Accepting request 695556 from server:mail
- update to 2.3.5.2 (boo#1132501)
* CVE-2019-10691: Trying to login with 8bit username containing
invalid UTF8 input causes auth process to crash if auth policy
is enabled. This could be used rather easily to cause a DoS.
Similar crash also happens during mail delivery when using
invalid UTF8 in From or Subject header when OX push
notification driver is used.
- update to 2.3.5.1 (boo#1130116)
OBS-URL: https://build.opensuse.org/request/show/695556
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/dovecot23?expand=0&rev=17
This commit is contained in:
Dominique Leuenberger
Git OBS Bridge
commit
8d2188ca9a
@ -1,3 +0,0 @@
|
|||||||
version https://git-lfs.github.com/spec/v1
|
|
||||||
oid sha256:d78f9d479e3b2caa808160f86bfec1c9c7b46344d8b14b88f5fa9bbbf8c7c33f
|
|
||||||
size 6953150
|
|
||||||
@ -1,17 +0,0 @@
|
|||||||
-----BEGIN PGP SIGNATURE-----
|
|
||||||
|
|
||||||
iQJLBAABCAA1FiEEK+dKqz7nVN+5yA0zGKNIru1AnaEFAlyYoFMXHGRvdmVjb3Qt
|
|
||||||
Y2VAZG92ZWNvdC5vcmcACgkQGKNIru1AnaHamhAAkKY08CH7HxUio95L4d2IUS7t
|
|
||||||
W7XsCahhsAmhGWyCVTheT2o/3AVPuKW++6nomKwuFmPJFrFdFVmVAhX9tjyNcgHJ
|
|
||||||
YGH1IKy0DrV0RKAkYSvJcooyWXaqejTEQ7E/Ad94ldhGF1twa8xX+8Hr/1QY9cnB
|
|
||||||
1YuqczirsaU+fI9wBc4Dogt3RfA/r36/jGQKNlQYxf9/KTSV1QXtqKQRQWaBsDni
|
|
||||||
W4+ovuXlVNB3B5/aKUylsxHHUWYX5Ls4kk6+qpdKqTw9/WImuWPy7x5byRR3ycIP
|
|
||||||
EI31S1LjipM/oe/o0VKHserJCAf8Wkvj8f1t6ZzYFY7LQwj0Lge0FQ8jVctBhv+P
|
|
||||||
mFtX3L/tv7GN7k+nsH27jCFPfTlyGD9kN2UivUIXsiDkgRJI3ifcDvIuF1VnEybD
|
|
||||||
+IQksd3eMCHfV9NnFcIy4X7FiHxTz1S2FTFlb8nbr1CirehV4WJt5x27FDZjVHXP
|
|
||||||
mAvRY/iNkzRWEHbrTrgb9I9OUA5mXE2v3lox7WIPJwh+Nc8USS8/O0jFXPE7am5x
|
|
||||||
SspQ+2ZAOhLja2fp7wLZR2vxMXyjXAFT0teGoTq67fTPX8OKDgbNjFCKR4ROJKU8
|
|
||||||
d33KfXt8N4MPi6F9LZTm352248+jFUI4tXV7eJp6Aw9k8jje9OJzBfPYIdBgd2rD
|
|
||||||
EBi+rfFY/GcORlMO6Wc=
|
|
||||||
=RY2x
|
|
||||||
-----END PGP SIGNATURE-----
|
|
||||||
3
dovecot-2.3.5.2.tar.gz
Normal file
3
dovecot-2.3.5.2.tar.gz
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
version https://git-lfs.github.com/spec/v1
|
||||||
|
oid sha256:ba14e41aefd81a868a35b83bcb54194116106424d37690519b50ea83c0f31bf2
|
||||||
|
size 6953228
|
||||||
17
dovecot-2.3.5.2.tar.gz.sig
Normal file
17
dovecot-2.3.5.2.tar.gz.sig
Normal file
@ -0,0 +1,17 @@
|
|||||||
|
-----BEGIN PGP SIGNATURE-----
|
||||||
|
|
||||||
|
iQJLBAABCAA1FiEEK+dKqz7nVN+5yA0zGKNIru1AnaEFAly4Op0XHGRvdmVjb3Qt
|
||||||
|
Y2VAZG92ZWNvdC5vcmcACgkQGKNIru1AnaGNmBAAmVTk1EHLtY++LjMAwax5mDQ1
|
||||||
|
rwnoGWcCTCVrM7s7FAehvQ+FXnDTtHEWcWzxvjngm58jFBr+H/1NfAYR8srLfHc7
|
||||||
|
ucj4Xt9Fyl++pGyUXKS+RTZP+rcI6nt/AmPBqG/WaaMGKI04jFzNw2MMIJ2afOI6
|
||||||
|
