non port: mail/dovecot/files/patch-configure |
Number of commits found: 7 |
Saturday, 3 Jul 2021
|
10:09 Kurt Jaeger (pi) Author: Juraj Lutter
mail/dovecot-*: update 2.3.13 -> 2.3.15 and related ports
PR: 256860
Approved by: fluffy (ports-secteam)
Submitted by: otis
Relnotes: https://dovecot.org/pipermail/dovecot-news/2021-June/000457.html
https://dovecot.org/pipermail/dovecot-news/2021-March/000455.html
https://dovecot.org/pipermail/dovecot-news/2021-March/000456.html
https://dovecot.org/pipermail/dovecot-news/2021-June/000458.html
Security: CVE-2021-29157, CVE-2021-33515, CVE-2020-28200
Differential Revision: https://reviews.freebsd.org/D30866
MFH: 2021Q3
21a797e |
Friday, 29 Jan 2021
|
09:30 fluffy
mail/dovecot: unbreak build with lua54
Reported by: poudriere failure
Approved by: portmgr blanket (fix build)
MFH: 2021Q1
 |
Friday, 14 Aug 2020
|
00:27 ler
mail/dovecot, mail/dovecot-pigeonhole: upgrade to 2.3.11.3 and 0.5.11,
repectively.
dovecot changelog:
* CVE-2020-12100: Parsing mails with a large number of MIME parts could
have resulted in excessive CPU usage or a crash due to running out of
stack memory.
* CVE-2020-12673: Dovecot's NTLM implementation does not correctly check
message buffer size, which leads to reading past allocation which can
lead to crash.
* CVE-2020-10967: lmtp/submission: Issuing the RCPT command with an
address that has the empty quoted string as local-part causes the lmtp
service to crash.
* CVE-2020-12674: Dovecot's RPA mechanism implementation accepts
zero-length message, which leads to assert-crash later on.
* Events: Fix inconsistency in events. See event documentation in
https://doc.dovecot.org.
* imap_command_finished event's cmd_name field now contains "unknown"
for unknown commands. A new "cmd_input_name" field contains the
command name exactly as it was sent.
* lib-index: Renamed mail_cache_compress_* settings to mail_cache_purge_*.
Note that these settings are mainly intended for testing and usually
shouldn't be changed.
* events: Renamed "index" event category to "mail-index".
* events: service:<name> category is now using the name from
configuration file.
* dns-client: service dns_client was renamed to dns-client.
* log: Prefixes generally use the service name from configuration file.
For example dict-async service will now use
"dict-async(pid): " log prefix instead of "dict(pid): "
* *-login: Changed logging done by proxying to use a consistent prefix
containing the IP address and port.
* *-login: Changed disconnection log messages to be slightly clearer.
+ dict: Add events for dictionaries.
+ lib-index: Finish logging with events.
+ oauth2: Support local validation of JWT tokens.
+ stats: Add support for dynamic histograms and grouping. See
https://doc.dovecot.org/configuration_manual/stats/.
+ imap: Implement RFC 8514: IMAP SAVEDATE
+ lib-index: If a long-running transaction (e.g. SORT/FETCH on a huge
folder) adds a lot of data to dovecot.index.cache file, commit those
changes periodically to make them visible to other concurrent sessions
as well.
+ stats: Add OpenMetrics exporter for statistics. See
https://doc.dovecot.org/configuration_manual/stats/openmetrics/.
+ stats: Support disabling stats-writer socket by setting
stats_writer_socket_path="".
- auth-worker: Process keeps slowly increasing its memory usage and
eventually dies with "out of memory" due to reaching vsz_limit.
- auth: Prevent potential timing attacks in authentication secret
comparisons: OAUTH2 JWT-token HMAC, imap-urlauth token, crypt() result.
- auth: Several auth-mechanisms allowed input to be truncated by NUL
which can potentially lead to unintentional issues or even successful
logins which should have failed.
- auth: When auth policy returned a delay, auth_request_finished event
had policy_result=ok field instead of policy_result=delayed.
- auth: auth process crash when auth_policy_server_url is set to an
invalid URL.
- auth: Lua passdb/userdb leaks stack elements per call, eventually
causing the stack to become too deep and crashing the auth or
auth-worker process.
- dict-ldap: Crash occurs if var_expand template expansion fails.
- dict: If dict client disconnected while iteration was still running,
dict process could have started using 100% CPU, although it was still
handling clients.
