Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
centosCentOS ProjectCESA-2014:0790
HistoryJun 25, 2014 - 7:00 p.m.

dovecot security update

2014-06-2519:00:49
CentOS Project
lists.centos.org
40

0.091 Low

EPSS

Percentile

94.6%

JSON

CentOS Errata and Security Advisory CESA-2014:0790

Dovecot is an IMAP server, written with security primarily in mind, for
Linux and other UNIX-like systems. It also contains a small POP3 server.
It supports mail in both the maildir or mbox format. The SQL drivers and
authentication plug-ins are provided as subpackages.

It was discovered that Dovecot did not properly discard connections trapped
in the SSL/TLS handshake phase. A remote attacker could use this flaw to
cause a denial of service on an IMAP/POP3 server by exhausting the pool of
available connections and preventing further, legitimate connections to the
IMAP/POP3 server to be made. (CVE-2014-3430)

All dovecot users are advised to upgrade to these updated packages, which
contain a backported patch to correct this issue. After installing the
updated packages, the dovecot service will be restarted automatically.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2014-June/082550.html

Affected packages:
dovecot
dovecot-devel
dovecot-mysql
dovecot-pgsql
dovecot-pigeonhole

Upstream details at:
https://access.redhat.com/errata/RHSA-2014:0790

OSVersionArchitecturePackageVersionFilename
CentOS6i686dovecot< 2.0.9-7.el6_5.1dovecot-2.0.9-7.el6_5.1.i686.rpm
CentOS6i686dovecot-devel< 2.0.9-7.el6_5.1dovecot-devel-2.0.9-7.el6_5.1.i686.rpm
CentOS6i686dovecot-mysql< 2.0.9-7.el6_5.1dovecot-mysql-2.0.9-7.el6_5.1.i686.rpm
CentOS6i686dovecot-pgsql< 2.0.9-7.el6_5.1dovecot-pgsql-2.0.9-7.el6_5.1.i686.rpm
CentOS6i686dovecot-pigeonhole< 2.0.9-7.el6_5.1dovecot-pigeonhole-2.0.9-7.el6_5.1.i686.rpm
CentOS6i686dovecot< 2.0.9-7.el6_5.1dovecot-2.0.9-7.el6_5.1.i686.rpm
CentOS6x86_64dovecot< 2.0.9-7.el6_5.1dovecot-2.0.9-7.el6_5.1.x86_64.rpm
CentOS6x86_64dovecot-devel< 2.0.9-7.el6_5.1dovecot-devel-2.0.9-7.el6_5.1.x86_64.rpm
CentOS6x86_64dovecot-mysql< 2.0.9-7.el6_5.1dovecot-mysql-2.0.9-7.el6_5.1.x86_64.rpm
CentOS6x86_64dovecot-pgsql< 2.0.9-7.el6_5.1dovecot-pgsql-2.0.9-7.el6_5.1.x86_64.rpm
Rows per page:
1-10 of 111

Related

fedora 3
debian 4
openvas 14
amazon 1
nessus 12
osv 1
ubuntucve 1
cve 1
mageia 1
veracode 1
ubuntu 1
gentoo 1
redhat 1
cvelist 1
prion 1
oraclelinux 1
debiancve 1
securityvulns 1
fedora
fedora
[SECURITY] Fedora 19 Update: dovecot-2.2.13-1.fc19
2014-06-17 23:38:27
[SECURITY] Fedora 20 Update: dovecot-2.2.13-1.fc20
2014-05-18 22:56:49
[SECURITY] Fedora 20 Update: dovecot-2.2.16-2.fc20
2015-05-19 16:26:41
debian
debian
dovecot security update
2014-06-11 16:56:06
[SECURITY] [DSA 2954-1] dovecot security update
2014-06-09 18:02:51
[SECURITY] [DSA 2954-1] dovecot security update
2014-06-09 18:02:29
openvas
openvas
Debian: Security Advisory (DSA-2954-1)
2014-06-08 00:00:00
Gentoo Security Advisory GLSA 201412-03
2015-09-29 00:00:00
RedHat Update for dovecot RHSA-2014:0790-01
2014-07-01 00:00:00
amazon
amazon
Medium: dovecot
2014-07-23 14:09:00
nessus
nessus
Debian DSA-2954-1 : dovecot - security update
2014-06-10 00:00:00
Scientific Linux Security Update : dovecot on SL6.x i386/srpm/x86_64 (20140625)
2014-06-26 00:00:00
Fedora 19 : dovecot-2.2.13-1.fc19 (2014-6331)
2014-06-18 00:00:00
osv
osv
dovecot - security update
2014-06-09 00:00:00
ubuntucve
ubuntucve
CVE-2014-3430
2014-05-13 00:00:00
cve
cve
CVE-2014-3430
2014-05-14 19:55:00
mageia
mageia
Updated dovecot packages fix security vulnerability
2014-05-17 04:38:24
veracode
veracode
Denial Of Service (DoS)
2019-01-15 08:54:35
ubuntu
ubuntu
Dovecot vulnerability
2014-05-15 00:00:00
gentoo
gentoo
Dovecot: Denial of service
2014-12-08 00:00:00
redhat
redhat
(RHSA-2014:0790) Moderate: dovecot security update
2014-06-25 00:00:00
cvelist
cvelist
CVE-2014-3430
2014-05-14 19:00:00
prion
prion
Design/Logic Flaw
2014-05-14 19:55:00
oraclelinux
oraclelinux
dovecot security update
2014-06-25 00:00:00
debiancve
debiancve
CVE-2014-3430
2014-05-14 19:55:00
securityvulns
securityvulns
Web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;
2014-05-10 00:00:00

0.091 Low

EPSS

Percentile

94.6%

JSON
Related for CESA-2014:0790
fedora3debian4openvas14amazon1nessus12osv1ubuntucve1cve1mageia1veracode1ubuntu1gentoo1redhat1cvelist1prion1oraclelinux1debiancve1securityvulns1