MJbDOCZm6PDQiCAw7xJ2RaD021irAvZu1Xa1mVq2eZb5vrU8heVfOwZhyVU6H8bD
|
||||||
|
xaYbhvMNB7CHl3xMQDFNKLlArxEiAQgm4akVvC1NzCkkR87RwZfjjQZfdVd2xlx2
|
||||||
|
x2Jm33WrGPumXlpWNqPCrwKgynLJ0qgZZ78c9pwsIGW8Nq+LxK6z1hDdCbUjjTGj
|
||||||
|
AOYqxXuD9yJfKYFAL9y1YSY/BEVGrBK30RQdQxXb/xqQ6bxIysxPjSg7lWetclQO
|
||||||
|
XzyJlKV2qP8zjAjZisY4T4WGJm9zLX1JK6cojenjZBapRuGF9ro+QulZZtRCtljf
|
||||||
|
7jrOQLir8LjhA0KCH8mlPps33qyzVpOKmLtZ2w9MGIQowHQUAQA3G2EBp7h2pNm2
|
||||||
|
dFW/I+F6sU2CFBm9lvuLV4BWt2y9VZsaz7uk0NdUscPJ4i0XBQnoa7CEOzj1SXnR
|
||||||
|
R58tqxtXoelX/XmUsd6JWeW1jDaS/dGaxe30zSMKwZR3zKP7T+pJmKhHwRxwo1G8
|
||||||
|
Z3qiNsmMUycFz06VMho=
|
||||||
|
=t6Fw
|
||||||
|
-----END PGP SIGNATURE-----
|
||||||
@ -1,7 +1,18 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Thu Apr 18 11:40:06 UTC 2019 - Marcus Rueckert <mrueckert@suse.de>
|
||||||
|
|
||||||
|
- update to 2.3.5.2 (boo#1132501)
|
||||||
|
* CVE-2019-10691: Trying to login with 8bit username containing
|
||||||
|
invalid UTF8 input causes auth process to crash if auth policy
|
||||||
|
is enabled. This could be used rather easily to cause a DoS.
|
||||||
|
Similar crash also happens during mail delivery when using
|
||||||
|
invalid UTF8 in From or Subject header when OX push
|
||||||
|
notification driver is used.
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Thu Mar 28 12:36:55 UTC 2019 - Marcus Rueckert <mrueckert@suse.de>
|
Thu Mar 28 12:36:55 UTC 2019 - Marcus Rueckert <mrueckert@suse.de>
|
||||||
|
|
||||||
- update to 2.3.5.1
|
- update to 2.3.5.1 (boo#1130116)
|
||||||
* CVE-2019-7524: Missing input buffer size validation leads into
|
* CVE-2019-7524: Missing input buffer size validation leads into
|
||||||
arbitrary buffer overflow when reading fts or pop3 uidl header
|
arbitrary buffer overflow when reading fts or pop3 uidl header
|
||||||
from Dovecot index. Exploiting this requires direct write
|
from Dovecot index. Exploiting this requires direct write
|
||||||
|
|||||||
@ -17,10 +17,10 @@
|
|||||||
|
|
||||||
|
|
||||||
Name: dovecot23
|
Name: dovecot23
|
||||||
Version: 2.3.5.1
|
Version: 2.3.5.2
|
||||||
Release: 0
|
Release: 0
|
||||||
%define pkg_name dovecot
|
%define pkg_name dovecot
|
||||||
%define dovecot_version 2.3.5.1
|
%define dovecot_version 2.3.5.2
|
||||||
%define dovecot_pigeonhole_version 0.5.5
|
%define dovecot_pigeonhole_version 0.5.5
|
||||||
%define dovecot_branch 2.3
|
%define dovecot_branch 2.3
|
||||||
%define dovecot_pigeonhole_source_dir %{pkg_name}-%{dovecot_branch}-pigeonhole-%{dovecot_pigeonhole_version}
|
%define dovecot_pigeonhole_source_dir %{pkg_name}-%{dovecot_branch}-pigeonhole-%{dovecot_pigeonhole_version}
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user