Mageia 7: Advisory 2021-0078 Moderate: Email MIME Memory Exhaustion DoS
mageia
February 10, 2021
Messages with too many tiny nested MIME parts can lead to memory exhaustion on split(), resulting in denial of service (rhbz#1835353) This update limits the number of nested MIME ...
Summary
Messages with too many tiny nested MIME parts can lead to memory exhaustion on split(), resulting in denial of service (rhbz#1835353) This update limits the number of nested MIME parts to 10 (by default), to avoid a possible memory exhaustion issue with lots of tiny MIME parts.
References
- https://bugs.mageia.org/show_bug.cgi?id=26757
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/VJFUIVJOQGZOYF4Q4RXPBJTBBZD5LXVK/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/3PWODHVD5ZKQBY2OYBTFPBETUOOJA33D/
Resolution
SRPMS
- 7/core/perl-Email-MIME-1.949.0-3.1.mga7
- 7/core/perl-Email-MIME-ContentType-1.24.0-3.1.mga7
PREVIOUS
NEXT
Publication date: 10 Feb 2021
URL: https://advisories.mageia.org/MGASA-2021-0078.html
Type: security
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!