MFH: r499273

mail/dovecot: upgrade to 2.3.5.2 * CVE-2019-10691: Trying to login with 8bit username containing invalid UTF8 input causes auth process to crash if auth policy is enabled. This could be used rather easily to cause a DoS. Similar crash also happens during mail delivery when using invalid UTF8 in From or Subject header when OX push notification driver is used. Security: CVE-2019-10691 Approved by: ports-secteam (miwi)
svn path=/branches/2019Q2/; revision=499451
2019-04-20 15:46:22 +00:00 · 2019-04-20 15:46:22 +00:00 · ccd6152ded · 2021-03-31 03:12:20 +00:00
commit ccd6152ded
parent e6c74b5024
2 changed files with 4 additions and 4 deletions
--- a/mail/dovecot/Makefile
+++ b/mail/dovecot/Makefile
@ -7,7 +7,7 @@
 ######################################################################

 PORTNAME=	dovecot
-PORTVERSION=	2.3.5.1
+PORTVERSION=	2.3.5.2
 CATEGORIES=	mail ipv6
 MASTER_SITES=	https://www.dovecot.org/releases/2.3/

--- a/mail/dovecot/distinfo
+++ b/mail/dovecot/distinfo
@ -1,3 +1,3 @@
-TIMESTAMP = 1553773734
-SHA256 (dovecot-2.3.5.1.tar.gz) = d78f9d479e3b2caa808160f86bfec1c9c7b46344d8b14b88f5fa9bbbf8c7c33f
-SIZE (dovecot-2.3.5.1.tar.gz) = 6953150
+TIMESTAMP = 1555598613
+SHA256 (dovecot-2.3.5.2.tar.gz) = ba14e41aefd81a868a35b83bcb54194116106424d37690519b50ea83c0f31bf2
+SIZE (dovecot-2.3.5.2.tar.gz) = 6953228