A vulnerability in Dovecot could allow a remote attacker to create a Denial of Service condition.
|Package||net-mail/dovecot on all architectures|
|Affected versions||< 2.2.13|
|Unaffected versions||>= 2.2.13|
Dovecot is an open source IMAP and POP3 email server.
Dovecot does not properly close connections, allowing a resource exhaustion for incomplete SSL/TLS handshakes.
A remote attacker could possibly cause a Denial of Service condition.
There is no known workaround at this time.
All Dovecot users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-mail/dovecot-2.2.13"
December 08, 2014
December 08, 2014: 1