pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/pkgsrc-2019Q2]: pkgsrc/mail/dovecot2 Pullup ticket #6041 - requested ...



details:   https://anonhg.NetBSD.org/pkgsrc/rev/f9bf88318b30
branches:  pkgsrc-2019Q2
changeset: 408206:f9bf88318b30
user:      bsiegert <bsiegert%pkgsrc.org@localhost>
date:      Sun Sep 08 17:11:50 2019 +0000

description:
Pullup ticket #6041 - requested by taca
mail/dovecot2: security fix

Revisions pulled up:
- mail/dovecot2/Makefile                                        1.98-1.100
- mail/dovecot2/Makefile.common                                 1.30-1.33
- mail/dovecot2/PLIST                                           1.66
- mail/dovecot2/buildlink3.mk                                   1.31-1.32
- mail/dovecot2/distinfo                                        1.93-1.97
- mail/dovecot2/options.mk                                      1.12
- mail/dovecot2/patches/patch-aa                                1.7
- mail/dovecot2/patches/patch-src_lib_ostream-file.c            deleted

---
   Module Name: pkgsrc
   Committed By:        triaxx
   Date:                Wed Jul  3 05:51:54 UTC 2019

   Modified Files:
        pkgsrc/mail/dovecot2: options.mk

   Log Message:
   dovecot2: remove gnutls option that is currently broken

   Fix PR pkg/54337

---
   Module Name: pkgsrc
   Committed By:        triaxx
   Date:                Wed Jul  3 06:09:22 UTC 2019

   Modified Files:
        pkgsrc/mail/dovecot2: Makefile Makefile.common buildlink3.mk distinfo
        pkgsrc/mail/dovecot2/patches: patch-aa

   Log Message:
   dovecot2: update blk3 to follow gnutls disabling

   Do not bump revision since binary cannot be altered

   pkgsrc changes:
   ---------------
     * make blk3 conform to options.mk
     * move BUILD_DEFS (pkglint WARN--)
     * comment an explicit patch (pkglint ERROR--)

---
   Module Name: pkgsrc
   Committed By:        taca
   Date:                Thu Jul 18 13:38:18 UTC 2019

   Modified Files:
        pkgsrc/mail/dovecot2: Makefile.common PLIST buildlink3.mk distinfo

   Log Message:
   mail/dovecot2:

   Update dovecot2 to 2.3.7.

   Changes
   -------

   * fts-solr: Removed break-imap-search parameter
   + Added more events for the new statistics, see
     https://doc.dovecot.org/admin_manual/list_of_events/
   + mail-lua: Add IMAP metadata accessors, see
     https://doc.dovecot.org/admin_manual/lua/
   + Add event exporters that allow exporting raw events to log files and
     external systems, see
     https://doc.dovecot.org/configuration_manual/event_export/
   + SNIPPET is now PREVIEW and size has been increased to 200 characters.
   + Add body option to fts_enforced. This triggers building FTS index only
     on body search, and an error using FTS index fails the search rather
     than reads through all the mails.
   - Submission/LMTP: Fixed crash when domain argument is invalid in a
     second EHLO/LHLO command.
   - Copying/moving mails using Maildir format loses IMAP keywords in the
     destination if the mail also has no system flags.
   - mail_attachment_detection_options=3Dadd-flags-on-save caused email body
     to be unnecessarily opened when FETCHing mail headers that were
     already cached.
   - mail attachment detection keywords not saved with maildir.
   - dovecot.index.cache may have grown excessively large in some
     situations. This happened especially when using autoexpunging with
     lazy_expunge folders. Also with mdbox format in general the cache file
     wasn't recreated as often as it should have.
   - Autoexpunged mails weren't immediately deleted from the disk. Instead,
     the deletion from disk happened the next time the folder was opened.
     This could have caused unnecessary delays if the opening was done by
     an interactive IMAP session.
   - Dovecot's TCP connections sometimes add extra 40ms latency due to not
     enabling TCP_NODELAY. HTTP and SMTP/LMTP connections weren't
     affected, but everything else was. This delay wasn't always visible -
     only in some situations with some message/packet sizes.
   - imapc: Fix various crash conditions
   - Dovecot builds were not always reproducible.
   - login-proxy: With shutdown_clients=3Dno after config reload the
     existing connections could no longer be listed or kicked with doveadm.
   - "doveadm proxy kick" with -f parameter caused a crash in some
     situations.
   - Auth policy can cause segmentation fault crash during auth process
     shutdown if all auth requests have not been finished.
   - Fix various minor bugs leading into incorrect behaviour in mailbox
     list index handling. These rarely caused noticeable problems.
   - LDAP auth: Iteration accesses freed memory, possibly crashing
     auth-worker
   - local_name { .. } filter in dovecot.conf does not correctly support
     multiple names and wildcards were matched incorrectly.
   - replicator: dsync assert-crashes if it can't connect to remote TCP
     server.
   - config: Memory leak in config process when ssl_dh setting wasn't
     set and there was no ssl-parameters.dat file.
     This caused config process to die once in a while
     with "out of memory".

