drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Denial of Service in dovecot
Name: |
Denial of Service in dovecot |
|
ID: |
MDVSA-2010:104 |
|
Distribution: |
Mandriva |
|
Plattformen: |
Mandriva 2010.0 |
|
Datum: |
Sa, 22. Mai 2010, 08:11 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0745
http://www.dovecot.org/list/dovecot-news/2010-March/000152.html |
|
Applikationen: |
dovecot |
|
Originalnachricht |
This is a multi-part message in MIME format...
------------=_1274449333-24326-8104
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2010:104 http://www.mandriva.com/security/ _______________________________________________________________________
Package : dovecot Date : May 21, 2010 Affected: 2010.0 _______________________________________________________________________
Problem Description:
A vulnerability was discovered and corrected in dovecot: Unspecified vulnerability in Dovecot 1.2.x before 1.2.11 allows remote attackers to cause a denial of service (CPU consumption) via long headers in an e-mail message (CVE-2010-0745). This update provides dovecot 1.2.11 which is not vulnerable to this issue and also holds many bugfixes as well. _______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0745 http://www.dovecot.org/list/dovecot-news/2010-March/000152.html _______________________________________________________________________
Updated Packages:
Mandriva Linux 2010.0: b95d9a917da2a42436c933475dacb689 2010.0/i586/dovecot-1.2.11-0.1mdv2010.0.i586.rpm ae17dc00f69e99cd1bcd4117cde53e9d 2010.0/i586/dovecot-devel-1.2.11-0.1mdv2010.0.i586.rpm a5304d895371d64b4e77c8c178adeabc 2010.0/i586/dovecot-plugins-gssapi-1.2.11-0.1mdv2010.0.i586.rpm ac1c3a580905b10ba644013646db053b 2010.0/i586/dovecot-plugins-ldap-1.2.11-0.1mdv2010.0.i586.rpm 5625a95867c3f6557e01c68c1627c50c 2010.0/i586/dovecot-plugins-managesieve-1.2.11-0.1mdv2010.0.i586.rpm d7ca2adca57b353996bd0d3be8eaa15a 2010.0/i586/dovecot-plugins-mysql-1.2.11-0.1mdv2010.0.i586.rpm 648a1f4d176a2ff5e9d8c2751a75176d 2010.0/i586/dovecot-plugins-pgsql-1.2.11-0.1mdv2010.0.i586.rpm 95f866ead04f859375e38775e13f2d82 2010.0/i586/dovecot-plugins-sieve-1.2.11-0.1mdv2010.0.i586.rpm 6cf7c7e9e47fb15c18bb2219fe58c39e 2010.0/i586/dovecot-plugins-sqlite-1.2.11-0.1mdv2010.0.i586.rpm 5e36c888b6f39d97c51f1ad2262d5698 2010.0/SRPMS/dovecot-1.2.11-0.1mdv2010.0.src.rpm
Mandriva Linux 2010.0/X86_64: e5ac579121952f2f7d0db0082c35fe3f 2010.0/x86_64/dovecot-1.2.11-0.1mdv2010.0.x86_64.rpm 0d70781b49ad834523dff177b38394bc 2010.0/x86_64/dovecot-devel-1.2.11-0.1mdv2010.0.x86_64.rpm 65f7ed1fe4c4882173fb4bcfb1dee81e 2010.0/x86_64/dovecot-plugins-gssapi-1.2.11-0.1mdv2010.0.x86_64.rpm 9ce625bbdf040a61f84abcb98a326511 2010.0/x86_64/dovecot-plugins-ldap-1.2.11-0.1mdv2010.0.x86_64.rpm 87af67276a9b3a12cf5c17b369eea39a 2010.0/x86_64/dovecot-plugins-managesieve-1.2.11-0.1mdv2010.0.x86_64.rpm 8a9d7710eadcae398b232799458f25f1 2010.0/x86_64/dovecot-plugins-mysql-1.2.11-0.1mdv2010.0.x86_64.rpm bcf047e686991a4e52055f83cb9e7834 2010.0/x86_64/dovecot-plugins-pgsql-1.2.11-0.1mdv2010.0.x86_64.rpm c630786ec35b58dda992ffa7bf370da3 2010.0/x86_64/dovecot-plugins-sieve-1.2.11-0.1mdv2010.0.x86_64.rpm a9037b2ebcf8a76fbe455d15586e1e51 2010.0/x86_64/dovecot-plugins-sqlite-1.2.11-0.1mdv2010.0.x86_64.rpm 5e36c888b6f39d97c51f1ad2262d5698 2010.0/SRPMS/dovecot-1.2.11-0.1mdv2010.0.src.rpm _______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com _______________________________________________________________________
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFL9mFHmqjQ0CJFipgRAkPBAJ0R70lQxLJ5wXhXnxXOE7EAqXJBLwCeJd9Q Ddb7NogAMrl6qa4iMnFrUfs= =b5XG -----END PGP SIGNATURE-----
------------=_1274449333-24326-8104 Content-Type: text/plain; name="message-footer.txt" Content-Disposition: inline; filename="message-footer.txt" Content-Transfer-Encoding: 8bit
To unsubscribe, send a email to sympa@mandrivalinux.org with this subject : unsubscribe security-announce _______________________________________________________ Want to buy your Pack or Services from Mandriva? Go to http://www.mandrivastore.com Join the Club : http://www.mandrivaclub.com _______________________________________________________
------------=_1274449333-24326-8104--
|
|
|
|