": {
"name": "dovecot-devel-1:2.3.16-7.el9.s390x",
"product_id": "dovecot-devel-1:2.3.16-7.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-devel@2.3.16-7.el9?arch=s390x\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "dovecot-1:2.3.16-7.el9.i686",
"product": {
"name": "dovecot-1:2.3.16-7.el9.i686",
"product_id": "dovecot-1:2.3.16-7.el9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot@2.3.16-7.el9?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-devel-1:2.3.16-7.el9.i686",
"product": {
"name": "dovecot-devel-1:2.3.16-7.el9.i686",
"product_id": "dovecot-devel-1:2.3.16-7.el9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-devel@2.3.16-7.el9?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-debugsource-1:2.3.16-7.el9.i686",
"product": {
"name": "dovecot-debugsource-1:2.3.16-7.el9.i686",
"product_id": "dovecot-debugsource-1:2.3.16-7.el9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-debugsource@2.3.16-7.el9?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-debuginfo-1:2.3.16-7.el9.i686",
"product": {
"name": "dovecot-debuginfo-1:2.3.16-7.el9.i686",
"product_id": "dovecot-debuginfo-1:2.3.16-7.el9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-debuginfo@2.3.16-7.el9?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-mysql-debuginfo-1:2.3.16-7.el9.i686",
"product": {
"name": "dovecot-mysql-debuginfo-1:2.3.16-7.el9.i686",
"product_id": "dovecot-mysql-debuginfo-1:2.3.16-7.el9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-mysql-debuginfo@2.3.16-7.el9?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-pgsql-debuginfo-1:2.3.16-7.el9.i686",
"product": {
"name": "dovecot-pgsql-debuginfo-1:2.3.16-7.el9.i686",
"product_id": "dovecot-pgsql-debuginfo-1:2.3.16-7.el9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-pgsql-debuginfo@2.3.16-7.el9?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.i686",
"product": {
"name": "dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.i686",
"product_id": "dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-pigeonhole-debuginfo@2.3.16-7.el9?arch=i686\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "i686"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-1:2.3.16-7.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:dovecot-1:2.3.16-7.el9.aarch64"
},
"product_reference": "dovecot-1:2.3.16-7.el9.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-1:2.3.16-7.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:dovecot-1:2.3.16-7.el9.i686"
},
"product_reference": "dovecot-1:2.3.16-7.el9.i686",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-1:2.3.16-7.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:dovecot-1:2.3.16-7.el9.ppc64le"
},
"product_reference": "dovecot-1:2.3.16-7.el9.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-1:2.3.16-7.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:dovecot-1:2.3.16-7.el9.s390x"
},
"product_reference": "dovecot-1:2.3.16-7.el9.s390x",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-1:2.3.16-7.el9.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:dovecot-1:2.3.16-7.el9.src"
},
"product_reference": "dovecot-1:2.3.16-7.el9.src",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-1:2.3.16-7.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:dovecot-1:2.3.16-7.el9.x86_64"
},
"product_reference": "dovecot-1:2.3.16-7.el9.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-debuginfo-1:2.3.16-7.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:dovecot-debuginfo-1:2.3.16-7.el9.aarch64"
},
"product_reference": "dovecot-debuginfo-1:2.3.16-7.el9.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-debuginfo-1:2.3.16-7.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:dovecot-debuginfo-1:2.3.16-7.el9.i686"
},
"product_reference": "dovecot-debuginfo-1:2.3.16-7.el9.i686",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-debuginfo-1:2.3.16-7.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:dovecot-debuginfo-1:2.3.16-7.el9.ppc64le"
},
"product_reference": "dovecot-debuginfo-1:2.3.16-7.el9.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-debuginfo-1:2.3.16-7.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:dovecot-debuginfo-1:2.3.16-7.el9.s390x"
},
"product_reference": "dovecot-debuginfo-1:2.3.16-7.el9.s390x",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-debuginfo-1:2.3.16-7.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:dovecot-debuginfo-1:2.3.16-7.el9.x86_64"
},
"product_reference": "dovecot-debuginfo-1:2.3.16-7.el9.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-debugsource-1:2.3.16-7.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:dovecot-debugsource-1:2.3.16-7.el9.aarch64"
},
"product_reference": "dovecot-debugsource-1:2.3.16-7.el9.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-debugsource-1:2.3.16-7.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:dovecot-debugsource-1:2.3.16-7.el9.i686"
},
"product_reference": "dovecot-debugsource-1:2.3.16-7.el9.i686",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-debugsource-1:2.3.16-7.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:dovecot-debugsource-1:2.3.16-7.el9.ppc64le"
},
"product_reference": "dovecot-debugsource-1:2.3.16-7.el9.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-debugsource-1:2.3.16-7.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:dovecot-debugsource-1:2.3.16-7.el9.s390x"
},
"product_reference": "dovecot-debugsource-1:2.3.16-7.el9.s390x",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-debugsource-1:2.3.16-7.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:dovecot-debugsource-1:2.3.16-7.el9.x86_64"
},
"product_reference": "dovecot-debugsource-1:2.3.16-7.el9.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-devel-1:2.3.16-7.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:dovecot-devel-1:2.3.16-7.el9.aarch64"
},
"product_reference": "dovecot-devel-1:2.3.16-7.el9.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-devel-1:2.3.16-7.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:dovecot-devel-1:2.3.16-7.el9.i686"
},
"product_reference": "dovecot-devel-1:2.3.16-7.el9.i686",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-devel-1:2.3.16-7.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:dovecot-devel-1:2.3.16-7.el9.ppc64le"
},
"product_reference": "dovecot-devel-1:2.3.16-7.el9.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-devel-1:2.3.16-7.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:dovecot-devel-1:2.3.16-7.el9.s390x"
},
"product_reference": "dovecot-devel-1:2.3.16-7.el9.s390x",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-devel-1:2.3.16-7.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:dovecot-devel-1:2.3.16-7.el9.x86_64"
},
"product_reference": "dovecot-devel-1:2.3.16-7.el9.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-mysql-1:2.3.16-7.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:dovecot-mysql-1:2.3.16-7.el9.aarch64"
},
"product_reference": "dovecot-mysql-1:2.3.16-7.el9.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-mysql-1:2.3.16-7.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:dovecot-mysql-1:2.3.16-7.el9.ppc64le"
},
"product_reference": "dovecot-mysql-1:2.3.16-7.el9.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-mysql-1:2.3.16-7.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:dovecot-mysql-1:2.3.16-7.el9.s390x"
},
"product_reference": "dovecot-mysql-1:2.3.16-7.el9.s390x",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-mysql-1:2.3.16-7.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:dovecot-mysql-1:2.3.16-7.el9.x86_64"
},
"product_reference": "dovecot-mysql-1:2.3.16-7.el9.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-mysql-debuginfo-1:2.3.16-7.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:dovecot-mysql-debuginfo-1:2.3.16-7.el9.aarch64"
},
"product_reference": "dovecot-mysql-debuginfo-1:2.3.16-7.el9.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-mysql-debuginfo-1:2.3.16-7.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:dovecot-mysql-debuginfo-1:2.3.16-7.el9.i686"
},
"product_reference": "dovecot-mysql-debuginfo-1:2.3.16-7.el9.i686",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-mysql-debuginfo-1:2.3.16-7.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:dovecot-mysql-debuginfo-1:2.3.16-7.el9.ppc64le"
},
"product_reference": "dovecot-mysql-debuginfo-1:2.3.16-7.el9.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-mysql-debuginfo-1:2.3.16-7.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:dovecot-mysql-debuginfo-1:2.3.16-7.el9.s390x"
},
"product_reference": "dovecot-mysql-debuginfo-1:2.3.16-7.el9.s390x",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-mysql-debuginfo-1:2.3.16-7.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:dovecot-mysql-debuginfo-1:2.3.16-7.el9.x86_64"
},
"product_reference": "dovecot-mysql-debuginfo-1:2.3.16-7.el9.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pgsql-1:2.3.16-7.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:dovecot-pgsql-1:2.3.16-7.el9.aarch64"
},
"product_reference": "dovecot-pgsql-1:2.3.16-7.el9.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pgsql-1:2.3.16-7.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:dovecot-pgsql-1:2.3.16-7.el9.ppc64le"
},
"product_reference": "dovecot-pgsql-1:2.3.16-7.el9.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pgsql-1:2.3.16-7.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:dovecot-pgsql-1:2.3.16-7.el9.s390x"
},
"product_reference": "dovecot-pgsql-1:2.3.16-7.el9.s390x",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pgsql-1:2.3.16-7.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:dovecot-pgsql-1:2.3.16-7.el9.x86_64"
},
"product_reference": "dovecot-pgsql-1:2.3.16-7.el9.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pgsql-debuginfo-1:2.3.16-7.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-7.el9.aarch64"
},
"product_reference": "dovecot-pgsql-debuginfo-1:2.3.16-7.el9.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pgsql-debuginfo-1:2.3.16-7.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-7.el9.i686"
},
"product_reference": "dovecot-pgsql-debuginfo-1:2.3.16-7.el9.i686",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pgsql-debuginfo-1:2.3.16-7.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-7.el9.ppc64le"
},
"product_reference": "dovecot-pgsql-debuginfo-1:2.3.16-7.el9.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pgsql-debuginfo-1:2.3.16-7.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-7.el9.s390x"
},
"product_reference": "dovecot-pgsql-debuginfo-1:2.3.16-7.el9.s390x",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pgsql-debuginfo-1:2.3.16-7.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-7.el9.x86_64"
},
"product_reference": "dovecot-pgsql-debuginfo-1:2.3.16-7.el9.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pigeonhole-1:2.3.16-7.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:dovecot-pigeonhole-1:2.3.16-7.el9.aarch64"
},
"product_reference": "dovecot-pigeonhole-1:2.3.16-7.el9.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pigeonhole-1:2.3.16-7.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:dovecot-pigeonhole-1:2.3.16-7.el9.ppc64le"
},
"product_reference": "dovecot-pigeonhole-1:2.3.16-7.el9.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pigeonhole-1:2.3.16-7.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:dovecot-pigeonhole-1:2.3.16-7.el9.s390x"
