update to Dovecot 2.3.6, from Brad:
- CVE-2019-11494: Submission-login crashed with signal 11 due to null pointer access when authentication was aborted by disconnecting. - CVE-2019-11499: Submission-login crashed when authentication was started over TLS secured channel and invalid authentication message was sent.
This commit is contained in:
parent
0614f53c3b
commit
32ce2c0794
@ -1,4 +1,4 @@
|
||||
# $OpenBSD: Makefile,v 1.276 2019/05/01 13:41:20 danj Exp $
|
||||
# $OpenBSD: Makefile,v 1.277 2019/05/02 22:06:13 sthen Exp $
|
||||
|
||||
COMMENT-server= compact IMAP/POP3 server
|
||||
COMMENT-ldap= LDAP authentication / dictionary support for Dovecot
|
||||
@ -6,8 +6,7 @@ COMMENT-mysql= MySQL authentication / dictionary support for Dovecot
|
||||
COMMENT-postgresql= PostgreSQL authentication / dictionary support for Dovecot
|
||||
|
||||
V_MAJOR= 2.3
|
||||
V_DOVECOT= 2.3.5.2
|
||||
REVISION-server= 0
|
||||
V_DOVECOT= 2.3.6
|
||||
|
||||
DISTNAME= dovecot-${V_DOVECOT}
|
||||
PKGNAME= dovecot-${V_DOVECOT}
|
||||
|
@ -1,2 +1,2 @@
|
||||
SHA256 (dovecot-2.3.5.2.tar.gz) = uhTkGu/YGoaKNbg7y1QZQRYQZCTTdpBRm1Dqg8DzG/I=
|
||||
SIZE (dovecot-2.3.5.2.tar.gz) = 6953228
|
||||
SHA256 (dovecot-2.3.6.tar.gz) = 7R2Nwb7q6cbHPerHOmLvGf6SYvv/2GYEo/aQRS9VNsc=
|
||||
SIZE (dovecot-2.3.6.tar.gz) = 6980135
|
||||
|
@ -1,4 +1,5 @@
|
||||
$OpenBSD: patch-doc_example-config_Makefile_in,v 1.19 2019/03/06 21:53:07 sthen Exp $
|
||||
$OpenBSD: patch-doc_example-config_Makefile_in,v 1.20 2019/05/02 22:06:13 sthen Exp $
|
||||
|
||||
Index: doc/example-config/Makefile.in
|
||||
--- doc/example-config/Makefile.in.orig
|
||||
+++ doc/example-config/Makefile.in
|
||||
|
@ -1,4 +1,5 @@
|
||||
$OpenBSD: patch-doc_example-config_conf_d_10-mail_conf,v 1.9 2018/10/24 19:42:36 sthen Exp $
|
||||
$OpenBSD: patch-doc_example-config_conf_d_10-mail_conf,v 1.10 2019/05/02 22:06:13 sthen Exp $
|
||||
|
||||
Index: doc/example-config/conf.d/10-mail.conf
|
||||
--- doc/example-config/conf.d/10-mail.conf.orig Mon Jun 18 14:15:32 2018
|
||||
+++ doc/example-config/conf.d/10-mail.conf Sun Oct 21 15:56:45 2018
|
||||
|
@ -1,6 +1,8 @@
|
||||
$OpenBSD: patch-doc_example-config_conf_d_10-master_conf,v 1.2 2012/01/07 12:14:21 sthen Exp $
|
||||
--- doc/example-config/conf.d/10-master.conf.orig Thu Dec 30 10:42:54 2010
|
||||
+++ doc/example-config/conf.d/10-master.conf Tue Mar 22 15:23:22 2011
|
||||
$OpenBSD: patch-doc_example-config_conf_d_10-master_conf,v 1.3 2019/05/02 22:06:13 sthen Exp $
|
||||
|
||||
Index: doc/example-config/conf.d/10-master.conf
|
||||
--- doc/example-config/conf.d/10-master.conf.orig
|
||||
+++ doc/example-config/conf.d/10-master.conf
|
||||
@@ -8,11 +8,11 @@
|
||||
|
||||
# Login user is internally used by login processes. This is the most untrusted
|
||||
|
@ -1,6 +1,8 @@
|
||||
$OpenBSD: patch-doc_example-config_conf_d_10-ssl_conf,v 1.1 2011/05/23 22:54:38 sthen Exp $
|
||||
--- doc/example-config/conf.d/10-ssl.conf.orig Thu Mar 10 14:39:31 2011
|
||||
+++ doc/example-config/conf.d/10-ssl.conf Thu Mar 10 14:40:01 2011
|
||||
$OpenBSD: patch-doc_example-config_conf_d_10-ssl_conf,v 1.2 2019/05/02 22:06:13 sthen Exp $
|
||||
|
||||
Index: doc/example-config/conf.d/10-ssl.conf
|
||||
--- doc/example-config/conf.d/10-ssl.conf.orig
|
||||
+++ doc/example-config/conf.d/10-ssl.conf
|
||||
@@ -9,7 +9,7 @@
|
||||
# dropping root privileges, so keep the key file unreadable by anyone but
|
||||
# root. Included doc/mkcert.sh can be used to easily generate self-signed
|
||||
|
@ -1,4 +1,5 @@
|
||||
$OpenBSD: patch-doc_example-config_conf_d_Makefile_in,v 1.19 2019/03/06 21:53:07 sthen Exp $
|
||||
$OpenBSD: patch-doc_example-config_conf_d_Makefile_in,v 1.20 2019/05/02 22:06:13 sthen Exp $
|
||||
|
||||
Index: doc/example-config/conf.d/Makefile.in
|
||||
--- doc/example-config/conf.d/Makefile.in.orig
|
||||
+++ doc/example-config/conf.d/Makefile.in
|
||||
|
@ -1,6 +1,8 @@
|
||||
$OpenBSD: patch-doc_example-config_conf_d_auth-system_conf_ext,v 1.2 2018/10/24 19:42:36 sthen Exp $
|
||||
--- doc/example-config/conf.d/auth-system.conf.ext.orig Mon Jun 18 14:15:32 2018
|
||||
+++ doc/example-config/conf.d/auth-system.conf.ext Sun Oct 21 15:56:45 2018
|
||||
$OpenBSD: patch-doc_example-config_conf_d_auth-system_conf_ext,v 1.3 2019/05/02 22:06:13 sthen Exp $
