pkgsrc-Changes archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

CVS commit: pkgsrc/mail/dovecot

Module Name:    pkgsrc
Committed By:   ghen
Date:           Sun Mar  9 11:58:17 UTC 2008

Modified Files:
        pkgsrc/mail/dovecot: Makefile distinfo

Log Message:
Update to Dovecot 1.0.13.

Note that the changes for the security hole fix were quite large. I tested with
several auth configurations myself and they seemed to work, but it's possible I
left a bug somewhere in there breaking someone's configuration. So make sure to
test that it works after upgrading.

Of course it would be really nice if Dovecot had a proper test suite where
testing all configurations could be automated and run before each release. I've
already started this with my imaptest tool (, but
it only does IMAP tests and a lot of things are still missing. Some help would
be nice here.

        * Fixed a security hole in blocking passdbs (MySQL always. PAM, passwd
          and shadow if blocking=yes) where user could specify extra fields
          in the password. The main problem here is when specifying
          "skip_password_check" introduced in v1.0.11 for fixing master user
          logins, allowing the user to log in as anyone without a valid

        - mail_privileged_group was broken in some systems (OS X, Solaris?)
        - IMAP THREAD: Fixed some correctness problems

To generate a diff of this commit:
cvs rdiff -r1.114 -r1.115 pkgsrc/mail/dovecot/Makefile
cvs rdiff -r1.79 -r1.80 pkgsrc/mail/dovecot/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Home | Main Index | Thread Index | Old Index