},
"product_reference": "dovecot-pigeonhole-1:2.3.16-7.el9.s390x",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pigeonhole-1:2.3.16-7.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:dovecot-pigeonhole-1:2.3.16-7.el9.x86_64"
},
"product_reference": "dovecot-pigeonhole-1:2.3.16-7.el9.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.aarch64"
},
"product_reference": "dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.i686"
},
"product_reference": "dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.i686",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.ppc64le"
},
"product_reference": "dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.s390x"
},
"product_reference": "dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.s390x",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.x86_64"
},
"product_reference": "dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-1:2.3.16-7.el9.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.1.0.GA:dovecot-1:2.3.16-7.el9.aarch64"
},
"product_reference": "dovecot-1:2.3.16-7.el9.aarch64",
"relates_to_product_reference": "CRB-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-1:2.3.16-7.el9.i686 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.1.0.GA:dovecot-1:2.3.16-7.el9.i686"
},
"product_reference": "dovecot-1:2.3.16-7.el9.i686",
"relates_to_product_reference": "CRB-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-1:2.3.16-7.el9.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.1.0.GA:dovecot-1:2.3.16-7.el9.ppc64le"
},
"product_reference": "dovecot-1:2.3.16-7.el9.ppc64le",
"relates_to_product_reference": "CRB-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-1:2.3.16-7.el9.s390x as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.1.0.GA:dovecot-1:2.3.16-7.el9.s390x"
},
"product_reference": "dovecot-1:2.3.16-7.el9.s390x",
"relates_to_product_reference": "CRB-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-1:2.3.16-7.el9.src as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.1.0.GA:dovecot-1:2.3.16-7.el9.src"
},
"product_reference": "dovecot-1:2.3.16-7.el9.src",
"relates_to_product_reference": "CRB-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-1:2.3.16-7.el9.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.1.0.GA:dovecot-1:2.3.16-7.el9.x86_64"
},
"product_reference": "dovecot-1:2.3.16-7.el9.x86_64",
"relates_to_product_reference": "CRB-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-debuginfo-1:2.3.16-7.el9.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.1.0.GA:dovecot-debuginfo-1:2.3.16-7.el9.aarch64"
},
"product_reference": "dovecot-debuginfo-1:2.3.16-7.el9.aarch64",
"relates_to_product_reference": "CRB-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-debuginfo-1:2.3.16-7.el9.i686 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.1.0.GA:dovecot-debuginfo-1:2.3.16-7.el9.i686"
},
"product_reference": "dovecot-debuginfo-1:2.3.16-7.el9.i686",
"relates_to_product_reference": "CRB-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-debuginfo-1:2.3.16-7.el9.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.1.0.GA:dovecot-debuginfo-1:2.3.16-7.el9.ppc64le"
},
"product_reference": "dovecot-debuginfo-1:2.3.16-7.el9.ppc64le",
"relates_to_product_reference": "CRB-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-debuginfo-1:2.3.16-7.el9.s390x as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.1.0.GA:dovecot-debuginfo-1:2.3.16-7.el9.s390x"
},
"product_reference": "dovecot-debuginfo-1:2.3.16-7.el9.s390x",
"relates_to_product_reference": "CRB-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-debuginfo-1:2.3.16-7.el9.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.1.0.GA:dovecot-debuginfo-1:2.3.16-7.el9.x86_64"
},
"product_reference": "dovecot-debuginfo-1:2.3.16-7.el9.x86_64",
"relates_to_product_reference": "CRB-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-debugsource-1:2.3.16-7.el9.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.1.0.GA:dovecot-debugsource-1:2.3.16-7.el9.aarch64"
},
"product_reference": "dovecot-debugsource-1:2.3.16-7.el9.aarch64",
"relates_to_product_reference": "CRB-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-debugsource-1:2.3.16-7.el9.i686 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.1.0.GA:dovecot-debugsource-1:2.3.16-7.el9.i686"
},
"product_reference": "dovecot-debugsource-1:2.3.16-7.el9.i686",
"relates_to_product_reference": "CRB-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-debugsource-1:2.3.16-7.el9.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.1.0.GA:dovecot-debugsource-1:2.3.16-7.el9.ppc64le"
},
"product_reference": "dovecot-debugsource-1:2.3.16-7.el9.ppc64le",
"relates_to_product_reference": "CRB-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-debugsource-1:2.3.16-7.el9.s390x as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.1.0.GA:dovecot-debugsource-1:2.3.16-7.el9.s390x"
},
"product_reference": "dovecot-debugsource-1:2.3.16-7.el9.s390x",
"relates_to_product_reference": "CRB-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-debugsource-1:2.3.16-7.el9.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.1.0.GA:dovecot-debugsource-1:2.3.16-7.el9.x86_64"
},
"product_reference": "dovecot-debugsource-1:2.3.16-7.el9.x86_64",
"relates_to_product_reference": "CRB-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-devel-1:2.3.16-7.el9.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.1.0.GA:dovecot-devel-1:2.3.16-7.el9.aarch64"
},
"product_reference": "dovecot-devel-1:2.3.16-7.el9.aarch64",
"relates_to_product_reference": "CRB-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-devel-1:2.3.16-7.el9.i686 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.1.0.GA:dovecot-devel-1:2.3.16-7.el9.i686"
},
"product_reference": "dovecot-devel-1:2.3.16-7.el9.i686",
"relates_to_product_reference": "CRB-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-devel-1:2.3.16-7.el9.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.1.0.GA:dovecot-devel-1:2.3.16-7.el9.ppc64le"
},
"product_reference": "dovecot-devel-1:2.3.16-7.el9.ppc64le",
"relates_to_product_reference": "CRB-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-devel-1:2.3.16-7.el9.s390x as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.1.0.GA:dovecot-devel-1:2.3.16-7.el9.s390x"
},
"product_reference": "dovecot-devel-1:2.3.16-7.el9.s390x",
"relates_to_product_reference": "CRB-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-devel-1:2.3.16-7.el9.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.1.0.GA:dovecot-devel-1:2.3.16-7.el9.x86_64"
},
"product_reference": "dovecot-devel-1:2.3.16-7.el9.x86_64",
"relates_to_product_reference": "CRB-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-mysql-1:2.3.16-7.el9.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.1.0.GA:dovecot-mysql-1:2.3.16-7.el9.aarch64"
},
"product_reference": "dovecot-mysql-1:2.3.16-7.el9.aarch64",
"relates_to_product_reference": "CRB-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-mysql-1:2.3.16-7.el9.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.1.0.GA:dovecot-mysql-1:2.3.16-7.el9.ppc64le"
},
"product_reference": "dovecot-mysql-1:2.3.16-7.el9.ppc64le",
"relates_to_product_reference": "CRB-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-mysql-1:2.3.16-7.el9.s390x as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.1.0.GA:dovecot-mysql-1:2.3.16-7.el9.s390x"
},
"product_reference": "dovecot-mysql-1:2.3.16-7.el9.s390x",
"relates_to_product_reference": "CRB-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-mysql-1:2.3.16-7.el9.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.1.0.GA:dovecot-mysql-1:2.3.16-7.el9.x86_64"
},
"product_reference": "dovecot-mysql-1:2.3.16-7.el9.x86_64",
"relates_to_product_reference": "CRB-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-mysql-debuginfo-1:2.3.16-7.el9.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.1.0.GA:dovecot-mysql-debuginfo-1:2.3.16-7.el9.aarch64"
},
"product_reference": "dovecot-mysql-debuginfo-1:2.3.16-7.el9.aarch64",
"relates_to_product_reference": "CRB-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-mysql-debuginfo-1:2.3.16-7.el9.i686 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.1.0.GA:dovecot-mysql-debuginfo-1:2.3.16-7.el9.i686"
},
"product_reference": "dovecot-mysql-debuginfo-1:2.3.16-7.el9.i686",
"relates_to_product_reference": "CRB-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-mysql-debuginfo-1:2.3.16-7.el9.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.1.0.GA:dovecot-mysql-debuginfo-1:2.3.16-7.el9.ppc64le"
},
"product_reference": "dovecot-mysql-debuginfo-1:2.3.16-7.el9.ppc64le",
"relates_to_product_reference": "CRB-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-mysql-debuginfo-1:2.3.16-7.el9.s390x as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.1.0.GA:dovecot-mysql-debuginfo-1:2.3.16-7.el9.s390x"
},
"product_reference": "dovecot-mysql-debuginfo-1:2.3.16-7.el9.s390x",
"relates_to_product_reference": "CRB-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-mysql-debuginfo-1:2.3.16-7.el9.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.1.0.GA:dovecot-mysql-debuginfo-1:2.3.16-7.el9.x86_64"
},
"product_reference": "dovecot-mysql-debuginfo-1:2.3.16-7.el9.x86_64",
"relates_to_product_reference": "CRB-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pgsql-1:2.3.16-7.el9.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.1.0.GA:dovecot-pgsql-1:2.3.16-7.el9.aarch64"
},
"product_reference": "dovecot-pgsql-1:2.3.16-7.el9.aarch64",
"relates_to_product_reference": "CRB-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pgsql-1:2.3.16-7.el9.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.1.0.GA:dovecot-pgsql-1:2.3.16-7.el9.ppc64le"
},
"product_reference": "dovecot-pgsql-1:2.3.16-7.el9.ppc64le",
"relates_to_product_reference": "CRB-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pgsql-1:2.3.16-7.el9.s390x as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.1.0.GA:dovecot-pgsql-1:2.3.16-7.el9.s390x"
},
"product_reference": "dovecot-pgsql-1:2.3.16-7.el9.s390x",
"relates_to_product_reference": "CRB-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pgsql-1:2.3.16-7.el9.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.1.0.GA:dovecot-pgsql-1:2.3.16-7.el9.x86_64"
},
"product_reference": "dovecot-pgsql-1:2.3.16-7.el9.x86_64",
"relates_to_product_reference": "CRB-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pgsql-debuginfo-1:2.3.16-7.el9.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.1.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-7.el9.aarch64"
},
"product_reference": "dovecot-pgsql-debuginfo-1:2.3.16-7.el9.aarch64",
"relates_to_product_reference": "CRB-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pgsql-debuginfo-1:2.3.16-7.el9.i686 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.1.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-7.el9.i686"
},
"product_reference": "dovecot-pgsql-debuginfo-1:2.3.16-7.el9.i686",
"relates_to_product_reference": "CRB-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pgsql-debuginfo-1:2.3.16-7.el9.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.1.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-7.el9.ppc64le"
},
"product_reference": "dovecot-pgsql-debuginfo-1:2.3.16-7.el9.ppc64le",
