ELSA-2024-6973

ULN >
Oracle Linux Errata repository >
ELSA-2024-6973

ELSA-2024-6973 - dovecot security update

Type:	SECURITY
Severity:	MODERATE
Release Date:	2024-09-24

Description

[1:2.3.16-6]
- fix CVE-2024-23185: very large headers can cause resource exhaustion when parsing message (RHEL-55219)
- fix CVE-2024-23184: using a large number of address headers may trigger a denial of service (RHEL-55206)

Related CVEs

CVE-2024-23184

CVE-2024-23185

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory	Channel Label

Oracle Linux 8 (aarch64)	dovecot-2.3.16-6.el8_10.src.rpm	22e3032455e64c3053eb1cf232a6b837	-	ol8_aarch64_appstream
	dovecot-2.3.16-6.el8_10.src.rpm	22e3032455e64c3053eb1cf232a6b837	-	ol8_aarch64_codeready_builder
	dovecot-2.3.16-6.el8_10.aarch64.rpm	b8473494040f7b477f819c37585c02c1	-	ol8_aarch64_appstream
	dovecot-devel-2.3.16-6.el8_10.aarch64.rpm	de9ef98e9a8270c48d8f3911b4a28ca1	-	ol8_aarch64_codeready_builder
	dovecot-mysql-2.3.16-6.el8_10.aarch64.rpm	025282ba0cfd0a6dcc691cb2159a38e8	-	ol8_aarch64_appstream
	dovecot-pgsql-2.3.16-6.el8_10.aarch64.rpm	17c531a2da1fec43d607e2435c389032	-	ol8_aarch64_appstream
	dovecot-pigeonhole-2.3.16-6.el8_10.aarch64.rpm	75164da1fc412b0f8988d17cf064a9cf	-	ol8_aarch64_appstream

Oracle Linux 8 (x86_64)	dovecot-2.3.16-6.el8_10.src.rpm	22e3032455e64c3053eb1cf232a6b837	-	ol8_x86_64_appstream
	dovecot-2.3.16-6.el8_10.src.rpm	22e3032455e64c3053eb1cf232a6b837	-	ol8_x86_64_codeready_builder
	dovecot-2.3.16-6.el8_10.i686.rpm	914b29ae1162f892d87f0604539322d7	-	ol8_x86_64_codeready_builder
	dovecot-2.3.16-6.el8_10.x86_64.rpm	4d8d44fd47a9742897b8133e84493ff7	-	ol8_x86_64_appstream
	dovecot-devel-2.3.16-6.el8_10.i686.rpm	eac5b1dd7cd02724fd4aee6426fbe50c	-	ol8_x86_64_codeready_builder
	dovecot-devel-2.3.16-6.el8_10.x86_64.rpm	4345999e9ad8db7b6c11004af793356e	-	ol8_x86_64_codeready_builder
	dovecot-mysql-2.3.16-6.el8_10.x86_64.rpm	ccba0c61806678693c564faebccdc7d6	-	ol8_x86_64_appstream
	dovecot-pgsql-2.3.16-6.el8_10.x86_64.rpm	d0264ebd32358700c3f3ed4d3fb11793	-	ol8_x86_64_appstream
	dovecot-pigeonhole-2.3.16-6.el8_10.x86_64.rpm	8d3d676ce1a28568422ef77d7aefdf07	-	ol8_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections:

Oracle customers - enter a support request
Vulnerability scanning tools vendors and project maintainers - follow the standard ISV process

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691