Synopsis: Moderate: dovecot security update
Advisory ID: SLSA-2014:0790-1
Issue Date: 2014-06-25
CVE Numbers: CVE-2014-3430
—
It was discovered that Dovecot did not properly discard connections
trapped in the SSL/TLS handshake phase. A remote attacker could use this
flaw to cause a denial of service on an IMAP/POP3 server by exhausting the
pool of available connections and preventing further, legitimate
connections to the IMAP/POP3 server to be made. (CVE-2014-3430)
After installing the updated packages, the dovecot service will be
restarted automatically.
—
SL6
x86_64
dovecot-2.0.9-7.el6_5.1.i686.rpm
dovecot-pigeonhole-2.0.9-7.el6_5.1.x86_64.rpm
dovecot-devel-2.0.9-7.el6_5.1.x86_64.rpm
dovecot-2.0.9-7.el6_5.1.x86_64.rpm
dovecot-mysql-2.0.9-7.el6_5.1.x86_64.rpm
dovecot-pgsql-2.0.9-7.el6_5.1.x86_64.rpm
dovecot-debuginfo-2.0.9-7.el6_5.1.i686.rpm
dovecot-debuginfo-2.0.9-7.el6_5.1.x86_64.rpm
i386
dovecot-2.0.9-7.el6_5.1.i686.rpm
dovecot-pgsql-2.0.9-7.el6_5.1.i686.rpm
dovecot-devel-2.0.9-7.el6_5.1.i686.rpm
dovecot-pigeonhole-2.0.9-7.el6_5.1.i686.rpm
dovecot-mysql-2.0.9-7.el6_5.1.i686.rpm
dovecot-debuginfo-2.0.9-7.el6_5.1.i686.rpm
srpm
dovecot-2.0.9-7.el6_5.1.src.rpm
noarch
dovecot-debuginfo-2.0.9-7.el6_5.1.i686.rpm
dovecot-debuginfo-2.0.9-7.el6_5.1.x86_64.rpm
– Scientific Linux Development Team