"relates_to_product_reference": "CRB-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pgsql-debuginfo-1:2.3.16-7.el9.s390x as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.1.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-7.el9.s390x"
},
"product_reference": "dovecot-pgsql-debuginfo-1:2.3.16-7.el9.s390x",
"relates_to_product_reference": "CRB-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pgsql-debuginfo-1:2.3.16-7.el9.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.1.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-7.el9.x86_64"
},
"product_reference": "dovecot-pgsql-debuginfo-1:2.3.16-7.el9.x86_64",
"relates_to_product_reference": "CRB-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pigeonhole-1:2.3.16-7.el9.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.1.0.GA:dovecot-pigeonhole-1:2.3.16-7.el9.aarch64"
},
"product_reference": "dovecot-pigeonhole-1:2.3.16-7.el9.aarch64",
"relates_to_product_reference": "CRB-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pigeonhole-1:2.3.16-7.el9.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.1.0.GA:dovecot-pigeonhole-1:2.3.16-7.el9.ppc64le"
},
"product_reference": "dovecot-pigeonhole-1:2.3.16-7.el9.ppc64le",
"relates_to_product_reference": "CRB-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pigeonhole-1:2.3.16-7.el9.s390x as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.1.0.GA:dovecot-pigeonhole-1:2.3.16-7.el9.s390x"
},
"product_reference": "dovecot-pigeonhole-1:2.3.16-7.el9.s390x",
"relates_to_product_reference": "CRB-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pigeonhole-1:2.3.16-7.el9.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.1.0.GA:dovecot-pigeonhole-1:2.3.16-7.el9.x86_64"
},
"product_reference": "dovecot-pigeonhole-1:2.3.16-7.el9.x86_64",
"relates_to_product_reference": "CRB-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.1.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.aarch64"
},
"product_reference": "dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.aarch64",
"relates_to_product_reference": "CRB-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.i686 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.1.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.i686"
},
"product_reference": "dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.i686",
"relates_to_product_reference": "CRB-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.1.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.ppc64le"
},
"product_reference": "dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.ppc64le",
"relates_to_product_reference": "CRB-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.s390x as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.1.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.s390x"
},
"product_reference": "dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.s390x",
"relates_to_product_reference": "CRB-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.1.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.x86_64"
},
"product_reference": "dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.x86_64",
"relates_to_product_reference": "CRB-9.1.0.GA"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-30550",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2022-07-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2105070"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Dovecot IMAP Server. When two passdb configuration entries exist in the Dovecot configuration, which have the same driver and args settings, the incorrect username_filter and mechanism settings can be applied to passdb definitions. These incorrect settings can lead to an unintended security configuration and can permit privilege escalation with certain configurations involving a master user authentication. If the same passwd file or PAM is used for both normal and master users, an attacker could easily become a master user, potentially escalating privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "dovecot: Privilege escalation when similar master and non-master passdbs are used",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.GA:dovecot-1:2.3.16-7.el9.aarch64",
"AppStream-9.1.0.GA:dovecot-1:2.3.16-7.el9.i686",
"AppStream-9.1.0.GA:dovecot-1:2.3.16-7.el9.ppc64le",
"AppStream-9.1.0.GA:dovecot-1:2.3.16-7.el9.s390x",
"AppStream-9.1.0.GA:dovecot-1:2.3.16-7.el9.src",
"AppStream-9.1.0.GA:dovecot-1:2.3.16-7.el9.x86_64",
"AppStream-9.1.0.GA:dovecot-debuginfo-1:2.3.16-7.el9.aarch64",
"AppStream-9.1.0.GA:dovecot-debuginfo-1:2.3.16-7.el9.i686",
"AppStream-9.1.0.GA:dovecot-debuginfo-1:2.3.16-7.el9.ppc64le",
"AppStream-9.1.0.GA:dovecot-debuginfo-1:2.3.16-7.el9.s390x",
"AppStream-9.1.0.GA:dovecot-debuginfo-1:2.3.16-7.el9.x86_64",
"AppStream-9.1.0.GA:dovecot-debugsource-1:2.3.16-7.el9.aarch64",
"AppStream-9.1.0.GA:dovecot-debugsource-1:2.3.16-7.el9.i686",
"AppStream-9.1.0.GA:dovecot-debugsource-1:2.3.16-7.el9.ppc64le",
"AppStream-9.1.0.GA:dovecot-debugsource-1:2.3.16-7.el9.s390x",
"AppStream-9.1.0.GA:dovecot-debugsource-1:2.3.16-7.el9.x86_64",
"AppStream-9.1.0.GA:dovecot-devel-1:2.3.16-7.el9.aarch64",
"AppStream-9.1.0.GA:dovecot-devel-1:2.3.16-7.el9.i686",
"AppStream-9.1.0.GA:dovecot-devel-1:2.3.16-7.el9.ppc64le",
"AppStream-9.1.0.GA:dovecot-devel-1:2.3.16-7.el9.s390x",
"AppStream-9.1.0.GA:dovecot-devel-1:2.3.16-7.el9.x86_64",
"AppStream-9.1.0.GA:dovecot-mysql-1:2.3.16-7.el9.aarch64",
"AppStream-9.1.0.GA:dovecot-mysql-1:2.3.16-7.el9.ppc64le",
"AppStream-9.1.0.GA:dovecot-mysql-1:2.3.16-7.el9.s390x",
"AppStream-9.1.0.GA:dovecot-mysql-1:2.3.16-7.el9.x86_64",
"AppStream-9.1.0.GA:dovecot-mysql-debuginfo-1:2.3.16-7.el9.aarch64",
"AppStream-9.1.0.GA:dovecot-mysql-debuginfo-1:2.3.16-7.el9.i686",
"AppStream-9.1.0.GA:dovecot-mysql-debuginfo-1:2.3.16-7.el9.ppc64le",
"AppStream-9.1.0.GA:dovecot-mysql-debuginfo-1:2.3.16-7.el9.s390x",
"AppStream-9.1.0.GA:dovecot-mysql-debuginfo-1:2.3.16-7.el9.x86_64",
"AppStream-9.1.0.GA:dovecot-pgsql-1:2.3.16-7.el9.aarch64",
"AppStream-9.1.0.GA:dovecot-pgsql-1:2.3.16-7.el9.ppc64le",
"AppStream-9.1.0.GA:dovecot-pgsql-1:2.3.16-7.el9.s390x",
"AppStream-9.1.0.GA:dovecot-pgsql-1:2.3.16-7.el9.x86_64",
"AppStream-9.1.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-7.el9.aarch64",
"AppStream-9.1.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-7.el9.i686",
"AppStream-9.1.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-7.el9.ppc64le",
"AppStream-9.1.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-7.el9.s390x",
"AppStream-9.1.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-7.el9.x86_64",
"AppStream-9.1.0.GA:dovecot-pigeonhole-1:2.3.16-7.el9.aarch64",
"AppStream-9.1.0.GA:dovecot-pigeonhole-1:2.3.16-7.el9.ppc64le",
"AppStream-9.1.0.GA:dovecot-pigeonhole-1:2.3.16-7.el9.s390x",
"AppStream-9.1.0.GA:dovecot-pigeonhole-1:2.3.16-7.el9.x86_64",
"AppStream-9.1.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.aarch64",
"AppStream-9.1.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.i686",
"AppStream-9.1.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.ppc64le",
"AppStream-9.1.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.s390x",
"AppStream-9.1.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.x86_64",
"CRB-9.1.0.GA:dovecot-1:2.3.16-7.el9.aarch64",
"CRB-9.1.0.GA:dovecot-1:2.3.16-7.el9.i686",
"CRB-9.1.0.GA:dovecot-1:2.3.16-7.el9.ppc64le",
"CRB-9.1.0.GA:dovecot-1:2.3.16-7.el9.s390x",
"CRB-9.1.0.GA:dovecot-1:2.3.16-7.el9.src",
"CRB-9.1.0.GA:dovecot-1:2.3.16-7.el9.x86_64",
"CRB-9.1.0.GA:dovecot-debuginfo-1:2.3.16-7.el9.aarch64",
"CRB-9.1.0.GA:dovecot-debuginfo-1:2.3.16-7.el9.i686",
"CRB-9.1.0.GA:dovecot-debuginfo-1:2.3.16-7.el9.ppc64le",
"CRB-9.1.0.GA:dovecot-debuginfo-1:2.3.16-7.el9.s390x",
"CRB-9.1.0.GA:dovecot-debuginfo-1:2.3.16-7.el9.x86_64",
"CRB-9.1.0.GA:dovecot-debugsource-1:2.3.16-7.el9.aarch64",
"CRB-9.1.0.GA:dovecot-debugsource-1:2.3.16-7.el9.i686",
"CRB-9.1.0.GA:dovecot-debugsource-1:2.3.16-7.el9.ppc64le",
"CRB-9.1.0.GA:dovecot-debugsource-1:2.3.16-7.el9.s390x",
"CRB-9.1.0.GA:dovecot-debugsource-1:2.3.16-7.el9.x86_64",
"CRB-9.1.0.GA:dovecot-devel-1:2.3.16-7.el9.aarch64",
"CRB-9.1.0.GA:dovecot-devel-1:2.3.16-7.el9.i686",
"CRB-9.1.0.GA:dovecot-devel-1:2.3.16-7.el9.ppc64le",
"CRB-9.1.0.GA:dovecot-devel-1:2.3.16-7.el9.s390x",
"CRB-9.1.0.GA:dovecot-devel-1:2.3.16-7.el9.x86_64",
"CRB-9.1.0.GA:dovecot-mysql-1:2.3.16-7.el9.aarch64",
"CRB-9.1.0.GA:dovecot-mysql-1:2.3.16-7.el9.ppc64le",
"CRB-9.1.0.GA:dovecot-mysql-1:2.3.16-7.el9.s390x",
"CRB-9.1.0.GA:dovecot-mysql-1:2.3.16-7.el9.x86_64",
"CRB-9.1.0.GA:dovecot-mysql-debuginfo-1:2.3.16-7.el9.aarch64",
"CRB-9.1.0.GA:dovecot-mysql-debuginfo-1:2.3.16-7.el9.i686",
"CRB-9.1.0.GA:dovecot-mysql-debuginfo-1:2.3.16-7.el9.ppc64le",
"CRB-9.1.0.GA:dovecot-mysql-debuginfo-1:2.3.16-7.el9.s390x",
"CRB-9.1.0.GA:dovecot-mysql-debuginfo-1:2.3.16-7.el9.x86_64",
"CRB-9.1.0.GA:dovecot-pgsql-1:2.3.16-7.el9.aarch64",
"CRB-9.1.0.GA:dovecot-pgsql-1:2.3.16-7.el9.ppc64le",
"CRB-9.1.0.GA:dovecot-pgsql-1:2.3.16-7.el9.s390x",
"CRB-9.1.0.GA:dovecot-pgsql-1:2.3.16-7.el9.x86_64",
"CRB-9.1.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-7.el9.aarch64",
"CRB-9.1.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-7.el9.i686",
"CRB-9.1.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-7.el9.ppc64le",
"CRB-9.1.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-7.el9.s390x",
"CRB-9.1.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-7.el9.x86_64",
"CRB-9.1.0.GA:dovecot-pigeonhole-1:2.3.16-7.el9.aarch64",
"CRB-9.1.0.GA:dovecot-pigeonhole-1:2.3.16-7.el9.ppc64le",
"CRB-9.1.0.GA:dovecot-pigeonhole-1:2.3.16-7.el9.s390x",
"CRB-9.1.0.GA:dovecot-pigeonhole-1:2.3.16-7.el9.x86_64",
"CRB-9.1.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.aarch64",
"CRB-9.1.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.i686",
"CRB-9.1.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.ppc64le",
"CRB-9.1.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.s390x",
"CRB-9.1.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-30550"
},
{
"category": "external",
"summary": "RHBZ#2105070",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105070"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-30550",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30550"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30550",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30550"
},
{
"category": "external",
"summary": "https://dovecot.org/pipermail/dovecot-news/2022-July/000478.html",
"url": "https://dovecot.org/pipermail/dovecot-news/2022-July/000478.html"
}
],
"release_date": "2022-07-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-15T09:45:44+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.1.0.GA:dovecot-1:2.3.16-7.el9.aarch64",
"AppStream-9.1.0.GA:dovecot-1:2.3.16-7.el9.i686",
"AppStream-9.1.0.GA:dovecot-1:2.3.16-7.el9.ppc64le",
"AppStream-9.1.0.GA:dovecot-1:2.3.16-7.el9.s390x",
"AppStream-9.1.0.GA:dovecot-1:2.3.16-7.el9.src",
"AppStream-9.1.0.GA:dovecot-1:2.3.16-7.el9.x86_64",
"AppStream-9.1.0.GA:dovecot-debuginfo-1:2.3.16-7.el9.aarch64",
"AppStream-9.1.0.GA:dovecot-debuginfo-1:2.3.16-7.el9.i686",
"AppStream-9.1.0.GA:dovecot-debuginfo-1:2.3.16-7.el9.ppc64le",
"AppStream-9.1.0.GA:dovecot-debuginfo-1:2.3.16-7.el9.s390x",
"AppStream-9.1.0.GA:dovecot-debuginfo-1:2.3.16-7.el9.x86_64",
"AppStream-9.1.0.GA:dovecot-debugsource-1:2.3.16-7.el9.aarch64",
"AppStream-9.1.0.GA:dovecot-debugsource-1:2.3.16-7.el9.i686",
"AppStream-9.1.0.GA:dovecot-debugsource-1:2.3.16-7.el9.ppc64le",
