Home / mailings [SECURITY] [DSA 5752-1] dovecot security update
Posted on 21 August 2024
Debian Security Advisory- -------------------------------------------------------------------------
Debian Security Advisory DSA-5752-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
August 21, 2024 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : dovecot
CVE ID : CVE-2024-23184 CVE-2024-23185
Two vulnerabilities have been discovered in the IMAP implementation of
the Dovecot mail server: Excessive numbers of address headers or very
large headers can result in high CPU usage, leading to denial of
service.
For the stable distribution (bookworm), these problems have been fixed in
version 1:2.3.19.1+dfsg1-2.1+deb12u1.
We recommend that you upgrade your dovecot packages.
For the detailed security status of dovecot please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/dovecot
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
