cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
151,279 Commits 1 Branch 0 Tags
Commit Graph

79 Commits

Author SHA1 Message Date
sthen
6cd5416dab update to Dovecot 2.3.11.3, ok Brad (maintainer) 
includes some crash fixes, see https://github.com/dovecot/core/blob/2.3.11.3/NEWS
 2020-08-12 15:21:11 +00:00
sthen
db4c50aa44 dovecot: sync PLIST closer to what Brad had (I was confused as I had a local 
update before he sent his). Keep dovecot-sysreport commented for now as it
requires GNU grep options.
 2020-03-07 11:36:52 +00:00
sthen
e343a5291d update to Dovecot 2.3.10, from Brad, plus I synced plist and wantlib 2020-03-07 09:53:24 +00:00
sthen
4b4866a59a update to Dovecot 2.3.9.2 and pigeonhole 0.5.9, from Brad. 
CVE-2019-19722
 2019-12-15 23:57:22 +00:00
sthen
6a70ebb4c4 update to Dovecot 2.3.8, from Brad 2019-10-14 20:41:44 +00:00
sthen
026519bb92 Update to Dovecot 2.3.7.1 / Pigeonhole 0.5.7.1, these have a couple of 
small post-2.3.7 fixes including one which fixes sync if sieve is in use
and mail_attribute_dict is not set. From Brad.
 2019-07-25 21:41:37 +00:00
sthen
cc9d78b8ee Revert the Dovecot update for now, there are some problems with replication 
e.g. https://www.mail-archive.com/dovecot@dovecot.org/msg78030.html
 2019-07-16 16:14:57 +00:00
sthen
909d85a3fa update to Dovecot 2.3.7, from Brad 2019-07-13 13:30:11 +00:00
sthen
32ce2c0794 update to Dovecot 2.3.6, from Brad: 
- CVE-2019-11494: Submission-login crashed with signal 11 due to null
pointer access when authentication was aborted by disconnecting.

- CVE-2019-11499: Submission-login crashed when authentication was
started over TLS secured channel and invalid authentication message was
sent.
 2019-05-02 22:06:13 +00:00
sthen
a1223aedc9 update to Dovecot 2.3.5, from Brad 2019-03-06 21:53:06 +00:00
sthen
630a5300d1 update to Dovecot 2.3.4, from Brad (maintainer) 2018-11-24 12:02:49 +00:00
sthen
84cfcf5eba Update to dovecot-2.3.3. N.B. see https://wiki.dovecot.org/Upgrading/2.3 
for required configuration changes, some settings especially ssl-related
have changed.

Initial diff from Renaud Allard, further changes from Brad.
 2018-10-24 19:42:36 +00:00
espie
f4b7f81318 convert to PKGSTEM 2018-09-04 12:46:09 +00:00
sthen
34c88c30c0 update to dovecot-2.2.36, from Brad 2018-05-29 14:25:11 +00:00
sthen
96da226e8f update to Dovecot 2.2.35, ok brad 2018-03-29 23:50:28 +00:00
sthen
d3f16df230 security update to Dovecot 2.2.34. while there, also fix the default TLS 
protocol string to avoid using !SSLv2 which is not supported. ok juanfra@ Brad

* CVE-2017-15130: TLS SNI config lookups may lead to excessive memory usage,
causing imap-login/pop3-login VSZ limit to be reached and the process
restarted. This happens only if Dovecot config has local_name { } or local
{ } configuration blocks and attacker uses randomly generated SNI servernames.

* CVE-2017-14461: Parsing invalid email addresses may cause a crash or leak
memory contents to attacker. For example, these memory contents might contain
parts of an email from another user if the same imap process is reused for
multiple users.

* CVE-2017-15132: Aborted SASL authentication leaks memory in login process.
 2018-03-10 21:54:30 +00:00
sthen
87f7368ab5 update to Dovecot-2.2.33.1, from Brad. 2017-10-13 10:08:46 +00:00
sthen
b01b304cc6 Build Dovecot's fts-solr plugin (solr itself is not currently in packages; 
I've tested this against manually-installed solr 6.6.1 running with jdk 1.8
on OpenBSD).

