Package "dovecot"
| Name: |
dovecot
|
Description: |
This package is just an umbrella for a group of other packages,
it has no description.
Description samples from packages in group:
- secure POP3/IMAP server - core files
- secure POP3/IMAP server - header files
- secure POP3/IMAP server - IMAP daemon
- secure POP3/IMAP server - POP3 daemon
|
| Latest version: |
1:2.3.21+dfsg1-2ubuntu6 |
| Release: |
noble (24.04) |
| Level: |
security |
| Repository: |
main |
Links
Other versions of "dovecot" in Noble
Packages in group
Deleted packages are displayed in grey.
Changelog
|
dovecot (1:2.3.21+dfsg1-2ubuntu6) noble-security; urgency=medium
* Patches for CVE-2024-23184, CVE-2024-23185 (LP: #2077324).
- CVE-2024-23184: A large number of address headers in email resulted
in excessive CPU usage.
+ d/p/CVE-2024-23184-1-lib-test-llist-Fix-dllist2-test-name.patch
+ d/p/CVE-2024-23184-2-lib-Add-DLLIST2_JOIN.patch
+ d/p/CVE-2024-23184-3-lib-mail-test-imap-envelope-Use-test_assert_idx-where-pos.patch
+ d/p/CVE-2024-23184-4-lib-mail-Change-message_address-to-be-doubly-linked-list.patch
+ d/p/CVE-2024-23184-5-lib-mail-Add-message_address_parse_full-and-struct-messag.patch
+ d/p/CVE-2024-23184-6-lib-mail-lib-imap-Optimize-parsing-large-number-of-addres.patch
- CVE-2024-23185: Abnormally large email headers are now truncated or
discarded, with a limit of 10MB on a single header and 50MB for all
the headers of all the parts of an email.
+ d/p/CVE-2024-23185-1-lib-mail-message-header-parser-Limit-header-block-to-10MB.patch
+ d/p/CVE-2024-23185-2-lib-mail-message-parser-Limit-headers-total-count-to-50MB.patch
For more information see the following articles:
CVE-2024-23184 - https://www.openwall.com/lists/oss-security/2024/08/15/3
CVE-2024-23185 - https://www.openwall.com/lists/oss-security/2024/08/15/4
-- Mitchell Dzurick <email address hidden> Mon, 26 Aug 2024 08:52:27 -0700
|
| 2077324 |
[FFE] CVE-2024-23184/CVE-2024-23185 |
|
About
-
Send Feedback to @ubuntu_updates