"AppStream-9.1.0.GA:dovecot-debugsource-1:2.3.16-7.el9.s390x",
"AppStream-9.1.0.GA:dovecot-debugsource-1:2.3.16-7.el9.x86_64",
"AppStream-9.1.0.GA:dovecot-devel-1:2.3.16-7.el9.aarch64",
"AppStream-9.1.0.GA:dovecot-devel-1:2.3.16-7.el9.i686",
"AppStream-9.1.0.GA:dovecot-devel-1:2.3.16-7.el9.ppc64le",
"AppStream-9.1.0.GA:dovecot-devel-1:2.3.16-7.el9.s390x",
"AppStream-9.1.0.GA:dovecot-devel-1:2.3.16-7.el9.x86_64",
"AppStream-9.1.0.GA:dovecot-mysql-1:2.3.16-7.el9.aarch64",
"AppStream-9.1.0.GA:dovecot-mysql-1:2.3.16-7.el9.ppc64le",
"AppStream-9.1.0.GA:dovecot-mysql-1:2.3.16-7.el9.s390x",
"AppStream-9.1.0.GA:dovecot-mysql-1:2.3.16-7.el9.x86_64",
"AppStream-9.1.0.GA:dovecot-mysql-debuginfo-1:2.3.16-7.el9.aarch64",
"AppStream-9.1.0.GA:dovecot-mysql-debuginfo-1:2.3.16-7.el9.i686",
"AppStream-9.1.0.GA:dovecot-mysql-debuginfo-1:2.3.16-7.el9.ppc64le",
"AppStream-9.1.0.GA:dovecot-mysql-debuginfo-1:2.3.16-7.el9.s390x",
"AppStream-9.1.0.GA:dovecot-mysql-debuginfo-1:2.3.16-7.el9.x86_64",
"AppStream-9.1.0.GA:dovecot-pgsql-1:2.3.16-7.el9.aarch64",
"AppStream-9.1.0.GA:dovecot-pgsql-1:2.3.16-7.el9.ppc64le",
"AppStream-9.1.0.GA:dovecot-pgsql-1:2.3.16-7.el9.s390x",
"AppStream-9.1.0.GA:dovecot-pgsql-1:2.3.16-7.el9.x86_64",
"AppStream-9.1.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-7.el9.aarch64",
"AppStream-9.1.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-7.el9.i686",
"AppStream-9.1.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-7.el9.ppc64le",
"AppStream-9.1.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-7.el9.s390x",
"AppStream-9.1.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-7.el9.x86_64",
"AppStream-9.1.0.GA:dovecot-pigeonhole-1:2.3.16-7.el9.aarch64",
"AppStream-9.1.0.GA:dovecot-pigeonhole-1:2.3.16-7.el9.ppc64le",
"AppStream-9.1.0.GA:dovecot-pigeonhole-1:2.3.16-7.el9.s390x",
"AppStream-9.1.0.GA:dovecot-pigeonhole-1:2.3.16-7.el9.x86_64",
"AppStream-9.1.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.aarch64",
"AppStream-9.1.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.i686",
"AppStream-9.1.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.ppc64le",
"AppStream-9.1.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.s390x",
"AppStream-9.1.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.x86_64",
"CRB-9.1.0.GA:dovecot-1:2.3.16-7.el9.aarch64",
"CRB-9.1.0.GA:dovecot-1:2.3.16-7.el9.i686",
"CRB-9.1.0.GA:dovecot-1:2.3.16-7.el9.ppc64le",
"CRB-9.1.0.GA:dovecot-1:2.3.16-7.el9.s390x",
"CRB-9.1.0.GA:dovecot-1:2.3.16-7.el9.src",
"CRB-9.1.0.GA:dovecot-1:2.3.16-7.el9.x86_64",
"CRB-9.1.0.GA:dovecot-debuginfo-1:2.3.16-7.el9.aarch64",
"CRB-9.1.0.GA:dovecot-debuginfo-1:2.3.16-7.el9.i686",
"CRB-9.1.0.GA:dovecot-debuginfo-1:2.3.16-7.el9.ppc64le",
"CRB-9.1.0.GA:dovecot-debuginfo-1:2.3.16-7.el9.s390x",
"CRB-9.1.0.GA:dovecot-debuginfo-1:2.3.16-7.el9.x86_64",
"CRB-9.1.0.GA:dovecot-debugsource-1:2.3.16-7.el9.aarch64",
"CRB-9.1.0.GA:dovecot-debugsource-1:2.3.16-7.el9.i686",
"CRB-9.1.0.GA:dovecot-debugsource-1:2.3.16-7.el9.ppc64le",
"CRB-9.1.0.GA:dovecot-debugsource-1:2.3.16-7.el9.s390x",
"CRB-9.1.0.GA:dovecot-debugsource-1:2.3.16-7.el9.x86_64",
"CRB-9.1.0.GA:dovecot-devel-1:2.3.16-7.el9.aarch64",
"CRB-9.1.0.GA:dovecot-devel-1:2.3.16-7.el9.i686",
"CRB-9.1.0.GA:dovecot-devel-1:2.3.16-7.el9.ppc64le",
"CRB-9.1.0.GA:dovecot-devel-1:2.3.16-7.el9.s390x",
"CRB-9.1.0.GA:dovecot-devel-1:2.3.16-7.el9.x86_64",
"CRB-9.1.0.GA:dovecot-mysql-1:2.3.16-7.el9.aarch64",
"CRB-9.1.0.GA:dovecot-mysql-1:2.3.16-7.el9.ppc64le",
"CRB-9.1.0.GA:dovecot-mysql-1:2.3.16-7.el9.s390x",
"CRB-9.1.0.GA:dovecot-mysql-1:2.3.16-7.el9.x86_64",
"CRB-9.1.0.GA:dovecot-mysql-debuginfo-1:2.3.16-7.el9.aarch64",
"CRB-9.1.0.GA:dovecot-mysql-debuginfo-1:2.3.16-7.el9.i686",
"CRB-9.1.0.GA:dovecot-mysql-debuginfo-1:2.3.16-7.el9.ppc64le",
"CRB-9.1.0.GA:dovecot-mysql-debuginfo-1:2.3.16-7.el9.s390x",
"CRB-9.1.0.GA:dovecot-mysql-debuginfo-1:2.3.16-7.el9.x86_64",
"CRB-9.1.0.GA:dovecot-pgsql-1:2.3.16-7.el9.aarch64",
"CRB-9.1.0.GA:dovecot-pgsql-1:2.3.16-7.el9.ppc64le",
"CRB-9.1.0.GA:dovecot-pgsql-1:2.3.16-7.el9.s390x",
"CRB-9.1.0.GA:dovecot-pgsql-1:2.3.16-7.el9.x86_64",
"CRB-9.1.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-7.el9.aarch64",
"CRB-9.1.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-7.el9.i686",
"CRB-9.1.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-7.el9.ppc64le",
"CRB-9.1.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-7.el9.s390x",
"CRB-9.1.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-7.el9.x86_64",
"CRB-9.1.0.GA:dovecot-pigeonhole-1:2.3.16-7.el9.aarch64",
"CRB-9.1.0.GA:dovecot-pigeonhole-1:2.3.16-7.el9.ppc64le",
"CRB-9.1.0.GA:dovecot-pigeonhole-1:2.3.16-7.el9.s390x",
"CRB-9.1.0.GA:dovecot-pigeonhole-1:2.3.16-7.el9.x86_64",
"CRB-9.1.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.aarch64",
"CRB-9.1.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.i686",
"CRB-9.1.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.ppc64le",
"CRB-9.1.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.s390x",
"CRB-9.1.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8208"
},
{
"category": "workaround",
"details": "Always authenticate master users from a different source than regular users, for example, use a separate passwd file. Alternatively, you can use global ACLs to ensure that only legitimate master users have privileged access.",
"product_ids": [
"AppStream-9.1.0.GA:dovecot-1:2.3.16-7.el9.aarch64",
"AppStream-9.1.0.GA:dovecot-1:2.3.16-7.el9.i686",
"AppStream-9.1.0.GA:dovecot-1:2.3.16-7.el9.ppc64le",
"AppStream-9.1.0.GA:dovecot-1:2.3.16-7.el9.s390x",
"AppStream-9.1.0.GA:dovecot-1:2.3.16-7.el9.src",
"AppStream-9.1.0.GA:dovecot-1:2.3.16-7.el9.x86_64",
"AppStream-9.1.0.GA:dovecot-debuginfo-1:2.3.16-7.el9.aarch64",
"AppStream-9.1.0.GA:dovecot-debuginfo-1:2.3.16-7.el9.i686",
"AppStream-9.1.0.GA:dovecot-debuginfo-1:2.3.16-7.el9.ppc64le",
"AppStream-9.1.0.GA:dovecot-debuginfo-1:2.3.16-7.el9.s390x",
"AppStream-9.1.0.GA:dovecot-debuginfo-1:2.3.16-7.el9.x86_64",
"AppStream-9.1.0.GA:dovecot-debugsource-1:2.3.16-7.el9.aarch64",
"AppStream-9.1.0.GA:dovecot-debugsource-1:2.3.16-7.el9.i686",
"AppStream-9.1.0.GA:dovecot-debugsource-1:2.3.16-7.el9.ppc64le",
"AppStream-9.1.0.GA:dovecot-debugsource-1:2.3.16-7.el9.s390x",
"AppStream-9.1.0.GA:dovecot-debugsource-1:2.3.16-7.el9.x86_64",
"AppStream-9.1.0.GA:dovecot-devel-1:2.3.16-7.el9.aarch64",
"AppStream-9.1.0.GA:dovecot-devel-1:2.3.16-7.el9.i686",
"AppStream-9.1.0.GA:dovecot-devel-1:2.3.16-7.el9.ppc64le",
"AppStream-9.1.0.GA:dovecot-devel-1:2.3.16-7.el9.s390x",
"AppStream-9.1.0.GA:dovecot-devel-1:2.3.16-7.el9.x86_64",
"AppStream-9.1.0.GA:dovecot-mysql-1:2.3.16-7.el9.aarch64",
"AppStream-9.1.0.GA:dovecot-mysql-1:2.3.16-7.el9.ppc64le",
"AppStream-9.1.0.GA:dovecot-mysql-1:2.3.16-7.el9.s390x",
"AppStream-9.1.0.GA:dovecot-mysql-1:2.3.16-7.el9.x86_64",
"AppStream-9.1.0.GA:dovecot-mysql-debuginfo-1:2.3.16-7.el9.aarch64",
"AppStream-9.1.0.GA:dovecot-mysql-debuginfo-1:2.3.16-7.el9.i686",
"AppStream-9.1.0.GA:dovecot-mysql-debuginfo-1:2.3.16-7.el9.ppc64le",
"AppStream-9.1.0.GA:dovecot-mysql-debuginfo-1:2.3.16-7.el9.s390x",
"AppStream-9.1.0.GA:dovecot-mysql-debuginfo-1:2.3.16-7.el9.x86_64",
"AppStream-9.1.0.GA:dovecot-pgsql-1:2.3.16-7.el9.aarch64",
"AppStream-9.1.0.GA:dovecot-pgsql-1:2.3.16-7.el9.ppc64le",
"AppStream-9.1.0.GA:dovecot-pgsql-1:2.3.16-7.el9.s390x",
"AppStream-9.1.0.GA:dovecot-pgsql-1:2.3.16-7.el9.x86_64",
"AppStream-9.1.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-7.el9.aarch64",
"AppStream-9.1.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-7.el9.i686",
"AppStream-9.1.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-7.el9.ppc64le",
"AppStream-9.1.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-7.el9.s390x",
"AppStream-9.1.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-7.el9.x86_64",
"AppStream-9.1.0.GA:dovecot-pigeonhole-1:2.3.16-7.el9.aarch64",
"AppStream-9.1.0.GA:dovecot-pigeonhole-1:2.3.16-7.el9.ppc64le",
"AppStream-9.1.0.GA:dovecot-pigeonhole-1:2.3.16-7.el9.s390x",
"AppStream-9.1.0.GA:dovecot-pigeonhole-1:2.3.16-7.el9.x86_64",
"AppStream-9.1.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.aarch64",
"AppStream-9.1.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.i686",
"AppStream-9.1.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.ppc64le",
"AppStream-9.1.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.s390x",
"AppStream-9.1.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.x86_64",
"CRB-9.1.0.GA:dovecot-1:2.3.16-7.el9.aarch64",
"CRB-9.1.0.GA:dovecot-1:2.3.16-7.el9.i686",
"CRB-9.1.0.GA:dovecot-1:2.3.16-7.el9.ppc64le",
"CRB-9.1.0.GA:dovecot-1:2.3.16-7.el9.s390x",
"CRB-9.1.0.GA:dovecot-1:2.3.16-7.el9.src",
"CRB-9.1.0.GA:dovecot-1:2.3.16-7.el9.x86_64",
"CRB-9.1.0.GA:dovecot-debuginfo-1:2.3.16-7.el9.aarch64",
"CRB-9.1.0.GA:dovecot-debuginfo-1:2.3.16-7.el9.i686",
"CRB-9.1.0.GA:dovecot-debuginfo-1:2.3.16-7.el9.ppc64le",
"CRB-9.1.0.GA:dovecot-debuginfo-1:2.3.16-7.el9.s390x",
"CRB-9.1.0.GA:dovecot-debuginfo-1:2.3.16-7.el9.x86_64",
"CRB-9.1.0.GA:dovecot-debugsource-1:2.3.16-7.el9.aarch64",
"CRB-9.1.0.GA:dovecot-debugsource-1:2.3.16-7.el9.i686",
"CRB-9.1.0.GA:dovecot-debugsource-1:2.3.16-7.el9.ppc64le",
"CRB-9.1.0.GA:dovecot-debugsource-1:2.3.16-7.el9.s390x",
"CRB-9.1.0.GA:dovecot-debugsource-1:2.3.16-7.el9.x86_64",
"CRB-9.1.0.GA:dovecot-devel-1:2.3.16-7.el9.aarch64",
"CRB-9.1.0.GA:dovecot-devel-1:2.3.16-7.el9.i686",
"CRB-9.1.0.GA:dovecot-devel-1:2.3.16-7.el9.ppc64le",
"CRB-9.1.0.GA:dovecot-devel-1:2.3.16-7.el9.s390x",
"CRB-9.1.0.GA:dovecot-devel-1:2.3.16-7.el9.x86_64",
"CRB-9.1.0.GA:dovecot-mysql-1:2.3.16-7.el9.aarch64",
"CRB-9.1.0.GA:dovecot-mysql-1:2.3.16-7.el9.ppc64le",
"CRB-9.1.0.GA:dovecot-mysql-1:2.3.16-7.el9.s390x",
"CRB-9.1.0.GA:dovecot-mysql-1:2.3.16-7.el9.x86_64",
"CRB-9.1.0.GA:dovecot-mysql-debuginfo-1:2.3.16-7.el9.aarch64",
"CRB-9.1.0.GA:dovecot-mysql-debuginfo-1:2.3.16-7.el9.i686",
"CRB-9.1.0.GA:dovecot-mysql-debuginfo-1:2.3.16-7.el9.ppc64le",
"CRB-9.1.0.GA:dovecot-mysql-debuginfo-1:2.3.16-7.el9.s390x",
"CRB-9.1.0.GA:dovecot-mysql-debuginfo-1:2.3.16-7.el9.x86_64",
"CRB-9.1.0.GA:dovecot-pgsql-1:2.3.16-7.el9.aarch64",
"CRB-9.1.0.GA:dovecot-pgsql-1:2.3.16-7.el9.ppc64le",
"CRB-9.1.0.GA:dovecot-pgsql-1:2.3.16-7.el9.s390x",
"CRB-9.1.0.GA:dovecot-pgsql-1:2.3.16-7.el9.x86_64",
"CRB-9.1.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-7.el9.aarch64",
"CRB-9.1.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-7.el9.i686",
"CRB-9.1.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-7.el9.ppc64le",
"CRB-9.1.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-7.el9.s390x",
"CRB-9.1.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-7.el9.x86_64",
"CRB-9.1.0.GA:dovecot-pigeonhole-1:2.3.16-7.el9.aarch64",
"CRB-9.1.0.GA:dovecot-pigeonhole-1:2.3.16-7.el9.ppc64le",
"CRB-9.1.0.GA:dovecot-pigeonhole-1:2.3.16-7.el9.s390x",
"CRB-9.1.0.GA:dovecot-pigeonhole-1:2.3.16-7.el9.x86_64",
"CRB-9.1.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.aarch64",
"CRB-9.1.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.i686",
"CRB-9.1.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.ppc64le",
"CRB-9.1.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.s390x",
"CRB-9.1.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.GA:dovecot-1:2.3.16-7.el9.aarch64",
"AppStream-9.1.0.GA:dovecot-1:2.3.16-7.el9.i686",
"AppStream-9.1.0.GA:dovecot-1:2.3.16-7.el9.ppc64le",
"AppStream-9.1.0.GA:dovecot-1:2.3.16-7.el9.s390x",