|
||||
|
||||
Index: doc/example-config/conf.d/auth-system.conf.ext
|
||||
--- doc/example-config/conf.d/auth-system.conf.ext.orig
|
||||
+++ doc/example-config/conf.d/auth-system.conf.ext
|
||||
@@ -7,12 +7,12 @@
|
||||
# PAM is typically used with either userdb passwd or userdb static.
|
||||
# REMEMBER: You'll need /etc/pam.d/dovecot file created for PAM
|
||||
|
@ -1,6 +1,8 @@
|
||||
$OpenBSD: patch-doc_example-config_dovecot_conf,v 1.4 2013/08/13 00:29:58 brad Exp $
|
||||
--- doc/example-config/dovecot.conf.orig Mon Jan 7 02:50:26 2013
|
||||
+++ doc/example-config/dovecot.conf Tue Apr 23 02:03:41 2013
|
||||
$OpenBSD: patch-doc_example-config_dovecot_conf,v 1.5 2019/05/02 22:06:13 sthen Exp $
|
||||
|
||||
Index: doc/example-config/dovecot.conf
|
||||
--- doc/example-config/dovecot.conf.orig
|
||||
+++ doc/example-config/dovecot.conf
|
||||
@@ -30,7 +30,7 @@
|
||||
#listen = *, ::
|
||||
|
||||
|
@ -1,6 +1,8 @@
|
||||
$OpenBSD: patch-doc_mkcert_sh,v 1.8 2016/12/04 21:36:02 sthen Exp $
|
||||
--- doc/mkcert.sh.orig Tue Nov 29 17:35:50 2016
|
||||
+++ doc/mkcert.sh Tue Nov 29 20:53:21 2016
|
||||
$OpenBSD: patch-doc_mkcert_sh,v 1.9 2019/05/02 22:06:13 sthen Exp $
|
||||
|
||||
Index: doc/mkcert.sh
|
||||
--- doc/mkcert.sh.orig
|
||||
+++ doc/mkcert.sh
|
||||
@@ -6,19 +6,13 @@
|
||||
umask 077
|
||||
OPENSSL=${OPENSSL-openssl}
|
||||
|
@ -1,4 +1,4 @@
|
||||
$OpenBSD: patch-src_auth_password-scheme-crypt_c,v 1.5 2018/10/24 19:42:36 sthen Exp $
|
||||
$OpenBSD: patch-src_auth_password-scheme-crypt_c,v 1.6 2019/05/02 22:06:13 sthen Exp $
|
||||
|
||||
Dovecot supports various password schemes, e.g. {MD5}, {SHA1},
|
||||
{SSHA512}, {CRYPT}, etc. This is used in two cases:
|
||||
@ -29,8 +29,9 @@ This patch re-allows CRYPT as a supported scheme. On OpenBSD it will
|
||||
encrypt as blowfish, on other OS it will encrypt as DES. Verification
|
||||
will work with whichever password formats are supported by the OS.
|
||||
|
||||
--- src/auth/password-scheme-crypt.c.orig Mon Jun 18 14:15:32 2018
|
||||
+++ src/auth/password-scheme-crypt.c Mon Oct 22 08:36:56 2018
|
||||
Index: src/auth/password-scheme-crypt.c
|
||||
--- src/auth/password-scheme-crypt.c.orig
|
||||
+++ src/auth/password-scheme-crypt.c
|
||||
@@ -149,7 +149,12 @@ static const struct {
|
||||
const char *salt;
|
||||
const char *expected;
|
||||
|
@ -1,4 +1,4 @@
|
||||
@comment $OpenBSD: PLIST-server,v 1.70 2019/03/06 21:53:07 sthen Exp $
|
||||
@comment $OpenBSD: PLIST-server,v 1.71 2019/05/02 22:06:13 sthen Exp $
|
||||
@conflict dovecot-sqlite-*
|
||||
@pkgpath mail/dovecot
|
||||
@pkgpath mail/dovecot,-server,bdb
|
||||
@ -760,6 +760,8 @@ share/aclocal/dovecot.m4
|
||||
share/doc/dovecot/
|
||||
share/doc/dovecot/documentation.txt
|
||||
share/doc/dovecot/securecoding.txt
|
||||
share/doc/dovecot/solr-config-7.7.0.xml
|
||||
share/doc/dovecot/solr-schema-7.7.0.xml
|
||||
share/doc/dovecot/solr-schema.xml
|
||||
share/doc/dovecot/thread-refs.txt
|
||||
share/doc/dovecot/wiki/
|
||||
|
Loading…
Reference in New Issue
Block a user