drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Denial of Service in dovecot
Name: |
Denial of Service in dovecot |
|
ID: |
DSA-2954-1 |
|
Distribution: |
Debian |
|
Plattformen: |
Debian sid, Debian wheezy, Debian jessie |
|
Datum: |
Mo, 9. Juni 2014, 22:43 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3430 |
|
Applikationen: |
dovecot |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
- ------------------------------------------------------------------------- Debian Security Advisory DSA-2954-1 security@debian.org http://www.debian.org/security/ Salvatore Bonaccorso June 09, 2014 http://www.debian.org/security/faq - -------------------------------------------------------------------------
Package : dovecot CVE ID : CVE-2014-3430 Debian Bug : 747549
It was discovered that the Dovecot email server is vulnerable to a denial of service attack against imap/pop3-login processes due to incorrect handling of the closure of inactive SSL/TLS connections.
For the stable distribution (wheezy), this problem has been fixed in version 1:2.1.7-7+deb7u1.
For the testing distribution (jessie), this problem has been fixed in version 1:2.2.13~rc1-1.
For the unstable distribution (sid), this problem has been fixed in version 1:2.2.13~rc1-1.
We recommend that you upgrade your dovecot packages.
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIcBAEBCgAGBQJTlfRZAAoJEAVMuPMTQ89EnisP/26H2tVdVc2/oTdtLLIqWsOX 66SqlmpfX0hwggvyJcMur6plkYkxFX+Ezrmapz7Qte+qnFSIyEOI8xLw+DloAsHg qsWlZQkLcpOixbY0Xk9fziD+Hm+bv/2DauDx7IGMkto5TSumZybJWK0gbWbFuWkg 4dUnU77Nl/VBJoChG1mxx918m1RUdYMCM5/tSxNGB8Eg/hN2oRP3tx35kjnZzr74 DAVbMTcp5I6uC4EhuEqGBiR05tkT4I4a5xJ1/hAO3jOXUjc6QSSu1qRGHhsQx7Am FYzaDDdSzqnj2Pu+aQuVMYFkWCDO65zw3avlOn5qPTiMzRSx1DmdUEJGIA6kGFyL gFu4Kew4U8tmsqPaCEV9YrhvD0rVGBzpTQGgc43Ud1Nd+RUN0sUpR2BM2eYKNt+p j/TH89ihdZE0xCct99gib20Qtzj2yv0FRqVeeIGXSaF2OXI/OLJOh0MHguKPCPIQ pj/+NV3BuX8uu57ogSGO+hm+kGAv+yaHi5bWpDpZpGKDKH1PtSi6oMPlUjubXZ+C cDORh91mFL8nFTcrMvYoSsRW6kBUsBI9uAeOhDjyPAolhADwzE+KJ2Ru1S3vtLyC 7EMccBgtS7W99CZPI+TIwAIlivnCgyBHhX1H7pwgjOaPbQKbVx+Qs6+xQsrCtkVy 4bWkR7B41Z0sAu7YcoE8 =y6t5 -----END PGP SIGNATURE-----
-- To UNSUBSCRIBE, email to debian-security-announce-REQUEST@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org Archive: https://lists.debian.org/E1Wu3tt-0002F6-Kl@master.debian.org
|
|
|
|