ELSA-2024-6973

ELSA-2024-6973 - dovecot security update

Type:SECURITY
Severity:MODERATE
Release Date:2024-09-24

Description


[1:2.3.16-6]
- fix CVE-2024-23185: very large headers can cause resource exhaustion when parsing message (RHEL-55219)
- fix CVE-2024-23184: using a large number of address headers may trigger a denial of service (RHEL-55206)


Related CVEs


CVE-2024-23184
CVE-2024-23185

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By AdvisoryChannel Label
Oracle Linux 8 (aarch64) dovecot-2.3.16-6.el8_10.src.rpm22e3032455e64c3053eb1cf232a6b837-ol8_aarch64_appstream
dovecot-2.3.16-6.el8_10.src.rpm22e3032455e64c3053eb1cf232a6b837-ol8_aarch64_codeready_builder
dovecot-2.3.16-6.el8_10.aarch64.rpmb8473494040f7b477f819c37585c02c1-ol8_aarch64_appstream
dovecot-devel-2.3.16-6.el8_10.aarch64.rpmde9ef98e9a8270c48d8f3911b4a28ca1-ol8_aarch64_codeready_builder
dovecot-mysql-2.3.16-6.el8_10.aarch64.rpm025282ba0cfd0a6dcc691cb2159a38e8-ol8_aarch64_appstream
dovecot-pgsql-2.3.16-6.el8_10.aarch64.rpm17c531a2da1fec43d607e2435c389032-ol8_aarch64_appstream
dovecot-pigeonhole-2.3.16-6.el8_10.aarch64.rpm75164da1fc412b0f8988d17cf064a9cf-ol8_aarch64_appstream
Oracle Linux 8 (x86_64) dovecot-2.3.16-6.el8_10.src.rpm22e3032455e64c3053eb1cf232a6b837-ol8_x86_64_appstream
dovecot-2.3.16-6.el8_10.src.rpm22e3032455e64c3053eb1cf232a6b837-ol8_x86_64_codeready_builder
dovecot-2.3.16-6.el8_10.i686.rpm914b29ae1162f892d87f0604539322d7-ol8_x86_64_codeready_builder
dovecot-2.3.16-6.el8_10.x86_64.rpm4d8d44fd47a9742897b8133e84493ff7-ol8_x86_64_appstream
dovecot-devel-2.3.16-6.el8_10.i686.rpmeac5b1dd7cd02724fd4aee6426fbe50c-ol8_x86_64_codeready_builder
dovecot-devel-2.3.16-6.el8_10.x86_64.rpm4345999e9ad8db7b6c11004af793356e-ol8_x86_64_codeready_builder
dovecot-mysql-2.3.16-6.el8_10.x86_64.rpmccba0c61806678693c564faebccdc7d6-ol8_x86_64_appstream
dovecot-pgsql-2.3.16-6.el8_10.x86_64.rpmd0264ebd32358700c3f3ed4d3fb11793-ol8_x86_64_appstream
dovecot-pigeonhole-2.3.16-6.el8_10.x86_64.rpm8d3d676ce1a28568422ef77d7aefdf07-ol8_x86_64_appstream


This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections:

software.hardware.complete