Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/mail mail/dovecot2: update to 2.3.10.1
details: https://anonhg.NetBSD.org/pkgsrc/rev/0cd96fab7a31
branches: trunk
changeset: 432066:0cd96fab7a31
user: taca <taca%pkgsrc.org@localhost>
date: Mon May 18 14:20:46 2020 +0000
description:
mail/dovecot2: update to 2.3.10.1
Update dovecot2 to 2.3.10.1.
v2.3.10.1 2020-05-18 Aki Tuomi <aki.tuomi%open-xchange.com@localhost>
- CVE-2020-10957: lmtp/submission: A client can crash the server by
sending a NOOP command with an invalid string parameter. This occurs
particularly for a parameter that doesn't start with a double quote.
This applies to all SMTP services, including submission-login, which
makes it possible to crash the submission service without
authentication.
- CVE-2020-10958: lmtp/submission: Sending many invalid or unknown
commands can cause the server to access freed memory, which can lead
to a server crash. This happens when the server closes the connection
with a "421 Too many invalid commands" error. The bad command limit
depends on the service (lmtp or submission) and varies between 10 to
20 bad commands.
- CVE-2020-10967: lmtp/submission: Issuing the RCPT command with an
address that has the empty quoted string as local-part causes the lmtp
service to crash.
diffstat:
mail/dovecot2-sqlite/Makefile | 3 +--
mail/dovecot2/Makefile.common | 6 +++---
mail/dovecot2/distinfo | 10 +++++-----
3 files changed, 9 insertions(+), 10 deletions(-)
diffs (50 lines):
diff -r 0e77d014bd88 -r 0cd96fab7a31 mail/dovecot2-sqlite/Makefile
--- a/mail/dovecot2-sqlite/Makefile Mon May 18 13:44:40 2020 +0000
+++ b/mail/dovecot2-sqlite/Makefile Mon May 18 14:20:46 2020 +0000
@@ -1,6 +1,5 @@
-# $NetBSD: Makefile,v 1.20 2020/04/12 08:28:56 adam Exp $
+# $NetBSD: Makefile,v 1.21 2020/05/18 14:20:46 taca Exp $
-PKGREVISION= 1
.include "../../mail/dovecot2/Makefile.common"
PKGNAME= ${DISTNAME:S/dovecot/dovecot-sqlite/}
diff -r 0e77d014bd88 -r 0cd96fab7a31 mail/dovecot2/Makefile.common
--- a/mail/dovecot2/Makefile.common Mon May 18 13:44:40 2020 +0000
+++ b/mail/dovecot2/Makefile.common Mon May 18 14:20:46 2020 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile.common,v 1.39 2020/03/15 22:52:04 adam Exp $
+# $NetBSD: Makefile.common,v 1.40 2020/05/18 14:20:46 taca Exp $
#
# when updating to a new release, update ABI depends in
# the buildlink3.mk file as well, since the plugins' version
@@ -11,9 +11,9 @@
# used by mail/dovecot2-pgsql/Makefile
# used by mail/dovecot2-sqlite/Makefile
-DISTNAME= dovecot-2.3.10
+DISTNAME= dovecot-2.3.10.1
CATEGORIES= mail
-MASTER_SITES= https://dovecot.org/releases/${PKGVERSION_NOREV:R}/
+MASTER_SITES= https://dovecot.org/releases/${PKGVERSION_NOREV:R:R}/
MAINTAINER= adam%NetBSD.org@localhost
HOMEPAGE= https://www.dovecot.org/
diff -r 0e77d014bd88 -r 0cd96fab7a31 mail/dovecot2/distinfo
--- a/mail/dovecot2/distinfo Mon May 18 13:44:40 2020 +0000
+++ b/mail/dovecot2/distinfo Mon May 18 14:20:46 2020 +0000
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.103 2020/03/15 22:52:04 adam Exp $
+$NetBSD: distinfo,v 1.104 2020/05/18 14:20:46 taca Exp $
-SHA1 (dovecot-2.3.10.tar.gz) = cf0d572b640bec519c3c771716d0b32148dc2bd4
-RMD160 (dovecot-2.3.10.tar.gz) = c4892cc02b7a414a23a03c6adb03acc115c0796b
-SHA512 (dovecot-2.3.10.tar.gz) = 73e10d7d1e616d6599eb53f2d2d1ac0f0f2e6e84019faac5cd525e833da44839a7e483635b61d432e3254a9e5f6f90915bec8940c584210341085241949dffa2
-Size (dovecot-2.3.10.tar.gz) = 7222241 bytes
+SHA1 (dovecot-2.3.10.1.tar.gz) = d8afa71f3a7a2c2e406745ff43057ae94ed23871
+RMD160 (dovecot-2.3.10.1.tar.gz) = f68993644d14c4bae321e2525fb6c885724d8ebd
+SHA512 (dovecot-2.3.10.1.tar.gz) = 5c07436a3e861993f241caa2c60f035c533c5fceb5c8540c1717d31bedd54b82299f7ea11bfee12c72d4d33985d93a7130c4f56877864a7ad21cf7373a29cc06
+Size (dovecot-2.3.10.1.tar.gz) = 7226958 bytes
SHA1 (patch-aa) = 3af01aa4a8cea1a3fb840b6243a744de77069611
SHA1 (patch-ab) = 9db15fd853ba47ef4bf04f2adc9ab24f71ee4d1e
SHA1 (patch-ae) = c795585df9f415ceabb28eec1ff691ee26168d3b
Home |
Main Index |
Thread Index |
Old Index