"AppStream-9.1.0.GA:dovecot-1:2.3.16-7.el9.src",
"AppStream-9.1.0.GA:dovecot-1:2.3.16-7.el9.x86_64",
"AppStream-9.1.0.GA:dovecot-debuginfo-1:2.3.16-7.el9.aarch64",
"AppStream-9.1.0.GA:dovecot-debuginfo-1:2.3.16-7.el9.i686",
"AppStream-9.1.0.GA:dovecot-debuginfo-1:2.3.16-7.el9.ppc64le",
"AppStream-9.1.0.GA:dovecot-debuginfo-1:2.3.16-7.el9.s390x",
"AppStream-9.1.0.GA:dovecot-debuginfo-1:2.3.16-7.el9.x86_64",
"AppStream-9.1.0.GA:dovecot-debugsource-1:2.3.16-7.el9.aarch64",
"AppStream-9.1.0.GA:dovecot-debugsource-1:2.3.16-7.el9.i686",
"AppStream-9.1.0.GA:dovecot-debugsource-1:2.3.16-7.el9.ppc64le",
"AppStream-9.1.0.GA:dovecot-debugsource-1:2.3.16-7.el9.s390x",
"AppStream-9.1.0.GA:dovecot-debugsource-1:2.3.16-7.el9.x86_64",
"AppStream-9.1.0.GA:dovecot-devel-1:2.3.16-7.el9.aarch64",
"AppStream-9.1.0.GA:dovecot-devel-1:2.3.16-7.el9.i686",
"AppStream-9.1.0.GA:dovecot-devel-1:2.3.16-7.el9.ppc64le",
"AppStream-9.1.0.GA:dovecot-devel-1:2.3.16-7.el9.s390x",
"AppStream-9.1.0.GA:dovecot-devel-1:2.3.16-7.el9.x86_64",
"AppStream-9.1.0.GA:dovecot-mysql-1:2.3.16-7.el9.aarch64",
"AppStream-9.1.0.GA:dovecot-mysql-1:2.3.16-7.el9.ppc64le",
"AppStream-9.1.0.GA:dovecot-mysql-1:2.3.16-7.el9.s390x",
"AppStream-9.1.0.GA:dovecot-mysql-1:2.3.16-7.el9.x86_64",
"AppStream-9.1.0.GA:dovecot-mysql-debuginfo-1:2.3.16-7.el9.aarch64",
"AppStream-9.1.0.GA:dovecot-mysql-debuginfo-1:2.3.16-7.el9.i686",
"AppStream-9.1.0.GA:dovecot-mysql-debuginfo-1:2.3.16-7.el9.ppc64le",
"AppStream-9.1.0.GA:dovecot-mysql-debuginfo-1:2.3.16-7.el9.s390x",
"AppStream-9.1.0.GA:dovecot-mysql-debuginfo-1:2.3.16-7.el9.x86_64",
"AppStream-9.1.0.GA:dovecot-pgsql-1:2.3.16-7.el9.aarch64",
"AppStream-9.1.0.GA:dovecot-pgsql-1:2.3.16-7.el9.ppc64le",
"AppStream-9.1.0.GA:dovecot-pgsql-1:2.3.16-7.el9.s390x",
"AppStream-9.1.0.GA:dovecot-pgsql-1:2.3.16-7.el9.x86_64",
"AppStream-9.1.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-7.el9.aarch64",
"AppStream-9.1.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-7.el9.i686",
"AppStream-9.1.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-7.el9.ppc64le",
"AppStream-9.1.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-7.el9.s390x",
"AppStream-9.1.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-7.el9.x86_64",
"AppStream-9.1.0.GA:dovecot-pigeonhole-1:2.3.16-7.el9.aarch64",
"AppStream-9.1.0.GA:dovecot-pigeonhole-1:2.3.16-7.el9.ppc64le",
"AppStream-9.1.0.GA:dovecot-pigeonhole-1:2.3.16-7.el9.s390x",
"AppStream-9.1.0.GA:dovecot-pigeonhole-1:2.3.16-7.el9.x86_64",
"AppStream-9.1.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.aarch64",
"AppStream-9.1.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.i686",
"AppStream-9.1.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.ppc64le",
"AppStream-9.1.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.s390x",
"AppStream-9.1.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.x86_64",
"CRB-9.1.0.GA:dovecot-1:2.3.16-7.el9.aarch64",
"CRB-9.1.0.GA:dovecot-1:2.3.16-7.el9.i686",
"CRB-9.1.0.GA:dovecot-1:2.3.16-7.el9.ppc64le",
"CRB-9.1.0.GA:dovecot-1:2.3.16-7.el9.s390x",
"CRB-9.1.0.GA:dovecot-1:2.3.16-7.el9.src",
"CRB-9.1.0.GA:dovecot-1:2.3.16-7.el9.x86_64",
"CRB-9.1.0.GA:dovecot-debuginfo-1:2.3.16-7.el9.aarch64",
"CRB-9.1.0.GA:dovecot-debuginfo-1:2.3.16-7.el9.i686",
"CRB-9.1.0.GA:dovecot-debuginfo-1:2.3.16-7.el9.ppc64le",
"CRB-9.1.0.GA:dovecot-debuginfo-1:2.3.16-7.el9.s390x",
"CRB-9.1.0.GA:dovecot-debuginfo-1:2.3.16-7.el9.x86_64",
"CRB-9.1.0.GA:dovecot-debugsource-1:2.3.16-7.el9.aarch64",
"CRB-9.1.0.GA:dovecot-debugsource-1:2.3.16-7.el9.i686",
"CRB-9.1.0.GA:dovecot-debugsource-1:2.3.16-7.el9.ppc64le",
"CRB-9.1.0.GA:dovecot-debugsource-1:2.3.16-7.el9.s390x",
"CRB-9.1.0.GA:dovecot-debugsource-1:2.3.16-7.el9.x86_64",
"CRB-9.1.0.GA:dovecot-devel-1:2.3.16-7.el9.aarch64",
"CRB-9.1.0.GA:dovecot-devel-1:2.3.16-7.el9.i686",
"CRB-9.1.0.GA:dovecot-devel-1:2.3.16-7.el9.ppc64le",
"CRB-9.1.0.GA:dovecot-devel-1:2.3.16-7.el9.s390x",
"CRB-9.1.0.GA:dovecot-devel-1:2.3.16-7.el9.x86_64",
"CRB-9.1.0.GA:dovecot-mysql-1:2.3.16-7.el9.aarch64",
"CRB-9.1.0.GA:dovecot-mysql-1:2.3.16-7.el9.ppc64le",
"CRB-9.1.0.GA:dovecot-mysql-1:2.3.16-7.el9.s390x",
"CRB-9.1.0.GA:dovecot-mysql-1:2.3.16-7.el9.x86_64",
"CRB-9.1.0.GA:dovecot-mysql-debuginfo-1:2.3.16-7.el9.aarch64",
"CRB-9.1.0.GA:dovecot-mysql-debuginfo-1:2.3.16-7.el9.i686",
"CRB-9.1.0.GA:dovecot-mysql-debuginfo-1:2.3.16-7.el9.ppc64le",
"CRB-9.1.0.GA:dovecot-mysql-debuginfo-1:2.3.16-7.el9.s390x",
"CRB-9.1.0.GA:dovecot-mysql-debuginfo-1:2.3.16-7.el9.x86_64",
"CRB-9.1.0.GA:dovecot-pgsql-1:2.3.16-7.el9.aarch64",
"CRB-9.1.0.GA:dovecot-pgsql-1:2.3.16-7.el9.ppc64le",
"CRB-9.1.0.GA:dovecot-pgsql-1:2.3.16-7.el9.s390x",
"CRB-9.1.0.GA:dovecot-pgsql-1:2.3.16-7.el9.x86_64",
"CRB-9.1.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-7.el9.aarch64",
"CRB-9.1.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-7.el9.i686",
"CRB-9.1.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-7.el9.ppc64le",
"CRB-9.1.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-7.el9.s390x",
"CRB-9.1.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-7.el9.x86_64",
"CRB-9.1.0.GA:dovecot-pigeonhole-1:2.3.16-7.el9.aarch64",
"CRB-9.1.0.GA:dovecot-pigeonhole-1:2.3.16-7.el9.ppc64le",
"CRB-9.1.0.GA:dovecot-pigeonhole-1:2.3.16-7.el9.s390x",
"CRB-9.1.0.GA:dovecot-pigeonhole-1:2.3.16-7.el9.x86_64",
"CRB-9.1.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.aarch64",
"CRB-9.1.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.i686",
"CRB-9.1.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.ppc64le",
"CRB-9.1.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.s390x",
"CRB-9.1.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-7.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "dovecot: Privilege escalation when similar master and non-master passdbs are used"
}
]
}
RHSA-2022_7623
Vulnerability from csaf_redhat - Published: 2022-11-08 10:08 - Updated: 2024-11-22 19:52Summary
Red Hat Security Advisory: dovecot security update
Severity
Moderate
Notes
Topic: An update for dovecot is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages.
Security Fix(es):
* dovecot: Privilege escalation when similar master and non-master passdbs are used (CVE-2022-30550)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.7 Release Notes linked from the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A vulnerability was found in the Dovecot IMAP Server. When two passdb configuration entries exist in the Dovecot configuration, which have the same driver and args settings, the incorrect username_filter and mechanism settings can be applied to passdb definitions. These incorrect settings can lead to an unintended security configuration and can permit privilege escalation with certain configurations involving a master user authentication. If the same passwd file or PAM is used for both normal and master users, an attacker could easily become a master user, potentially escalating privileges on the system.
6.8 (Medium)
Affected products
Fixed
96 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
10 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for dovecot is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. \n\nSecurity Fix(es):\n\n* dovecot: Privilege escalation when similar master and non-master passdbs are used (CVE-2022-30550)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.7 Release Notes linked from the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:7623",
"url": "https://access.redhat.com/errata/RHSA-2022:7623"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.7_release_notes/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.7_release_notes/index"
},
{
"category": "external",
"summary": "2105070",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105070"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_7623.json"
}
],
"title": "Red Hat Security Advisory: dovecot security update",
"tracking": {
"current_release_date": "2024-11-22T19:52:04+00:00",
"generator": {
"date": "2024-11-22T19:52:04+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2022:7623",
"initial_release_date": "2022-11-08T10:08:10+00:00",
"revision_history": [
{
"date": "2022-11-08T10:08:10+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-11-08T10:08:10+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T19:52:04+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat CodeReady Linux Builder (v. 8)",
"product": {
"name": "Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::crb"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "dovecot-1:2.3.16-3.el8.i686",
"product": {
"name": "dovecot-1:2.3.16-3.el8.i686",
"product_id": "dovecot-1:2.3.16-3.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot@2.3.16-3.el8?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-devel-1:2.3.16-3.el8.i686",
"product": {
"name": "dovecot-devel-1:2.3.16-3.el8.i686",
"product_id": "dovecot-devel-1:2.3.16-3.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-devel@2.3.16-3.el8?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-debugsource-1:2.3.16-3.el8.i686",
"product": {
"name": "dovecot-debugsource-1:2.3.16-3.el8.i686",
"product_id": "dovecot-debugsource-1:2.3.16-3.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-debugsource@2.3.16-3.el8?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-debuginfo-1:2.3.16-3.el8.i686",
"product": {
"name": "dovecot-debuginfo-1:2.3.16-3.el8.i686",
"product_id": "dovecot-debuginfo-1:2.3.16-3.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-debuginfo@2.3.16-3.el8?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.i686",
"product": {
"name": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.i686",
"product_id": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-mysql-debuginfo@2.3.16-3.el8?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.i686",
"product": {
"name": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.i686",
"product_id": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-pgsql-debuginfo@2.3.16-3.el8?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.i686",
"product": {
"name": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.i686",
"product_id": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-pigeonhole-debuginfo@2.3.16-3.el8?arch=i686\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "dovecot-devel-1:2.3.16-3.el8.x86_64",
"product": {
"name": "dovecot-devel-1:2.3.16-3.el8.x86_64",
"product_id": "dovecot-devel-1:2.3.16-3.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-devel@2.3.16-3.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-debugsource-1:2.3.16-3.el8.x86_64",
"product": {
"name": "dovecot-debugsource-1:2.3.16-3.el8.x86_64",
"product_id": "dovecot-debugsource-1:2.3.16-3.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-debugsource@2.3.16-3.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-debuginfo-1:2.3.16-3.el8.x86_64",
"product": {
"name": "dovecot-debuginfo-1:2.3.16-3.el8.x86_64",
"product_id": "dovecot-debuginfo-1:2.3.16-3.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-debuginfo@2.3.16-3.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.x86_64",
"product": {
"name": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.x86_64",
"product_id": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-mysql-debuginfo@2.3.16-3.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.x86_64",
"product": {
"name": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.x86_64",
