Revisions of dovecot23
Dominique Leuenberger (dimstar_suse)
accepted
request 655862
from
Andreas Schneider (gladiac)
(revision 13)
Dominique Leuenberger (dimstar_suse)
accepted
request 653727
from
Factory Maintainer (factory-maintainer)
(revision 12)
Automatic submission by obs-autosubmit
Dominique Leuenberger (dimstar_suse)
accepted
request 639470
from
Marcus Rueckert (darix)
(revision 11)
- update pigeonhole to 0.5.3 - update to 2.3.3
Dominique Leuenberger (dimstar_suse)
accepted
request 624423
from
Factory Maintainer (factory-maintainer)
(revision 10)
Automatic submission by obs-autosubmit
Dominique Leuenberger (dimstar_suse)
accepted
request 622091
from
Marcus Rueckert (darix)
(revision 9)
- update to 2.3.2.1 - SSL/TLS servers may have crashed during client disconnection - lmtp: With lmtp_rcpt_check_quota=yes mail deliveries may have sometimes assert-crashed. - v2.3.2: "make check" may have crashed with 32bit systems
Dominique Leuenberger (dimstar_suse)
accepted
request 621463
from
Factory Maintainer (factory-maintainer)
(revision 8)
Automatic submission by obs-autosubmit
Dominique Leuenberger (dimstar_suse)
accepted
request 612867
from
Marcus Rueckert (darix)
(revision 7)
Yuchen Lin (maxlin_factory)
accepted
request 595501
from
Peter Varkoly (varkoly)
(revision 6)
- bnc#1088911 - dovecot23 can not build ond s390 add: 35497604d80090a02619024aeec069b32568e4b4.diff add: 5522b8b3d3ed1a99c3b63bb120216af0bd427403.diff
Dominique Leuenberger (dimstar_suse)
accepted
request 591874
from
Marcus Rueckert (darix)
(revision 5)
- update to 2.3.1 - update pigeonhole to 0.5.1
Dominique Leuenberger (dimstar_suse)
accepted
request 586348
from
Marcus Rueckert (darix)
(revision 4)
Security update
Dominique Leuenberger (dimstar_suse)
accepted
request 583681
from
Marcus Rueckert (darix)
(revision 3)
- update pigeonhole to 0.5.0.1 - imap4flags extension: Fix binary corruption occurring when setflag/addflag/removeflag flag-list is a variable. - sieve-extprograms plugin: Fix segfault occurring when used in IMAPSieve context. - drop 321a39be974deb2e7eff7b2a509a3ee6ff2e5ae1.patch - pull backport patch dovecot-2.3.0.1-over-quota-lmtp-crash.patch - update to 2.3.0.1 * CVE-2017-15130: TLS SNI config lookups may lead to excessive memory usage, causing imap-login/pop3-login VSZ limit to be reached and the process restarted. This happens only if Dovecot config has local_name { } or local { } configuration blocks and attacker uses randomly generated SNI servernames. * CVE-2017-14461: Parsing invalid email addresses may cause a crash or leak memory contents to attacker. For example, these memory contents might contain parts of an email from another user if the same imap process is reused for multiple users. First discovered by Aleksandar Nikolic of Cisco Talos. Independently also discovered by "flxflndy" via HackerOne. * CVE-2017-15132: Aborted SASL authentication leaks memory in login process. * Linux: Core dumping is no longer enabled by default via PR_SET_DUMPABLE, because this may allow attackers to bypass chroot/group restrictions. Found by cPanel Security Team. Nowadays core dumps can be safely enabled by using "sysctl -w fs.suid_dumpable=2". If the old behaviour is wanted, it can still be enabled by setting: import_environment=$import_environment PR_SET_DUMPABLE=1 - imap-login with SSL/TLS connections may end up in infinite loop
Dominique Leuenberger (dimstar_suse)
accepted
request 562901
from
Factory Maintainer (factory-maintainer)
(revision 2)
Automatic submission by obs-autosubmit
Dominique Leuenberger (dimstar_suse)
accepted
request 559875
from
Marcus Rueckert (darix)
(revision 1)
2.3 branch
Displaying revisions 41 - 53 of 53