Pigeonhole needs updating too, and the various other ports providing
plugins for dovecot need revision bumps. I have diffs for all.
--
Sent from a phone, apologies for poor formatting.
On 15 August 2024 16:41:04 Kirill A. Korinsky wrote:
Brad, ports@,
Here a clean security update for mail/
On Thu, 15 Aug 2024 16:40:37 +0200,
Kirill A. Korinsky wrote:
>
> Brad, ports@,
>
> Here a clean security update for mail/dovecot.
>
> Changelog:
>
> - CVE-2024-23184: A large number of address headers in email resulted
> in excessive CPU usage.
> - CVE-2024-23185: Abnormally large email hea
Brad, ports@,
Here a clean security update for mail/dovecot.
Changelog:
- CVE-2024-23184: A large number of address headers in email resulted
in excessive CPU usage.
- CVE-2024-23185: Abnormally large email headers are now truncated or
discarded, with a limit of 10MB on a single header and 5
