diff options
| author | taca <taca@pkgsrc.org> | 2018-03-01 11:13:14 +0000 |
|---|---|---|
| committer | taca <taca@pkgsrc.org> | 2018-03-01 11:13:14 +0000 |
| commit | 0aea3f5212bb4bcbc2a5443e7a06bb0fd5c99aa7 (patch) | |
| tree | ccef53f7f17c3168ab2eb2bac098bef621be397c /mail/dovecot2 | |
| parent | e5bcddaa0f88e18a5d0643647f721e7b1a11bee1 (diff) | |
| download | pkgsrc-0aea3f5212bb4bcbc2a5443e7a06bb0fd5c99aa7.tar.gz | |
mail/dovecot2: update to 2.3.0.1
Small patch release to fix the worst bugs in v2.3.0. v2.3.1 is coming in about a month with a lot more changes.
* CVE-2017-15130: TLS SNI config lookups may lead to excessive
memory usage, causing imap-login/pop3-login VSZ limit to be reached
and the process restarted. This happens only if Dovecot config has
local_name { } or local { } configuration blocks and attacker uses
randomly generated SNI servernames.
* CVE-2017-14461: Parsing invalid email addresses may cause a crash or
leak memory contents to attacker. For example, these memory contents
might contain parts of an email from another user if the same imap
process is reused for multiple users. First discovered by Aleksandar
Nikolic of Cisco Talos. Independently also discovered by "flxflndy"
via HackerOne.
* CVE-2017-15132: Aborted SASL authentication leaks memory in login
process.
* Linux: Core dumping is no longer enabled by default via
PR_SET_DUMPABLE, because this may allow attackers to bypass
chroot/group restrictions. Found by cPanel Security Team. Nowadays
core dumps can be safely enabled by using "sysctl -w
fs.suid_dumpable=2". If the old behaviour is wanted, it can still be
enabled by setting:
import_environment=$import_environment PR_SET_DUMPABLE=1
- imap-login with SSL/TLS connections may end up in infinite loop
Diffstat (limited to 'mail/dovecot2')
| -rw-r--r-- | mail/dovecot2/Makefile.common | 7 | ||||
| -rw-r--r-- | mail/dovecot2/PLIST | 4 | ||||
| -rw-r--r-- | mail/dovecot2/distinfo | 10 |
3 files changed, 11 insertions, 10 deletions
diff --git a/mail/dovecot2/Makefile.common b/mail/dovecot2/Makefile.common index 30e99be6829..2c1ee462f4a 100644 --- a/mail/dovecot2/Makefile.common +++ b/mail/dovecot2/Makefile.common @@ -1,4 +1,4 @@ -# $NetBSD: Makefile.common,v 1.17 2018/01/24 15:16:49 jperkin Exp $ +# $NetBSD: Makefile.common,v 1.18 2018/03/01 11:13:14 taca Exp $ # # when updating to a new release, update ABI depends in # the buildlink3.mk file as well, since the plugins' version @@ -7,9 +7,9 @@ # used by mail/dovecot2/Makefile # used by mail/dovecot2/Makefile.plugin -DISTNAME= dovecot-2.3.0 +DISTNAME= dovecot-2.3.0.1 CATEGORIES= mail -MASTER_SITES= https://www.dovecot.org/releases/${PKGVERSION_NOREV:R}/ +MASTER_SITES= https://www.dovecot.org/releases/${PKGVERSION_NOREV:R:R}/ MAINTAINER= adam@NetBSD.org HOMEPAGE= http://www.dovecot.org/ @@ -18,7 +18,6 @@ LICENSE= mit AND gnu-lgpl-v2.1 AND modified-bsd DISTINFO_FILE= ${.CURDIR}/../../mail/dovecot2/distinfo PATCHDIR= ${.CURDIR}/../../mail/dovecot2/patches -WRKSRC= ${WRKDIR}/${DISTNAME:S/dovecot/dovecot-ce/} USE_LIBTOOL= yes USE_TOOLS+= gmake pkg-config rpcgen diff --git a/mail/dovecot2/PLIST b/mail/dovecot2/PLIST index 6564b8ea534..b5de9675d61 100644 --- a/mail/dovecot2/PLIST +++ b/mail/dovecot2/PLIST @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.58 2018/01/02 15:52:44 fhajny Exp $ +@comment $NetBSD: PLIST,v 1.59 2018/03/01 11:13:14 taca Exp $ bin/doveadm bin/doveconf bin/dsync @@ -765,6 +765,7 @@ share/doc/dovecot/wiki/Design.Dcrypt.txt share/doc/dovecot/wiki/Design.DoveadmProtocol.HTTP.txt share/doc/dovecot/wiki/Design.DoveadmProtocol.txt share/doc/dovecot/wiki/Design.Dsync.txt +share/doc/dovecot/wiki/Design.Events.txt share/doc/dovecot/wiki/Design.Indexes.Cache.txt share/doc/dovecot/wiki/Design.Indexes.MailIndexApi.txt share/doc/dovecot/wiki/Design.Indexes.MainIndex.txt @@ -904,6 +905,7 @@ share/doc/dovecot/wiki/Pigeonhole.Sieve.txt share/doc/dovecot/wiki/Pigeonhole.txt share/doc/dovecot/wiki/Plugins.Apparmor.txt share/doc/dovecot/wiki/Plugins.Autocreate.txt +share/doc/dovecot/wiki/Plugins.CharsetAlias.txt share/doc/dovecot/wiki/Plugins.Compress.txt share/doc/dovecot/wiki/Plugins.Expire.txt share/doc/dovecot/wiki/Plugins.FTS.Lucene.txt diff --git a/mail/dovecot2/distinfo b/mail/dovecot2/distinfo index a42bf67e141..b9fe57c2cd1 100644 --- a/mail/dovecot2/distinfo +++ b/mail/dovecot2/distinfo @@ -1,9 +1,9 @@ -$NetBSD: distinfo,v 1.81 2018/01/04 00:22:02 maya Exp $ +$NetBSD: distinfo,v 1.82 2018/03/01 11:13:14 taca Exp $ -SHA1 (dovecot-2.3.0.tar.gz) = e5772a317f2df99329cd9c1289adfbc552fa6b84 -RMD160 (dovecot-2.3.0.tar.gz) = f78c06acc7e729fd1d80d7128df8a44a67bdf391 -SHA512 (dovecot-2.3.0.tar.gz) = 8d8591e371ba2ebf8d3c1561af49b970d8351c4acdde8a97ff0ab403bf4cad6e4d96e9556c9be747a85085552449cab4c52bb41bda36e1a822594ec87661ce7f -Size (dovecot-2.3.0.tar.gz) = 6635541 bytes +SHA1 (dovecot-2.3.0.1.tar.gz) = 911440fa278c7204b1257f4d861e7de123bf5305 +RMD160 (dovecot-2.3.0.1.tar.gz) = 6745d03a4b8d860476e2e7aacf91dd757b906037 +SHA512 (dovecot-2.3.0.1.tar.gz) = 2b30c46c1660f425f6303a15cf638388439fd7a8065c91d28caf41d9a6403a4fccb530df3f69037a634bc3b0b9e498037da6b0b93c176f5e3b5808907d3f759d +Size (dovecot-2.3.0.1.tar.gz) = 6499984 bytes SHA1 (patch-aa) = ea185011f0c1ee3aa1ff528e61f6f356fe385666 SHA1 (patch-ab) = 9db15fd853ba47ef4bf04f2adc9ab24f71ee4d1e SHA1 (patch-ae) = c795585df9f415ceabb28eec1ff691ee26168d3b |