"product_id": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-pgsql-debuginfo@2.3.16-3.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.x86_64",
"product": {
"name": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.x86_64",
"product_id": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-pigeonhole-debuginfo@2.3.16-3.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-1:2.3.16-3.el8.x86_64",
"product": {
"name": "dovecot-1:2.3.16-3.el8.x86_64",
"product_id": "dovecot-1:2.3.16-3.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot@2.3.16-3.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-mysql-1:2.3.16-3.el8.x86_64",
"product": {
"name": "dovecot-mysql-1:2.3.16-3.el8.x86_64",
"product_id": "dovecot-mysql-1:2.3.16-3.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-mysql@2.3.16-3.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-pgsql-1:2.3.16-3.el8.x86_64",
"product": {
"name": "dovecot-pgsql-1:2.3.16-3.el8.x86_64",
"product_id": "dovecot-pgsql-1:2.3.16-3.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-pgsql@2.3.16-3.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-pigeonhole-1:2.3.16-3.el8.x86_64",
"product": {
"name": "dovecot-pigeonhole-1:2.3.16-3.el8.x86_64",
"product_id": "dovecot-pigeonhole-1:2.3.16-3.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-pigeonhole@2.3.16-3.el8?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "dovecot-devel-1:2.3.16-3.el8.aarch64",
"product": {
"name": "dovecot-devel-1:2.3.16-3.el8.aarch64",
"product_id": "dovecot-devel-1:2.3.16-3.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-devel@2.3.16-3.el8?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-debugsource-1:2.3.16-3.el8.aarch64",
"product": {
"name": "dovecot-debugsource-1:2.3.16-3.el8.aarch64",
"product_id": "dovecot-debugsource-1:2.3.16-3.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-debugsource@2.3.16-3.el8?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-debuginfo-1:2.3.16-3.el8.aarch64",
"product": {
"name": "dovecot-debuginfo-1:2.3.16-3.el8.aarch64",
"product_id": "dovecot-debuginfo-1:2.3.16-3.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-debuginfo@2.3.16-3.el8?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.aarch64",
"product": {
"name": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.aarch64",
"product_id": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-mysql-debuginfo@2.3.16-3.el8?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.aarch64",
"product": {
"name": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.aarch64",
"product_id": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-pgsql-debuginfo@2.3.16-3.el8?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.aarch64",
"product": {
"name": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.aarch64",
"product_id": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-pigeonhole-debuginfo@2.3.16-3.el8?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-1:2.3.16-3.el8.aarch64",
"product": {
"name": "dovecot-1:2.3.16-3.el8.aarch64",
"product_id": "dovecot-1:2.3.16-3.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot@2.3.16-3.el8?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-mysql-1:2.3.16-3.el8.aarch64",
"product": {
"name": "dovecot-mysql-1:2.3.16-3.el8.aarch64",
"product_id": "dovecot-mysql-1:2.3.16-3.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-mysql@2.3.16-3.el8?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-pgsql-1:2.3.16-3.el8.aarch64",
"product": {
"name": "dovecot-pgsql-1:2.3.16-3.el8.aarch64",
"product_id": "dovecot-pgsql-1:2.3.16-3.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-pgsql@2.3.16-3.el8?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-pigeonhole-1:2.3.16-3.el8.aarch64",
"product": {
"name": "dovecot-pigeonhole-1:2.3.16-3.el8.aarch64",
"product_id": "dovecot-pigeonhole-1:2.3.16-3.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-pigeonhole@2.3.16-3.el8?arch=aarch64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "dovecot-devel-1:2.3.16-3.el8.ppc64le",
"product": {
"name": "dovecot-devel-1:2.3.16-3.el8.ppc64le",
"product_id": "dovecot-devel-1:2.3.16-3.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-devel@2.3.16-3.el8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-debugsource-1:2.3.16-3.el8.ppc64le",
"product": {
"name": "dovecot-debugsource-1:2.3.16-3.el8.ppc64le",
"product_id": "dovecot-debugsource-1:2.3.16-3.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-debugsource@2.3.16-3.el8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-debuginfo-1:2.3.16-3.el8.ppc64le",
"product": {
"name": "dovecot-debuginfo-1:2.3.16-3.el8.ppc64le",
"product_id": "dovecot-debuginfo-1:2.3.16-3.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-debuginfo@2.3.16-3.el8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.ppc64le",
"product": {
"name": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.ppc64le",
"product_id": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-mysql-debuginfo@2.3.16-3.el8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.ppc64le",
"product": {
"name": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.ppc64le",
"product_id": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-pgsql-debuginfo@2.3.16-3.el8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.ppc64le",
"product": {
"name": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.ppc64le",
"product_id": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-pigeonhole-debuginfo@2.3.16-3.el8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-1:2.3.16-3.el8.ppc64le",
"product": {
"name": "dovecot-1:2.3.16-3.el8.ppc64le",
"product_id": "dovecot-1:2.3.16-3.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot@2.3.16-3.el8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-mysql-1:2.3.16-3.el8.ppc64le",
"product": {
"name": "dovecot-mysql-1:2.3.16-3.el8.ppc64le",
"product_id": "dovecot-mysql-1:2.3.16-3.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-mysql@2.3.16-3.el8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-pgsql-1:2.3.16-3.el8.ppc64le",
"product": {
"name": "dovecot-pgsql-1:2.3.16-3.el8.ppc64le",
"product_id": "dovecot-pgsql-1:2.3.16-3.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-pgsql@2.3.16-3.el8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-pigeonhole-1:2.3.16-3.el8.ppc64le",
"product": {
"name": "dovecot-pigeonhole-1:2.3.16-3.el8.ppc64le",
"product_id": "dovecot-pigeonhole-1:2.3.16-3.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-pigeonhole@2.3.16-3.el8?arch=ppc64le\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "dovecot-devel-1:2.3.16-3.el8.s390x",
"product": {
"name": "dovecot-devel-1:2.3.16-3.el8.s390x",
"product_id": "dovecot-devel-1:2.3.16-3.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-devel@2.3.16-3.el8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-debugsource-1:2.3.16-3.el8.s390x",
"product": {
"name": "dovecot-debugsource-1:2.3.16-3.el8.s390x",
"product_id": "dovecot-debugsource-1:2.3.16-3.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-debugsource@2.3.16-3.el8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-debuginfo-1:2.3.16-3.el8.s390x",
"product": {
"name": "dovecot-debuginfo-1:2.3.16-3.el8.s390x",
"product_id": "dovecot-debuginfo-1:2.3.16-3.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-debuginfo@2.3.16-3.el8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.s390x",
"product": {
"name": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.s390x",
"product_id": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-mysql-debuginfo@2.3.16-3.el8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.s390x",
"product": {
"name": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.s390x",
"product_id": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-pgsql-debuginfo@2.3.16-3.el8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.s390x",
"product": {
"name": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.s390x",
"product_id": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-pigeonhole-debuginfo@2.3.16-3.el8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-1:2.3.16-3.el8.s390x",
"product": {
"name": "dovecot-1:2.3.16-3.el8.s390x",
"product_id": "dovecot-1:2.3.16-3.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot@2.3.16-3.el8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-mysql-1:2.3.16-3.el8.s390x",
"product": {
"name": "dovecot-mysql-1:2.3.16-3.el8.s390x",
"product_id": "dovecot-mysql-1:2.3.16-3.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-mysql@2.3.16-3.el8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-pgsql-1:2.3.16-3.el8.s390x",
"product": {
"name": "dovecot-pgsql-1:2.3.16-3.el8.s390x",
"product_id": "dovecot-pgsql-1:2.3.16-3.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-pgsql@2.3.16-3.el8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "dovecot-pigeonhole-1:2.3.16-3.el8.s390x",
"product": {
"name": "dovecot-pigeonhole-1:2.3.16-3.el8.s390x",
"product_id": "dovecot-pigeonhole-1:2.3.16-3.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot-pigeonhole@2.3.16-3.el8?arch=s390x\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "dovecot-1:2.3.16-3.el8.src",
"product": {
"name": "dovecot-1:2.3.16-3.el8.src",
"product_id": "dovecot-1:2.3.16-3.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dovecot@2.3.16-3.el8?arch=src\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-1:2.3.16-3.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.aarch64"
},
"product_reference": "dovecot-1:2.3.16-3.el8.aarch64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-1:2.3.16-3.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.i686"
},
"product_reference": "dovecot-1:2.3.16-3.el8.i686",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-1:2.3.16-3.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.ppc64le"
},
"product_reference": "dovecot-1:2.3.16-3.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-1:2.3.16-3.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.s390x"
},
"product_reference": "dovecot-1:2.3.16-3.el8.s390x",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-1:2.3.16-3.el8.src as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.src"
},
"product_reference": "dovecot-1:2.3.16-3.el8.src",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-1:2.3.16-3.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.x86_64"
},
"product_reference": "dovecot-1:2.3.16-3.el8.x86_64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-debuginfo-1:2.3.16-3.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.aarch64"
},
"product_reference": "dovecot-debuginfo-1:2.3.16-3.el8.aarch64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-debuginfo-1:2.3.16-3.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.i686"
},
"product_reference": "dovecot-debuginfo-1:2.3.16-3.el8.i686",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-debuginfo-1:2.3.16-3.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.ppc64le"
},
"product_reference": "dovecot-debuginfo-1:2.3.16-3.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-debuginfo-1:2.3.16-3.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.s390x"
},
"product_reference": "dovecot-debuginfo-1:2.3.16-3.el8.s390x",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-debuginfo-1:2.3.16-3.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.x86_64"
},
