dovecot security update

To: debian-lts-announce@lists.debian.org
Subject: dovecot security update
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Wed, 11 Jun 2014 16:55:51 +0000
Message-id: <[🔎] E1WuloV-0005sP-AW@master.debian.org>
Mail-followup-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : dovecot
Version        : 1:1.2.15-7+deb6u1
CVE ID         : CVE-2014-3430
Debian Bug     : 747549

It was discovered that the Dovecot email server is vulnerable to a
denial of service attack against imap/pop3-login processes due to
incorrect handling of the closure of inactive SSL/TLS connections.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJTmH+ZAAoJEAVMuPMTQ89EjFcP/2UKZZwwXEurTwrbFIcs+M6v
6MA3yV6XcJiVVk69It2vrVMw+xYt0KHnijrPXgARuTXYSuupxY/x2UZqySXM4Wng
sDL1mMHshalnkxTmyyGYwKkOPFaT2dYq1lvpJvTilgwCNuGuCStWYD4R5/OYQ+e8
b9UIdrjTOyL9g/0v2tD47itLjhGEj1W79/WRa5kRGzvvA6ywzw3JVYvz2QiEP6oK
F00YAzsjv+ZRSvIq3HOm3MPt3ZvL5yy2Z6DF3ALncaiulyoqYGCI9OK2sUvkNXxL
YO1XThof1+EkeBVaJ6FKus6UyZ3yY2Jz7rDxKoKv2ANInwIZNSexZ52rw1FmSPYC
qukBQvLMD+CAHJgAQ843eWXh+5C0LhCjpZ6kSldunoOQrBBOSoYb2lwQSUx52X4q
oI/lPMpuesSUvfO/oIn2VWeTJ6/53/Tbh4GijP6Cb055Ko27Cr6faDThfoaAgnuT
Z5iChrtJLubG++UuA7G6OcoclYF3SoXO0Jk9bTUov0Sh7ot41h7SAn6a7/LA5Vaz
Q+/l2+rfKuqwKiPZE11MlxwCjGykFXqF8dvO3yoVDDo+vn1JtP9XHcI4Khk1ySbI
Pekci7xBBXWwJXWIaEzWM7pQ6hCa/Bg+vJwxBHam21cNeQWCyuzAtKrbObCqkpHj
bnwYrY6zaUGFY+/RAG2x
=+qWD
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: openssl security update
Next by Date: apt security update
Previous by thread: openssl security update
Next by thread: apt security update
Index(es):
- Date
- Thread