ok Brad (maintainer).
 2017-09-22 22:53:08 +00:00
sthen
d852f4b840 update to Dovecot 2.2.32, from Brad (and same diff here). (Amongst other 
things, fixes a fairly annoying bug with replication not being able to
recover from index problems in some versions).
 2017-08-28 21:39:14 +00:00
sthen
4f4fb6b97c update to dovecot-2.2.31, from Brad 2017-07-11 23:04:43 +00:00
sthen
77d8504823 update to dovecot-2.2.30.1, from Brad 2017-06-05 15:26:32 +00:00
sthen
8410a1495a update to Dovecot 2.2.29, from Brad. 
* passdb/userdb dict: Don't double-expand %variables in keys. If dict
   was used as the authentication passdb, using specially crafted
   %variables in the username could be used to cause DoS (CVE-2017-2669)
 2017-04-11 21:02:09 +00:00
sthen
c552972c0d update to Dovecot 2.2.28, ok Brad 2017-02-28 00:33:29 +00:00
sthen
d7a084331f update to dovecot-2.2.27, and use https HOMEPAGE. From Brad. 
CVE-2016-8652 (the version in 6.0 isn't affected): "If auth-policy
component has been activated in Dovecot, then remote user can use
SASL authentication to crash auth component. Workaround is to disable
auth-policy component until fix is in place."
 2016-12-04 21:36:02 +00:00
sthen
b1da3b8b0f move include/dovecot/ldap-client.h to PLIST-ldap, reported by brad and dhill, 
based on a diff from dhill
 2016-11-12 15:37:32 +00:00
sthen
5636bc31fe update to Dovecot 2.2.26.0, ok brad 2016-11-01 14:12:04 +00:00
sthen
aaef79ec71 update to Dovecot 2.2.24, from Brad. 2016-04-26 21:09:43 +00:00
sthen
724ef0c3b3 update to Dovecot 2.2.23, ok brad 2016-03-31 11:12:38 +00:00
sthen
a27df78d7a update to dovecot-2.2.22, from Brad 2016-03-17 14:11:45 +00:00
sthen
21554d6765 update to Dovecot 2.2.21, from Brad 2015-12-12 16:43:09 +00:00
sthen
a55de7528c update to Dovecot 2.2.19, from Brad 2015-10-05 10:20:29 +00:00
sthen
dcf73b085f update to dovecot 2.2.18, from brad 2015-05-15 20:59:08 +00:00
sthen
0e5b90ddd0 Update to Dovecot 2.2.16, from Brad (maintainer) 2015-04-09 21:25:49 +00:00
brad
3fd727d7a3 Update to Dovecot 2.2.15. 
With some input from and ok sthen@
 2014-10-25 22:06:40 +00:00
brad
aa3903d8a6 Update to Dovecot 2.2.14. 
ok sthen@
 2014-10-16 18:01:57 +00:00
brad
4afc6caf3b Update to Dovecot 2.2.10. 
ok sthen@
 2013-12-22 22:23:10 +00:00
brad
3278cfd439 Update to Dovecot 2.2.9. 
With input regarding xz and ok sthen@
 2013-11-27 22:02:18 +00:00
brad
60a60e09ac Update to Dovecot 2.2.7. 
ok sthen@
 2013-11-04 06:24:09 +00:00
brad
935adb5b6d Update to Dovecot 2.2.6. 
ok sthen@
 2013-09-27 01:35:51 +00:00
brad
48759a48cb Update to Dovecot 2.2.5. 
ok sthen@
 2013-08-13 00:29:58 +00:00
brad
63d55e2798 Update to Dovecot 2.1.16. 
ok sthen@
 2013-04-08 18:53:54 +00:00
brad
ab58ff9bc2 Update to Dovecot 2.1.14. 
ok sthen@
 2013-02-01 07:59:03 +00:00
brad
f7b166145a Update to Dovecot 2.1.13. 
ok sthen@
 2013-01-08 23:58:43 +00:00
brad
2579ec6a8a Update to Dovecot 2.1.11. 
ok sthen@
 2012-11-29 22:17:46 +00:00
brad
3498a88af3 Update to Dovecot 2.1.10. 
ok sthen@
 2012-09-25 20:05:46 +00:00
sthen
f75aaf8c5a update to Dovecot 2.1.9, from Brad 2012-08-05 09:15:51 +00:00
sthen
311a8117aa update to Dovecot 2.1.8 from Brad. 2012-07-08 23:15:11 +00:00
sthen
a32a27a554 Suggest that users may need to increase login.conf limits for Dovecot. 
From Brad, adjusted slightly to specifically mention full-text search
indexing which is likely to need a larger-than-default datasize.
 2012-07-01 10:26:34 +00:00
sthen
cd063454d7 Update to Dovecot 2.1.7, from Brad. 
See the upgrade notes at http://wiki2.dovecot.org/Upgrading/2.1
- you will probably need to merge updates to 10-mail.conf.
 2012-06-08 22:04:10 +00:00
sthen
83705fdbd4 Roll the SQLite support for Dovecot into the main package. From Brad, 
I added a REVISION bump, and a @conflict marker because this is moving from
a subpackage to a package rather than rolling a FLAVOR into another.
 2012-05-17 07:48:15 +00:00