Security
Security
A vulnerability in Dovecot could allow a remote attacker to create a Denial of Service condition.
| Package | net-mail/dovecot on all architectures |
|---|---|
| Affected versions | < 2.2.13 |
| Unaffected versions | >= 2.2.13 |
Dovecot is an open source IMAP and POP3 email server.
Dovecot does not properly close connections, allowing a resource exhaustion for incomplete SSL/TLS handshakes.
A remote attacker could possibly cause a Denial of Service condition.
There is no known workaround at this time.
All Dovecot users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-mail/dovecot-2.2.13"
Release date
December 08, 2014
Latest revision
December 08, 2014: 1
Severity
normal
Exploitable
remote
Bugzilla entries