---
   Module Name: pkgsrc
   Committed By:        hauke
   Date:                Fri Jul 19 15:13:31 UTC 2019

   Modified Files:
        pkgsrc/mail/dovecot2: Makefile distinfo
   Added Files:
        pkgsrc/mail/dovecot2/patches: patch-src_lib_ostream-file.c

   Log Message:
   Silence Error: file_ostream.net_set_tcp_nodelay(, TRUE) failed

   Patch from upstream -head via FreeBSD
   <https://svnweb.freebsd.org/ports/head/mail/dovecot/files/patch-src_lib_ostream-file.c?view=markup&pathrev=506487>
   <https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=239172>

---
   Module Name: pkgsrc
   Committed By:        taca
   Date:                Tue Jul 23 15:11:24 UTC 2019

   Modified Files:
        pkgsrc/mail/dovecot2: Makefile Makefile.common distinfo
   Removed Files:
        pkgsrc/mail/dovecot2/patches: patch-src_lib_ostream-file.c

   Log Message:
   mail/dovecot2: update to 2.3.7.1

   v2.3.7.1 2019-07-23  Timo Sirainen <timo.sirainen%open-xchange.com@localhost>

        - Fix TCP_NODELAY errors being logged on non-Linux OSes
        - lmtp proxy: Fix assert-crash when client uses BODY=8BITMIME
        - Remove wrongly added checks in namespace prefix checking

---
   Module Name: pkgsrc
   Committed By:        taca
   Date:                Thu Aug 29 01:05:20 UTC 2019

   Modified Files:
        pkgsrc/mail/dovecot2: Makefile.common distinfo

   Log Message:
   mail/dovecot2: update to 2.3.7.2

   Update dovecot2 and related packages to 2.3.7.2.

   Changes
   -------
   * CVE-2019-11500: IMAP protocol parser does not properly handle NUL byte
     when scanning data in quoted strings, leading to out of bounds heap
     memory writes. Found by Nick Roessler and Rafi Rubin.

diffstat:

 mail/dovecot2/Makefile                             |   4 +---
 mail/dovecot2/Makefile.common                      |   8 +++++---
 mail/dovecot2/PLIST                                |  10 +++++++---
 mail/dovecot2/buildlink3.mk                        |   6 ++----
 mail/dovecot2/distinfo                             |  12 ++++++------
 mail/dovecot2/options.mk                           |  13 +++----------
 mail/dovecot2/patches/patch-aa                     |   4 +++-
 mail/dovecot2/patches/patch-src_lib_ostream-file.c |  18 ++++++++++++++++++
 8 files changed, 45 insertions(+), 30 deletions(-)

diffs (208 lines):

diff -r 58a10af7c60a -r f9bf88318b30 mail/dovecot2/Makefile
--- a/mail/dovecot2/Makefile    Sun Sep 08 16:55:17 2019 +0000
+++ b/mail/dovecot2/Makefile    Sun Sep 08 17:11:50 2019 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.97 2018/10/23 16:29:18 adam Exp $
+# $NetBSD: Makefile,v 1.97.6.1 2019/09/08 17:11:50 bsiegert Exp $
 
 .include "../../mail/dovecot2/Makefile.common"
 
