MGASA-2024-0280

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2024-0280.html

Import Source

https://advisories.mageia.org/MGASA-2024-0280.json

JSON Data

https://api.test.osv.dev/v1/vulns/MGASA-2024-0280

Related

CVE-2024-23184
CVE-2024-23185

Published

2024-08-17T16:55:51Z

Modified

2024-08-17T16:34:32Z

Summary

Updated packages fix security vulnerabilities

Details

CVE-2024-23184: A large number of address headers in email resulted in excessive CPU usage. CVE-2024-23185: Abnormally large email headers are now truncated or discarded, with a limit of 10MB on a single header and 50MB for all the headers of all the parts of an email.

References

https://advisories.mageia.org/MGASA-2024-0280.html
https://bugs.mageia.org/show_bug.cgi?id=33466
https://dovecot.org/mailman3/hyperkitty/list/dovecot-news@dovecot.org/thread/2CSVL56LFPAXVLWMGXEIWZL736PSYHP5/

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

MGASA-2024-0280

Affected packages