- doveadm: Running doveadm commands via proxying may hang, especially
when doveadm is printing a lot of output.
- imap: "MOVE * destfolder" goes to a loop copying the last mail to the
destination until the imap process dies due to running out of memory.
- imap: Running "UID MOVE 1:* Trash" on an empty folder goes to infinite
loop.
- imap: SEARCH doesn't support $.
- lib-compress: Buffer over-read in zlib stream read.
- lib-dns: If DNS lookup times out, lib-dns can cause crash in calling
process.
- lib-index: Fixed several bugs in dovecot.index.cache handling that
could have caused cached data to be lost.
- lib-index: Writing to >=1 GB dovecot.index.cache files may cause
assert-crashes:
Panic: file mail-index-util.c: line 37 (mail_index_uint32_to_offset):
assertion failed: (offset < 0x40000000)
- lib-mail: v2.3.11 regression: MIME parts not returned correctly by
Dovecot MIME parser.
- lib-ssl-iostream: Fix buggy OpenSSL error handling without
assert-crashing. If there is no error available, log it as an error
instead of crashing:
Panic: file iostream-openssl.c: line 599 (openssl_iostream_handle_error):
assertion failed: (errno != 0)
- lib-ssl-iostream: ssl_key_password setting did not work.
- pop3-login: Login didn't handle commands in multiple IP packets properly.
This mainly affected large XCLIENT commands or a large SASL initial
response parameter in the AUTH command.
- pop3: pop3_deleted_flag setting was broken, causing:
Panic: file seq-range-array.c: line 472 (seq_range_array_invert):
assertion failed: (range[count-1].seq2 <= max_seq)
- pop3-login: Login would fail with "Input buffer full" if the initial
response for SASL was too long.
- submission: A segfault crash may occur when the client or server
disconnects while a non-transaction command like NOOP or VRFY is still
being processed.
- virtual: Copying/moving mails with IMAP into a virtual folder
assert-crashes:
Panic: file cmd-copy.c: line 152 (fetch_and_copy): assertion failed:
(copy_ctx->copy_count == seq_range_count(©_ctx->saved_uids))
pigeonhole changelog:
* managesieve: managesieve_max_line_length setting is now a "size" type
instead of just number of bytes. This allows using e.g. "64k" as the
value.
- lib-sieve: When folding white space is used in the Message-ID header,
it is not stripped away correctly before the message ID value is used,
causing e.g. garbled log lines at delivery.
PR: 248640
PR: 248644
Submitted by: juraj@lutter.sk
Reported by: juraj@lutter.sk
MFH: 2020Q3
Security: 87a07de1-e55e-4d51-bb64-8d117829a26a
Security: CVE-2020-12100
Security: CVE-2020-12673
Security: CVE-2020-10967
Security: CVE-2020-12674
 |
Monday, 23 Mar 2020
|
22:07 ler
mail/dovecot: use libexttextcat for lucene.
PR: 244932
Submitted by: igorz@yandex.ru
 |
Friday, 22 May 2009
|
21:48 miwi
- Update to 1.1.15
PR: 134852
Submitted by: Yarema <yds@CoolRat.org> (Maintainer)
 |
Friday, 30 Jan 2009
|
21:16 beech
- Update to 1.1.10
Submitted by: Yarema <yds@coolrat.org> (maintainer)
 |
Monday, 8 Sep 2008
|
06:42 beech
- Update to 1.1.3
- Add support for Berkeley DB used by the expire plugin.
- Install more DOCS.
- Move the SCRIPT_ENV substitutions to SUB_FILES
otherwise DOVECOT_[UG]ID settings do not propagate to the binary package.
- Change from .if defined(WITHOUT_*)to .if defined(WITH_*) &&
!defined(WITHOUT_*)
- Make the PROTOCOLS substitution include all the protocols which are built
into the example config file.
- Clean up patch-dovecot-example.conf and perform some post-patch processing
to reflect more closely how this port actually installs. This is necessary
because of the optional ManageSieve patch.
- Modify files/dovecot.sh.in to ensure runtime directories exist with correct
permissions.
- Rework the install so all the example config files get installed into
EXAMPLESDIR as per hier(7) independent of the NOPORTDOCS tunable. Install
the relevant config files into etc/ if no prior version exists.
- Ensure that 'make install' and pkg_add(1) produce identical installs and
that everything is accounted for in the PLIST.
PR: ports/127200
Submitted by: Yarema <yds@CoolRat.org> (maintainer)
 |
Number of commits found: 7 |