@@ -32,8 +32,6 @@
 OWN_DIRS=              ${PKG_SYSCONFDIR}/dovecot/
 OWN_DIRS+=             ${PKG_SYSCONFDIR}/dovecot/conf.d
 
-BUILD_DEFS+=           VARBASE
-
 post-install:
        ${INSTALL_DATA} ${WRKSRC}/doc/dovecot-openssl.cnf ${DESTDIR}${EGDIR}
        ${INSTALL_SCRIPT} ${WRKSRC}/doc/mkcert.sh ${DESTDIR}${EGDIR}
diff -r 58a10af7c60a -r f9bf88318b30 mail/dovecot2/Makefile.common
--- a/mail/dovecot2/Makefile.common     Sun Sep 08 16:55:17 2019 +0000
+++ b/mail/dovecot2/Makefile.common     Sun Sep 08 17:11:50 2019 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile.common,v 1.29 2019/06/09 22:10:45 nia Exp $
+# $NetBSD: Makefile.common,v 1.29.2.1 2019/09/08 17:11:50 bsiegert Exp $
 #
 # when updating to a new release, update ABI depends in
 # the buildlink3.mk file as well, since the plugins' version
@@ -11,9 +11,9 @@
 # used by mail/dovecot2-pgsql/Makefile
 # used by mail/dovecot2-sqlite/Makefile
 
-DISTNAME=      dovecot-2.3.6
+DISTNAME=      dovecot-2.3.7.2
 CATEGORIES=    mail
-MASTER_SITES=  https://www.dovecot.org/releases/${PKGVERSION_NOREV:R}/
+MASTER_SITES=  https://dovecot.org/releases/${PKGVERSION_NOREV:R:R}/
 
 MAINTAINER=    adam%NetBSD.org@localhost
 HOMEPAGE=      https://www.dovecot.org/
@@ -27,6 +27,8 @@
 USE_TOOLS+=            gmake pkg-config rpcgen
 GNU_CONFIGURE=         yes
 
+BUILD_DEFS+=           VARBASE
+
 .include "../../mk/bsd.prefs.mk"
 
 .if "${PKGPATH}" != "mail/dovecot2"
diff -r 58a10af7c60a -r f9bf88318b30 mail/dovecot2/PLIST
--- a/mail/dovecot2/PLIST       Sun Sep 08 16:55:17 2019 +0000
+++ b/mail/dovecot2/PLIST       Sun Sep 08 17:11:50 2019 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.65 2019/04/30 15:21:05 taca Exp $
+@comment $NetBSD: PLIST,v 1.65.2.1 2019/09/08 17:11:50 bsiegert Exp $
 bin/doveadm
 bin/doveconf
 bin/dsync
@@ -19,7 +19,6 @@
 include/dovecot/auth-client-connection.h
 include/dovecot/auth-client-interface.h
 include/dovecot/auth-client-private.h
-include/dovecot/auth-client-request.h
 include/dovecot/auth-client.h
 include/dovecot/auth-common.h
 include/dovecot/auth-fields.h
@@ -32,7 +31,6 @@
 include/dovecot/auth-request-stats.h
 include/dovecot/auth-request-var-expand.h
 include/dovecot/auth-request.h
-include/dovecot/auth-server-connection.h
 include/dovecot/auth-settings.h
 include/dovecot/auth-stats.h
 include/dovecot/auth-token.h
@@ -298,6 +296,11 @@
 include/dovecot/lib-signals.h
 include/dovecot/lib.h
 include/dovecot/llist.h
+include/dovecot/lmtp-client.h
+include/dovecot/lmtp-commands.h
+include/dovecot/lmtp-common.h
+include/dovecot/lmtp-recipient.h
+include/dovecot/lmtp-settings.h
 include/dovecot/log-throttle.h
 include/dovecot/login-common.h
 include/dovecot/login-proxy-state.h
@@ -1020,6 +1023,7 @@
 share/dovecot/stopwords/stopwords_ro.txt
 share/dovecot/stopwords/stopwords_ru.txt
 share/dovecot/stopwords/stopwords_sv.txt
+share/dovecot/stopwords/stopwords_tr.txt
 share/examples/dovecot/conf.d/10-auth.conf
 share/examples/dovecot/conf.d/10-director.conf
 share/examples/dovecot/conf.d/10-logging.conf
diff -r 58a10af7c60a -r f9bf88318b30 mail/dovecot2/buildlink3.mk
--- a/mail/dovecot2/buildlink3.mk       Sun Sep 08 16:55:17 2019 +0000
+++ b/mail/dovecot2/buildlink3.mk       Sun Sep 08 17:11:50 2019 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: buildlink3.mk,v 1.30 2019/03/05 17:05:46 hauke Exp $
+# $NetBSD: buildlink3.mk,v 1.30.4.1 2019/09/08 17:11:50 bsiegert Exp $
 