"product_reference": "dovecot-debuginfo-1:2.3.16-3.el8.x86_64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-debugsource-1:2.3.16-3.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.aarch64"
},
"product_reference": "dovecot-debugsource-1:2.3.16-3.el8.aarch64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-debugsource-1:2.3.16-3.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.i686"
},
"product_reference": "dovecot-debugsource-1:2.3.16-3.el8.i686",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-debugsource-1:2.3.16-3.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.ppc64le"
},
"product_reference": "dovecot-debugsource-1:2.3.16-3.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-debugsource-1:2.3.16-3.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.s390x"
},
"product_reference": "dovecot-debugsource-1:2.3.16-3.el8.s390x",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-debugsource-1:2.3.16-3.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.x86_64"
},
"product_reference": "dovecot-debugsource-1:2.3.16-3.el8.x86_64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-devel-1:2.3.16-3.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.aarch64"
},
"product_reference": "dovecot-devel-1:2.3.16-3.el8.aarch64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-devel-1:2.3.16-3.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.i686"
},
"product_reference": "dovecot-devel-1:2.3.16-3.el8.i686",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-devel-1:2.3.16-3.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.ppc64le"
},
"product_reference": "dovecot-devel-1:2.3.16-3.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-devel-1:2.3.16-3.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.s390x"
},
"product_reference": "dovecot-devel-1:2.3.16-3.el8.s390x",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-devel-1:2.3.16-3.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.x86_64"
},
"product_reference": "dovecot-devel-1:2.3.16-3.el8.x86_64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-mysql-1:2.3.16-3.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.aarch64"
},
"product_reference": "dovecot-mysql-1:2.3.16-3.el8.aarch64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-mysql-1:2.3.16-3.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.ppc64le"
},
"product_reference": "dovecot-mysql-1:2.3.16-3.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-mysql-1:2.3.16-3.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.s390x"
},
"product_reference": "dovecot-mysql-1:2.3.16-3.el8.s390x",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-mysql-1:2.3.16-3.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.x86_64"
},
"product_reference": "dovecot-mysql-1:2.3.16-3.el8.x86_64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.aarch64"
},
"product_reference": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.aarch64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.i686"
},
"product_reference": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.i686",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.ppc64le"
},
"product_reference": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.s390x"
},
"product_reference": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.s390x",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.x86_64"
},
"product_reference": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.x86_64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pgsql-1:2.3.16-3.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.aarch64"
},
"product_reference": "dovecot-pgsql-1:2.3.16-3.el8.aarch64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pgsql-1:2.3.16-3.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.ppc64le"
},
"product_reference": "dovecot-pgsql-1:2.3.16-3.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pgsql-1:2.3.16-3.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.s390x"
},
"product_reference": "dovecot-pgsql-1:2.3.16-3.el8.s390x",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pgsql-1:2.3.16-3.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.x86_64"
},
"product_reference": "dovecot-pgsql-1:2.3.16-3.el8.x86_64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.aarch64"
},
"product_reference": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.aarch64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.i686"
},
"product_reference": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.i686",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.ppc64le"
},
"product_reference": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.s390x"
},
"product_reference": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.s390x",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.x86_64"
},
"product_reference": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.x86_64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pigeonhole-1:2.3.16-3.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.aarch64"
},
"product_reference": "dovecot-pigeonhole-1:2.3.16-3.el8.aarch64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pigeonhole-1:2.3.16-3.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.ppc64le"
},
"product_reference": "dovecot-pigeonhole-1:2.3.16-3.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pigeonhole-1:2.3.16-3.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.s390x"
},
"product_reference": "dovecot-pigeonhole-1:2.3.16-3.el8.s390x",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pigeonhole-1:2.3.16-3.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.x86_64"
},
"product_reference": "dovecot-pigeonhole-1:2.3.16-3.el8.x86_64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.aarch64"
},
"product_reference": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.aarch64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.i686"
},
"product_reference": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.i686",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.ppc64le"
},
"product_reference": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.s390x"
},
"product_reference": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.s390x",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.x86_64"
},
"product_reference": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.x86_64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-1:2.3.16-3.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.aarch64"
},
"product_reference": "dovecot-1:2.3.16-3.el8.aarch64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-1:2.3.16-3.el8.i686 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.i686"
},
"product_reference": "dovecot-1:2.3.16-3.el8.i686",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-1:2.3.16-3.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.ppc64le"
},
"product_reference": "dovecot-1:2.3.16-3.el8.ppc64le",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-1:2.3.16-3.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.s390x"
},
"product_reference": "dovecot-1:2.3.16-3.el8.s390x",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-1:2.3.16-3.el8.src as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.src"
},
"product_reference": "dovecot-1:2.3.16-3.el8.src",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-1:2.3.16-3.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.x86_64"
},
"product_reference": "dovecot-1:2.3.16-3.el8.x86_64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-debuginfo-1:2.3.16-3.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.aarch64"
},
"product_reference": "dovecot-debuginfo-1:2.3.16-3.el8.aarch64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-debuginfo-1:2.3.16-3.el8.i686 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.i686"
},
"product_reference": "dovecot-debuginfo-1:2.3.16-3.el8.i686",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-debuginfo-1:2.3.16-3.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.ppc64le"
},
"product_reference": "dovecot-debuginfo-1:2.3.16-3.el8.ppc64le",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-debuginfo-1:2.3.16-3.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.s390x"
},
"product_reference": "dovecot-debuginfo-1:2.3.16-3.el8.s390x",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-debuginfo-1:2.3.16-3.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.x86_64"
},
"product_reference": "dovecot-debuginfo-1:2.3.16-3.el8.x86_64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-debugsource-1:2.3.16-3.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.aarch64"
},
"product_reference": "dovecot-debugsource-1:2.3.16-3.el8.aarch64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-debugsource-1:2.3.16-3.el8.i686 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.i686"
},
"product_reference": "dovecot-debugsource-1:2.3.16-3.el8.i686",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-debugsource-1:2.3.16-3.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.ppc64le"
},
"product_reference": "dovecot-debugsource-1:2.3.16-3.el8.ppc64le",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-debugsource-1:2.3.16-3.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.s390x"
},
"product_reference": "dovecot-debugsource-1:2.3.16-3.el8.s390x",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-debugsource-1:2.3.16-3.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.x86_64"
},
"product_reference": "dovecot-debugsource-1:2.3.16-3.el8.x86_64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-devel-1:2.3.16-3.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.aarch64"
},
"product_reference": "dovecot-devel-1:2.3.16-3.el8.aarch64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-devel-1:2.3.16-3.el8.i686 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.i686"
},
"product_reference": "dovecot-devel-1:2.3.16-3.el8.i686",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-devel-1:2.3.16-3.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.ppc64le"
},
"product_reference": "dovecot-devel-1:2.3.16-3.el8.ppc64le",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-devel-1:2.3.16-3.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.s390x"
},
"product_reference": "dovecot-devel-1:2.3.16-3.el8.s390x",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-devel-1:2.3.16-3.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.x86_64"
},
"product_reference": "dovecot-devel-1:2.3.16-3.el8.x86_64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-mysql-1:2.3.16-3.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.aarch64"
},
"product_reference": "dovecot-mysql-1:2.3.16-3.el8.aarch64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-mysql-1:2.3.16-3.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.ppc64le"
},
"product_reference": "dovecot-mysql-1:2.3.16-3.el8.ppc64le",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-mysql-1:2.3.16-3.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.s390x"
},
"product_reference": "dovecot-mysql-1:2.3.16-3.el8.s390x",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-mysql-1:2.3.16-3.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.x86_64"
},
"product_reference": "dovecot-mysql-1:2.3.16-3.el8.x86_64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.aarch64"
},
