Hi, Dovecot got a CVE patch release to 2.3.21.1. - CVE-2024-23184: A large number of address headers in email resulted in excessive CPU usage. - CVE-2024-23185: Abnormally large email headers are now truncated or discarded, with a limit of 10MB on a single header and 50MB for all the headers of all the parts of an email. So I wanted to mark it out of date - and now I'm wondering why it's already out of date for 11 months. Regards Bjoern