TLS SNI config lookups may lead to excessive memory usage, causing imap-login/pop3-login VSZ limit to be reached and the process restarted. This happens only if Dovecot config has local_name { } or local { } configuration blocks and attacker uses randomly generated SNI servernames.
Acknowledgments: Name: the Dovecot project
Reference: http://www.openwall.com/lists/oss-security/2018/03/01/3
External References: https://www.dovecot.org/list/dovecot-news/2018-February/000370.html
affected version is < 2.2.34, we ship 2.2.36 in rhel7
reopening, closed wrong clone