User: Password:
|
|
Subscribe / Log in / New account

Scientific Linux alert SLSA-2014:0790-1 (dovecot)

From:  Pat Riehecky <riehecky@fnal.gov>
To:  <scientific-linux-errata@listserv.fnal.gov>
Subject:  Security ERRATA Moderate: dovecot on SL6.x i386/srpm/x86_64
Date:  Wed, 25 Jun 2014 17:57:57 +0000
Message-ID:  <20140625175757.20634.3380@slpackages.fnal.gov>

Synopsis: Moderate: dovecot security update Advisory ID: SLSA-2014:0790-1 Issue Date: 2014-06-25 CVE Numbers: CVE-2014-3430 -- It was discovered that Dovecot did not properly discard connections trapped in the SSL/TLS handshake phase. A remote attacker could use this flaw to cause a denial of service on an IMAP/POP3 server by exhausting the pool of available connections and preventing further, legitimate connections to the IMAP/POP3 server to be made. (CVE-2014-3430) After installing the updated packages, the dovecot service will be restarted automatically. -- SL6 x86_64 dovecot-2.0.9-7.el6_5.1.i686.rpm dovecot-pigeonhole-2.0.9-7.el6_5.1.x86_64.rpm dovecot-devel-2.0.9-7.el6_5.1.x86_64.rpm dovecot-2.0.9-7.el6_5.1.x86_64.rpm dovecot-mysql-2.0.9-7.el6_5.1.x86_64.rpm dovecot-pgsql-2.0.9-7.el6_5.1.x86_64.rpm dovecot-debuginfo-2.0.9-7.el6_5.1.i686.rpm dovecot-debuginfo-2.0.9-7.el6_5.1.x86_64.rpm i386 dovecot-2.0.9-7.el6_5.1.i686.rpm dovecot-pgsql-2.0.9-7.el6_5.1.i686.rpm dovecot-devel-2.0.9-7.el6_5.1.i686.rpm dovecot-pigeonhole-2.0.9-7.el6_5.1.i686.rpm dovecot-mysql-2.0.9-7.el6_5.1.i686.rpm dovecot-debuginfo-2.0.9-7.el6_5.1.i686.rpm srpm dovecot-2.0.9-7.el6_5.1.src.rpm - Scientific Linux Development Team


(Log in to post comments)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds