First published: Mon Mar 08 2010(Updated: )
Dovecot upstream has released latest v1.2.11 version: [1] <a href="http://www.dovecot.org/list/dovecot-news/2010-March/000152.html">http://www.dovecot.org/list/dovecot-news/2010-March/000152.html</a> addressing one denial of service issue (from upstream announcement): "mbox users really should upgrade, because by sending a message with a huge header you could basically cause a DoS (this problem exists only with v1.2.x, not with v1.0 or v1.1)." References: [2] <a href="http://dovecot.org/pipermail/dovecot/2010-February/047190.html">http://dovecot.org/pipermail/dovecot/2010-February/047190.html</a> [3] <a href="http://dovecot.org/pipermail/dovecot/2010-February/047058.html">http://dovecot.org/pipermail/dovecot/2010-February/047058.html</a> [4] <a href="http://dovecot.org/releases/1.2/dovecot-1.2.11.tar.gz">http://dovecot.org/releases/1.2/dovecot-1.2.11.tar.gz</a> CVE Request: [5] <a href="http://www.openwall.com/lists/oss-security/2010/03/10/6">http://www.openwall.com/lists/oss-security/2010/03/10/6</a>
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Dovecot Dovecot | =1.2.2 | |
Dovecot Dovecot | =1.2.7 | |
Dovecot Dovecot | =1.2.4 | |
Dovecot Dovecot | =1.2.9 | |
Dovecot Dovecot | =1.2.1 | |
Dovecot Dovecot | =1.2.8 | |
Dovecot Dovecot | =1.2.6 | |
Dovecot Dovecot | =1.2.5 | |
Dovecot Dovecot | =1.2.10 | |
Dovecot Dovecot | =1.2.3 | |
Dovecot Dovecot | =1.2.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.