 BUILDLINK_TREE+=       dovecot
 
@@ -7,15 +7,13 @@
 
 BUILDLINK_API_DEPENDS.dovecot+=                dovecot>=2.2.0
 # must match current package version for plugins to load
-BUILDLINK_ABI_DEPENDS.dovecot+=                dovecot>=2.3.5
+BUILDLINK_ABI_DEPENDS.dovecot+=                dovecot>=2.3.7
 BUILDLINK_PKGSRCDIR.dovecot?=          ../../mail/dovecot2
 
 pkgbase:=      dovecot
 .include "../../mk/pkg-build-options.mk"
 .if !empty(PKG_BUILD_OPTIONS.dovecot:Mssl)
 .  include "../../security/openssl/buildlink3.mk"
-.elif !empty(PKG_BUILD_OPTIONS.dovecot:Mgnutls)
-.  include "../../security/gnutls/buildlink3.mk"
 .endif
 .include "../../archivers/bzip2/buildlink3.mk"
 .include "../../devel/zlib/buildlink3.mk"
diff -r 58a10af7c60a -r f9bf88318b30 mail/dovecot2/distinfo
--- a/mail/dovecot2/distinfo    Sun Sep 08 16:55:17 2019 +0000
+++ b/mail/dovecot2/distinfo    Sun Sep 08 17:11:50 2019 +0000
@@ -1,10 +1,10 @@
-$NetBSD: distinfo,v 1.92 2019/04/30 15:21:06 taca Exp $
+$NetBSD: distinfo,v 1.92.2.1 2019/09/08 17:11:50 bsiegert Exp $
 
-SHA1 (dovecot-2.3.6.tar.gz) = 7b939bb83bca6d2bbc932d33d5b450bd66d9d124
-RMD160 (dovecot-2.3.6.tar.gz) = 584e72ed6d8901960aa2ba48c0d3716db4222e95
-SHA512 (dovecot-2.3.6.tar.gz) = ec28af2efcbd4ab534298c3342709251074dcdb0f0f4bcad0d24b996b273387e2ce557d7ab54abafb69be3ed7dd61f25c82b9710d78156932e2eff7f941c9eb2
-Size (dovecot-2.3.6.tar.gz) = 6980135 bytes
-SHA1 (patch-aa) = ea185011f0c1ee3aa1ff528e61f6f356fe385666
+SHA1 (dovecot-2.3.7.2.tar.gz) = cceb5ec832c73275423ec2fe16381073aa798b0c
+RMD160 (dovecot-2.3.7.2.tar.gz) = 22b84d79fa580fc73d9fc810ad4b1328471e942c
+SHA512 (dovecot-2.3.7.2.tar.gz) = 172f7f0edb884259e4c050607510aee67a35c3a20b7dd147e7c8a25a04921c18f7d6b5c85af2c69ae8c4d53791550970e471b033dbfae94253e331053b6a317d
+Size (dovecot-2.3.7.2.tar.gz) = 7076231 bytes
+SHA1 (patch-aa) = 3af01aa4a8cea1a3fb840b6243a744de77069611
 SHA1 (patch-ab) = 9db15fd853ba47ef4bf04f2adc9ab24f71ee4d1e
 SHA1 (patch-ae) = c795585df9f415ceabb28eec1ff691ee26168d3b
 SHA1 (patch-af) = c066e94dd6593d16eec3e66f5f4d26f021918498
diff -r 58a10af7c60a -r f9bf88318b30 mail/dovecot2/options.mk
--- a/mail/dovecot2/options.mk  Sun Sep 08 16:55:17 2019 +0000
+++ b/mail/dovecot2/options.mk  Sun Sep 08 17:11:50 2019 +0000
@@ -1,9 +1,7 @@
-# $NetBSD: options.mk,v 1.11 2018/11/30 18:43:09 adam Exp $
+# $NetBSD: options.mk,v 1.11.6.1 2019/09/08 17:11:50 bsiegert Exp $
 
