Date: Wed, 25 Jun 2014 17:57:57 +0000
Reply-To: scientific-linux-users@listserv.fnal.gov
Sender: Security Errata for Scientific Linux
From: Pat Riehecky
Subject: Security ERRATA Moderate: dovecot on SL6.x i386/srpm/x86_64
MIME-Version: 1.0
Synopsis: Moderate: dovecot security update
Advisory ID: SLSA-2014:0790-1
Issue Date: 2014-06-25
CVE Numbers: CVE-2014-3430
--
It was discovered that Dovecot did not properly discard connections
trapped in the SSL/TLS handshake phase. A remote attacker could use this
flaw to cause a denial of service on an IMAP/POP3 server by exhausting the
pool of available connections and preventing further, legitimate
connections to the IMAP/POP3 server to be made. (CVE-2014-3430)
After installing the updated packages, the dovecot service will be
restarted automatically.
--
SL6
x86_64
dovecot-2.0.9-7.el6_5.1.i686.rpm
dovecot-pigeonhole-2.0.9-7.el6_5.1.x86_64.rpm
dovecot-devel-2.0.9-7.el6_5.1.x86_64.rpm
dovecot-2.0.9-7.el6_5.1.x86_64.rpm
dovecot-mysql-2.0.9-7.el6_5.1.x86_64.rpm
dovecot-pgsql-2.0.9-7.el6_5.1.x86_64.rpm
dovecot-debuginfo-2.0.9-7.el6_5.1.i686.rpm
dovecot-debuginfo-2.0.9-7.el6_5.1.x86_64.rpm
i386
dovecot-2.0.9-7.el6_5.1.i686.rpm
dovecot-pgsql-2.0.9-7.el6_5.1.i686.rpm
dovecot-devel-2.0.9-7.el6_5.1.i686.rpm
dovecot-pigeonhole-2.0.9-7.el6_5.1.i686.rpm
dovecot-mysql-2.0.9-7.el6_5.1.i686.rpm
dovecot-debuginfo-2.0.9-7.el6_5.1.i686.rpm
srpm
dovecot-2.0.9-7.el6_5.1.src.rpm
- Scientific Linux Development Team
lastline
SciLinux: CVE-2014-3430 Moderate: dovecot SL6.x i386/srpm/x86_64
Moderate: dovecot security update
Summary
Moderate: dovecot security update
Security Fixes
Severity
Advisory ID: SLSA-2014:0790-1
Issued Date: : 2014-06-25
CVE Numbers: CVE-2014-3430
It was discovered that Dovecot did not properly discard connections
News
HOWTOs
Features
About Us
Powered By
