Dovecot is an IMAP server, written with security primarily in mind, for
Linux and other UNIX-like systems. It also contains a small POP3 server.
It supports mail in both the maildir or mbox format. The SQL drivers and
authentication plug-ins are provided as subpackages.
It was discovered that Dovecot did not properly discard connections trapped
in the SSL/TLS handshake phase. A remote attacker could use this flaw to
cause a denial of service on an IMAP/POP3 server by exhausting the pool of
available connections and preventing further, legitimate connections to the
IMAP/POP3 server to be made. (CVE-2014-3430)
All dovecot users are advised to upgrade to these updated packages, which
contain a backported patch to correct this issue. After installing the
updated packages, the dovecot service will be restarted automatically.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 6 | s390x | dovecot-pgsql | < 2.0.9-7.el6_5.1 | dovecot-pgsql-2.0.9-7.el6_5.1.s390x.rpm |
RedHat | 7 | x86_64 | dovecot-debuginfo | < 2.2.10-4.el7_0.1 | dovecot-debuginfo-2.2.10-4.el7_0.1.x86_64.rpm |
RedHat | 7 | ppc | dovecot-debuginfo | < 2.2.10-4.el7_0.1 | dovecot-debuginfo-2.2.10-4.el7_0.1.ppc.rpm |
RedHat | 7 | s390 | dovecot-debuginfo | < 2.2.10-4.el7_0.1 | dovecot-debuginfo-2.2.10-4.el7_0.1.s390.rpm |
RedHat | 7 | ppc64 | dovecot-pigeonhole | < 2.2.10-4.el7_0.1 | dovecot-pigeonhole-2.2.10-4.el7_0.1.ppc64.rpm |
RedHat | 7 | s390x | dovecot-mysql | < 2.2.10-4.el7_0.1 | dovecot-mysql-2.2.10-4.el7_0.1.s390x.rpm |
RedHat | 7 | s390x | dovecot-debuginfo | < 2.2.10-4.el7_0.1 | dovecot-debuginfo-2.2.10-4.el7_0.1.s390x.rpm |
RedHat | 7 | x86_64 | dovecot-pgsql | < 2.2.10-4.el7_0.1 | dovecot-pgsql-2.2.10-4.el7_0.1.x86_64.rpm |
RedHat | 6 | i686 | dovecot-pigeonhole | < 2.0.9-7.el6_5.1 | dovecot-pigeonhole-2.0.9-7.el6_5.1.i686.rpm |
RedHat | 6 | s390 | dovecot-debuginfo | < 2.0.9-7.el6_5.1 | dovecot-debuginfo-2.0.9-7.el6_5.1.s390.rpm |