 
| Subject: | |
| From: | |
| Reply To: | |
| Date: | Fri, 19 Aug 2011 10:09:27 -0500 |
| Content-Type: | text/plain |
| Parts/Attachments: |
|
|
Synopsis: Moderate: dovecot security update
Issue Date: 2011-08-18
CVE Numbers: CVE-2011-1929
Dovecot is an IMAP server for Linux, UNIX, and similar operating
systems, primarily written with security in mind.
A denial of service flaw was found in the way Dovecot handled NULL
characters in certain header names. A mail message with
specially-crafted headers could cause the Dovecot child process handling
the target user's connection to crash, blocking them from downloading
the message successfully and possibly leading to the corruption of their
mailbox. (CVE-2011-1929)
Users of dovecot are advised to upgrade to these updated packages, which
contain a backported patch to resolve this issue. After installing the
updated packages, the dovecot service will be restarted automatically.
SL4:
i386
dovecot-0.99.11-10.EL4.i386.rpm
dovecot-debuginfo-0.99.11-10.EL4.i386.rpm
x86_64
dovecot-debuginfo-0.99.11-10.EL4.x86_64.rpm
dovecot-0.99.11-10.EL4.x86_64.rpm
SL5:
i386
dovecot-1.0.7-7.el5_7.1.i386.rpm
dovecot-debuginfo-1.0.7-7.el5_7.1.i386.rpm
x86_64
dovecot-debuginfo-1.0.7-7.el5_7.1.x86_64.rpm
dovecot-1.0.7-7.el5_7.1.x86_64.rpm
SL6:
i386
dovecot-pgsql-2.0.9-2.el6_1.1.i686.rpm
dovecot-2.0.9-2.el6_1.1.i686.rpm
dovecot-debuginfo-2.0.9-2.el6_1.1.i686.rpm
dovecot-devel-2.0.9-2.el6_1.1.i686.rpm
dovecot-mysql-2.0.9-2.el6_1.1.i686.rpm
dovecot-pigeonhole-2.0.9-2.el6_1.1.i686.rpm
x86_64
dovecot-2.0.9-2.el6_1.1.i686.rpm
dovecot-pgsql-2.0.9-2.el6_1.1.x86_64.rpm
dovecot-mysql-2.0.9-2.el6_1.1.x86_64.rpm
dovecot-devel-2.0.9-2.el6_1.1.x86_64.rpm
dovecot-debuginfo-2.0.9-2.el6_1.1.x86_64.rpm
dovecot-debuginfo-2.0.9-2.el6_1.1.i686.rpm
dovecot-2.0.9-2.el6_1.1.x86_64.rpm
dovecot-pigeonhole-2.0.9-2.el6_1.1.x86_64.rpm
- Scientific Linux Development Team
|
|
|
