Revisions of dovecot22
Marcus Rueckert (darix)
committed
(revision 148)
add bugnumbers
Marcus Rueckert (darix)
committed
(revision 147)
- update to 2.2.36.4 * CVE-2019-11500: IMAP protocol parser does not properly handle NUL byte when scanning data in quoted strings, leading to out of bounds heap memory writes. Found by Nick Roessler and Rafi Rubin. - update pigeonhole to 0.4.24.2 * CVE-2019-11500: ManageSieve protocol parser does not properly handle NUL byte when scanning data in quoted strings, leading to out of bounds heap memory writes. Found by Nick Roessler and Rafi Rubin. - refreshed patches to apply cleanly again: dovecot-2.2.18-better_ssl_defaults.patch dovecot-2.2.18-dont_use_etc_ssl_certs.patch dovecot-2.2.31-dhparams_fips_mode.patch
Marcus Rueckert (darix)
committed
(revision 146)
- update dovecot to 2.2.36.3 * CVE-2019-7524: Missing input buffer size validation leads into arbitrary buffer overflow when reading fts or pop3 uidl header from Dovecot index. Exploiting this requires direct write access to the index files. * CVE-2019-3814: If imap/pop3/managesieve/submission client has trusted certificate with missing username field (ssl_cert_username_field), under some configurations Dovecot mistakenly trusts the username provided via authentication instead of failing. * ssl_cert_username_field setting was ignored with external SMTP AUTH, because none of the MTAs (Postfix, Exim) currently send the cert_username field. This may have allowed users with trusted certificate to specify any username in the authentication. This bug didn't affect Dovecot's Submission service. - pop3_no_flag_updates=no: Don't expunge RETRed messages without QUIT - director: Kicking a user assert-crashes if login process is very slow - lda/lmtp: Fix assert-crash with some Sieve scripts when mail_attachment_detection_options=add-flags-on-save - fs-compress: Using maybe-gz assert-crashed when reading 0 sized file - Snippet generation crashed with invalid Content-Type:multipart - update pigeonhole to 0.24.4.1 + imapsieve: Added imapsieve_expunge_discarded setting which causes discarded messages to be expunged immediately. - Sieve scripts running in IMAPSIEVE or IMAP FILTER=SIEVE context that modify the message, store the message a second time, rather than replacing the originally stored unmodified message. - imapsieve: Fix crash when COPYing mails from a virtual mailbox when the source messages originate from more than a single real mailbox - imap_filter_sieve plugin: Implement the missing UID FILTER command. - imap_filter_sieve plugin: Fix FILTER to work with pipelining
Jan Engelhardt (jengelh)
accepted
request 652101
from
Johannes Weberhofer (weberho)
(revision 145)
- Removed uncommented and non-functional 5ea089e1bdcb984d30b07ca1f0443f66749e5e55.diff - Re-based other patches
Peter Varkoly (varkoly)
committed
(revision 144)
Marcus Rueckert (darix)
committed
(revision 143)
- update to 2.2.36 - update pigeonhole to 0.4.24
Marcus Rueckert (darix)
committed
(revision 142)
- update to 2.2.35 - update pigeonhole to 0.4.23
Marcus Rueckert (darix)
committed
(revision 141)
fix typo here as well
Marcus Rueckert (darix)
committed
(revision 140)
- update license tag to SPDX-3
Marcus Rueckert (darix)
committed
(revision 139)
add bugnumbers
Marcus Rueckert (darix)
committed
(revision 138)
actually delete the patch
Marcus Rueckert (darix)
committed
(revision 137)
- drop 84703c2f19113ac731e4638ba782fa87e0748ba6.patch: included in update - update to 2.2.34
Marcus Rueckert (darix)
committed
(revision 136)
Marcus Rueckert (darix)
committed
(revision 135)
there. for newer distros the %prep scriptlet part will fix the
Marcus Rueckert (darix)
committed
(revision 134)
- undo the patch change from the (boo#1070761) fix again: that means on older distros the SSLv2 disable is actually still there. for newer distros the %pre scriptlet part will fix the config after copying. also limit the pre scriptlet to suse_version 1500 and newer
Marcus Rueckert (darix)
accepted
request 547762
from
Arjen de Korte (adkorte)
(revision 133)
- openssl 1.1.0 does not support SSLv2 anymore (boo#1070761) * changed dovecot-2.2.18-better_ssl_defaults.patch * remove !SSLv2 from existing ssl_protocols configuration during upgrade
Marcus Rueckert (darix)
accepted
request 559674
from
Marcus Rueckert (darix)
(revision 132)
- Move the example-config + mkcert.sh to /usr/share/dovecot This makes the files no longer documentation and they actually exist on e.g. our docker image, where rpms are installed without documentation. (boo#1070871)
Marcus Rueckert (darix)
committed
(revision 131)
- added https://github.com/dovecot/core/commit/84703c2f19113ac731e4638ba782fa87e0748ba6.patch backport fix for log reopen
buildservice-autocommit
accepted
request 535500
from
Marcus Rueckert (darix)
(revision 130)
baserev update by copy to link target
Marcus Rueckert (darix)
committed
(revision 129)
- update to 2.2.33.2 - doveadm: Fix crash in proxying (or dsync replication) if remote is running older than v2.2.33 - auth: Fix memory leak in %{ldap_dn} - dict-sql: Fix data types to work correctly with Cassandra - drop 187fbf157d5c42f9f06ce52884fefbb4f66c070d.patch: included in update
Displaying revisions 1 - 20 of 148