 PKG_OPTIONS_VAR=       PKG_OPTIONS.dovecot
-PKG_SUPPORTED_OPTIONS= kqueue pam tcpwrappers
-PKG_OPTIONS_OPTIONAL_GROUPS=ssl
-PKG_OPTIONS_GROUP.ssl= gnutls ssl
+PKG_SUPPORTED_OPTIONS= kqueue pam ssl tcpwrappers
 PKG_SUGGESTED_OPTIONS= pam ssl tcpwrappers
 
 .if defined(PKG_HAVE_KQUEUE)
@@ -14,7 +12,7 @@
 .include "../../mk/bsd.options.mk"
 
 ###
-### Build with OpenSSL or GNU TLS as the underlying crypto library
+### Build with OpenSSL as the underlying crypto library
 ###
 .if !empty(PKG_OPTIONS:Mssl)
 CONFIGURE_ARGS+=       --with-ssl=openssl
@@ -23,11 +21,6 @@
 BUILDLINK_API_DEPENDS.openssl+=openssl>=0.9.8a
 .  include "../../security/openssl/buildlink3.mk"
 PLIST.ssl=             yes
-.elif !empty(PKG_OPTIONS:Mgnutls)
-CONFIGURE_ARGS+=       --with-ssl=gnutls
-.  include "../../security/gnutls/buildlink3.mk"
-.else
-CONFIGURE_ARGS+=       --without-ssl
 .endif
 
 ###
diff -r 58a10af7c60a -r f9bf88318b30 mail/dovecot2/patches/patch-aa
--- a/mail/dovecot2/patches/patch-aa    Sun Sep 08 16:55:17 2019 +0000
+++ b/mail/dovecot2/patches/patch-aa    Sun Sep 08 17:11:50 2019 +0000
@@ -1,4 +1,6 @@
-$NetBSD: patch-aa,v 1.6 2013/05/23 19:45:50 adam Exp $
+$NetBSD: patch-aa,v 1.6.52.1 2019/09/08 17:11:50 bsiegert Exp $
+
+* Make the example directory pkgsrc compliant.
 
 --- doc/example-config/Makefile.in.orig        2013-05-19 23:04:29.000000000 +0000
 +++ doc/example-config/Makefile.in
diff -r 58a10af7c60a -r f9bf88318b30 mail/dovecot2/patches/patch-src_lib_ostream-file.c
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/mail/dovecot2/patches/patch-src_lib_ostream-file.c        Sun Sep 08 17:11:50 2019 +0000
@@ -0,0 +1,18 @@
+$NetBSD: patch-src_lib_ostream-file.c,v 1.2.2.2 2019/09/08 17:11:50 bsiegert Exp $
+
+Silence Error: file_ostream.net_set_tcp_nodelay(, TRUE) failed
+
+Patch from upstream -head via FreeBSD
+<https://svnweb.freebsd.org/ports/head/mail/dovecot/files/patch-src_lib_ostream-file.c?view=markup&pathrev=506487>
+
+--- src/lib/ostream-file.c.orig        2019-07-12 10:46:25.000000000 +0000
++++ src/lib/ostream-file.c
+@@ -334,7 +334,7 @@ static void o_stream_tcp_flush_via_nodel
+ {
+       if (net_set_tcp_nodelay(fstream->fd, TRUE) < 0) {
+               if (errno != ENOTSUP && errno != ENOTSOCK &&
+-                  errno != ENOPROTOOPT) {
++                  errno != ENOPROTOOPT && errno != EINVAL) {
+                       i_error("file_ostream.net_set_tcp_nodelay(%s, TRUE) failed: %m",
+                               o_stream_get_name(&fstream->ostream.ostream));
+               }



Home | Main Index | Thread Index | Old Index