This update, to the latest upstream release, addresses an excessive memory use issue (CVE-2024-4140), which can cause denial of service when parsing multi-part MIME messages; the fix is the new $MAX_PARTS configuration, which limits how many parts will be considered for parsing, defaulting to 100.
Please login to add feedback.
This update has been submitted for testing by pghmcfc.
This update's test gating status has been changed to 'ignored'.
This update has been pushed to testing.
This update has been submitted for stable by bodhi.
This update has been pushed to stable.