CentOS 6 ELS: dovecot package gradual rollout
A new updated dovecot package within CentOS 6 ELS has been scheduled for gradual rollout from our production repository.
Rollout slot: 1
Rolled out to: 0.1%
ETA for 100% rollout: October 21
Errata: https://errata.
CHANGELOG
dovecot-2.0.9-23.el6.
- Fix resource exhaustion via deeply nested MIME parts (CVE-2020-12100)
- Fix denial of service via mail MIME parsing (CVE-2020-25275)
UPDATE COMMAND
yum update dovecot*
IMMEDIATE UPDATE (VIA BYPASS)
yum update dovecot* --enablerepo=ELS6-rollout-1-bypass