| Description: | Dovecot is an IMAP server, written with security primarily in mind, forLinux and other UNIX-like systems. It also contains a small POP3 server.It supports mail in both the maildir or mbox format. The SQL drivers andauthentication plug-ins are provided as subpackages.It was discovered that Dovecot did not properly discard connections trappedin the SSL/TLS handshake phase. A remote attacker could use this flaw tocause a denial of service on an IMAP/POP3 server by exhausting the pool ofavailable connections and preventing further, legitimate connections to theIMAP/POP3 server to be made. (CVE-2014-3430)All dovecot users are advised to upgrade to these updated packages, whichcontain a backported patch to correct this issue. After installing theupdated packages, the dovecot service will be restarted automatically. |