"product_reference": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.aarch64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.i686 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.i686"
},
"product_reference": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.i686",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.ppc64le"
},
"product_reference": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.ppc64le",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.s390x"
},
"product_reference": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.s390x",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.x86_64"
},
"product_reference": "dovecot-mysql-debuginfo-1:2.3.16-3.el8.x86_64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pgsql-1:2.3.16-3.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.aarch64"
},
"product_reference": "dovecot-pgsql-1:2.3.16-3.el8.aarch64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pgsql-1:2.3.16-3.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.ppc64le"
},
"product_reference": "dovecot-pgsql-1:2.3.16-3.el8.ppc64le",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pgsql-1:2.3.16-3.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.s390x"
},
"product_reference": "dovecot-pgsql-1:2.3.16-3.el8.s390x",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pgsql-1:2.3.16-3.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.x86_64"
},
"product_reference": "dovecot-pgsql-1:2.3.16-3.el8.x86_64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.aarch64"
},
"product_reference": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.aarch64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.i686 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.i686"
},
"product_reference": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.i686",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.ppc64le"
},
"product_reference": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.ppc64le",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.s390x"
},
"product_reference": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.s390x",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.x86_64"
},
"product_reference": "dovecot-pgsql-debuginfo-1:2.3.16-3.el8.x86_64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pigeonhole-1:2.3.16-3.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.aarch64"
},
"product_reference": "dovecot-pigeonhole-1:2.3.16-3.el8.aarch64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pigeonhole-1:2.3.16-3.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.ppc64le"
},
"product_reference": "dovecot-pigeonhole-1:2.3.16-3.el8.ppc64le",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pigeonhole-1:2.3.16-3.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.s390x"
},
"product_reference": "dovecot-pigeonhole-1:2.3.16-3.el8.s390x",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pigeonhole-1:2.3.16-3.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.x86_64"
},
"product_reference": "dovecot-pigeonhole-1:2.3.16-3.el8.x86_64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.aarch64"
},
"product_reference": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.aarch64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.i686 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.i686"
},
"product_reference": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.i686",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.ppc64le"
},
"product_reference": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.ppc64le",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.s390x"
},
"product_reference": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.s390x",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.x86_64"
},
"product_reference": "dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.x86_64",
"relates_to_product_reference": "CRB-8.7.0.GA"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-30550",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2022-07-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2105070"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Dovecot IMAP Server. When two passdb configuration entries exist in the Dovecot configuration, which have the same driver and args settings, the incorrect username_filter and mechanism settings can be applied to passdb definitions. These incorrect settings can lead to an unintended security configuration and can permit privilege escalation with certain configurations involving a master user authentication. If the same passwd file or PAM is used for both normal and master users, an attacker could easily become a master user, potentially escalating privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "dovecot: Privilege escalation when similar master and non-master passdbs are used",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.i686",
"AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.src",
"AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.i686",
"AppStream-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.i686",
"AppStream-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.i686",
"AppStream-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.i686",
"AppStream-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.i686",
"AppStream-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.i686",
"AppStream-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.i686",
"CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.src",
"CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.i686",
"CRB-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.i686",
"CRB-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.i686",
"CRB-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.i686",
"CRB-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.i686",
"CRB-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.i686",
"CRB-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-30550"
},
{
"category": "external",
"summary": "RHBZ#2105070",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105070"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-30550",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30550"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30550",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30550"
},
{
"category": "external",
"summary": "https://dovecot.org/pipermail/dovecot-news/2022-July/000478.html",
"url": "https://dovecot.org/pipermail/dovecot-news/2022-July/000478.html"
}
],
"release_date": "2022-07-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-08T10:08:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.i686",
"AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.src",
"AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.i686",
"AppStream-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.i686",
"AppStream-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.i686",
"AppStream-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.i686",
"AppStream-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.i686",
"AppStream-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.i686",
"AppStream-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.i686",
"CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.src",
"CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.i686",
"CRB-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.i686",
"CRB-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.i686",
"CRB-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.i686",
"CRB-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.i686",
"CRB-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.i686",
"CRB-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:7623"
},
{
"category": "workaround",
"details": "Always authenticate master users from a different source than regular users, for example, use a separate passwd file. Alternatively, you can use global ACLs to ensure that only legitimate master users have privileged access.",
"product_ids": [
"AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.i686",
"AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.src",
"AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.i686",
"AppStream-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.i686",
"AppStream-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.i686",
"AppStream-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.i686",
"AppStream-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.i686",
"AppStream-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.i686",
"AppStream-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.i686",
"CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.src",
"CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.i686",
"CRB-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.i686",
"CRB-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.i686",
"CRB-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.i686",
"CRB-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.i686",
"CRB-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.i686",
"CRB-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.i686",
"AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.src",
"AppStream-8.7.0.GA:dovecot-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.i686",
"AppStream-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.i686",
"AppStream-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.i686",
"AppStream-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.i686",
"AppStream-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.i686",
"AppStream-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.x86_64",
"AppStream-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.aarch64",
"AppStream-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.i686",
"AppStream-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.ppc64le",
"AppStream-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.s390x",
"AppStream-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.i686",
"CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.src",
"CRB-8.7.0.GA:dovecot-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.i686",
"CRB-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-debuginfo-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.i686",
"CRB-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-debugsource-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.i686",
"CRB-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-devel-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-mysql-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.i686",
"CRB-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-mysql-debuginfo-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-pgsql-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.i686",
"CRB-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-pgsql-debuginfo-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-pigeonhole-1:2.3.16-3.el8.x86_64",
"CRB-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.aarch64",
"CRB-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.i686",
"CRB-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.ppc64le",
"CRB-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.s390x",
"CRB-8.7.0.GA:dovecot-pigeonhole-debuginfo-1:2.3.16-3.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "dovecot: Privilege escalation when similar master and non-master passdbs are used"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…