ELA-342-1 dovecot security update

Denial of Service (DoS) vulnerability

2021-01-05
Packagedovecot
Version1:2.2.13-12~deb8u9
Related CVEs CVE-2020-25275

A vulnerability was discovered in the Dovecot IMAP server where a malicious sender could crash Dovecot repeatedly by sending messages with more than 10,000 MIME parts.

For Debian 8 Jessie, these problems have been fixed in version 1:2.2.13-12~deb8u9.

We recommend that you upgrade your dovecot packages.

Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/