openSUSE 10 Security Update : dovecot (dovecot-1987)
High Nessus Plugin ID 27200
SynopsisThe remote openSUSE host is missing a security update.
DescriptionDovecot might have been affected by the multibyte character set SQL injection issues for instance described in CVE-2006-2314.
This patch fixes the MySQL and PostgreSQL backend to use the correct quoting methods when passing user-supplied strings.
SolutionUpdate the affected dovecot package.