From be50c964a08c91904fd5da101d147782cf10c055646a3d7359eb7486a2dc1083 Mon Sep 17 00:00:00 2001
From: Marcus Rueckert <mrueckert@suse.com>
Date: Fri, 8 Mar 2019 18:12:37 +0000
Subject: [PATCH 1/2] - update to 2.3.5 and pigeonhole to 0.5.5

OBS-URL: https://build.opensuse.org/package/show/server:mail/dovecot23?expand=0&rev=40
---
 10048229...de42b54a.patch                     | 102 ------------------
 ...01ffdd2a8115e03ed7180d53578765dea4c9.patch |  36 -------
 dovecot-2.3-pigeonhole-0.5.4.tar.gz           |   3 -
 dovecot-2.3-pigeonhole-0.5.4.tar.gz.sig       |  11 --
 dovecot-2.3-pigeonhole-0.5.5.tar.gz           |   3 +
 dovecot-2.3-pigeonhole-0.5.5.tar.gz.sig       |  17 +++
 dovecot-2.3.4.1.tar.gz                        |   3 -
 dovecot-2.3.4.1.tar.gz.sig                    |  17 ---
 dovecot-2.3.5.tar.gz                          |   3 +
 dovecot-2.3.5.tar.gz.sig                      |  17 +++
 dovecot23.changes                             |  59 ++++++++++
 dovecot23.spec                                |  10 +-
 12 files changed, 102 insertions(+), 179 deletions(-)
 delete mode 100644 10048229...de42b54a.patch
 delete mode 100644 3c5101ffdd2a8115e03ed7180d53578765dea4c9.patch
 delete mode 100644 dovecot-2.3-pigeonhole-0.5.4.tar.gz
 delete mode 100644 dovecot-2.3-pigeonhole-0.5.4.tar.gz.sig
 create mode 100644 dovecot-2.3-pigeonhole-0.5.5.tar.gz
 create mode 100644 dovecot-2.3-pigeonhole-0.5.5.tar.gz.sig
 delete mode 100644 dovecot-2.3.4.1.tar.gz
 delete mode 100644 dovecot-2.3.4.1.tar.gz.sig
 create mode 100644 dovecot-2.3.5.tar.gz
 create mode 100644 dovecot-2.3.5.tar.gz.sig

diff --git a/10048229...de42b54a.patch b/10048229...de42b54a.patch
deleted file mode 100644
index 19de38b..0000000
--- a/10048229...de42b54a.patch
+++ /dev/null
@@ -1,102 +0,0 @@
-From 10048229ed3030fe47b35a2200e33c45e3e97a84 Mon Sep 17 00:00:00 2001
-From: Aki Tuomi <aki.tuomi@dovecot.fi>
-Date: Fri, 23 Nov 2018 15:33:20 +0200
-Subject: [PATCH 1/2] lib-master: test-event-stats - Include signal.h
-
-Forgotten in e16ba6f
----
- src/lib-master/test-event-stats.c | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/src/lib-master/test-event-stats.c b/src/lib-master/test-event-stats.c
-index 41d6f01e76..8fcb3dd22d 100644
---- a/src/lib-master/test-event-stats.c
-+++ b/src/lib-master/test-event-stats.c
-@@ -13,6 +13,7 @@
- #include "test-common.h"
- #include <fcntl.h>
- #include <unistd.h>
-+#include <signal.h>
- #include <sys/socket.h>
- #include <sys/un.h>
- #include <sys/wait.h>
-
-From de42b54aaf165d4f62b45be864dde36bdbbc4276 Mon Sep 17 00:00:00 2001
-From: Aki Tuomi <aki.tuomi@dovecot.fi>
-Date: Fri, 23 Nov 2018 15:34:51 +0200
-Subject: [PATCH 2/2] lib-master: test-event-stats - Use PRIu64 format
-
-Forgotten in e16ba6f
----
- src/lib-master/test-event-stats.c | 22 +++++++++++-----------
- 1 file changed, 11 insertions(+), 11 deletions(-)
-
-diff --git a/src/lib-master/test-event-stats.c b/src/lib-master/test-event-stats.c
-index 8fcb3dd22d..2d8a13cd40 100644
---- a/src/lib-master/test-event-stats.c
-+++ b/src/lib-master/test-event-stats.c
-@@ -344,7 +344,7 @@ static void test_no_merging2(void)
- 	event_unref(&child_ev);
- 	test_assert(
- 		compare_test_stats_to(
--			"EVENT	%lu	1	0	0"
-+			"EVENT	%"PRIu64"	1	0	0"
- 			"	stest-event-stats.c	%d"
- 			"	l0	0	ctest2\n", id, l));
- 	test_end();
-@@ -370,12 +370,12 @@ static void test_no_merging3(void)
- 	event_unref(&child_ev);
- 	test_assert(
- 		compare_test_stats_to(
--			"BEGIN	%lu	0	1	0	0"
-+			"BEGIN	%"PRIu64"	0	1	0	0"
- 			"	stest-event-stats.c	%d	ctest1\n"
--			"EVENT	%lu	1	1	0"
-+			"EVENT	%"PRIu64"	1	1	0"
- 			"	stest-event-stats.c	%d"
- 			"	l1	0	ctest2\n"
--			"END\t%lu\n", idp, lp, idp, l, idp));
-+			"END\t%"PRIu64"\n", idp, lp, idp, l, idp));
- 	test_end();
- }
- 
-@@ -435,7 +435,7 @@ static void test_merge_events2(void)
- 	event_unref(&merge_ev2);
- 	test_assert(
- 		compare_test_stats_to(
--			"EVENT	%lu	1	0	0"
-+			"EVENT	%"PRIu64"	1	0	0"
- 			"	stest-event-stats.c	%d	l0	0"
- 			"	ctest3	ctest2	ctest1	Tkey3"
- 			"	10	0	Ikey2	20"
-@@ -467,11 +467,11 @@ static void test_skip_parents(void)
- 	event_unref(&child_ev);
- 	test_assert(
- 		compare_test_stats_to(
--			"BEGIN	%lu	0	1	0	0"
-+			"BEGIN	%"PRIu64"	0	1	0	0"
- 			"	stest-event-stats.c	%d	ctest1\n"
--			"EVENT	%lu	1	3	0	"
-+			"EVENT	%"PRIu64"	1	3	0	"
- 			"stest-event-stats.c	%d	l3	0"
--			"	ctest2\nEND\t%lu\n", id, lp, id, l, id));
-+			"	ctest2\nEND\t%"PRIu64"\n", id, lp, id, l, id));
- 	test_end();
- }
- 
-@@ -509,12 +509,12 @@ static void test_merge_events_skip_parents(void)
- 	event_unref(&child2_ev);
- 	test_assert(
- 		compare_test_stats_to(
--			"BEGIN	%lu	0	1	0	0"
-+			"BEGIN	%"PRIu64"	0	1	0	0"
- 			"	stest-event-stats.c	%d	ctest1\n"
--			"EVENT	%lu	1	3	0	"
-+			"EVENT	%"PRIu64"	1	3	0	"
- 			"stest-event-stats.c	%d	l3	0	"
- 			"ctest4	ctest5	Tkey3	10	0	Skey4"
--			"	str4\nEND\t%lu\n", id, lp, id, l, id));
-+			"	str4\nEND\t%"PRIu64"\n", id, lp, id, l, id));
- 	test_end();
- }
- 
diff --git a/3c5101ffdd2a8115e03ed7180d53578765dea4c9.patch b/3c5101ffdd2a8115e03ed7180d53578765dea4c9.patch
deleted file mode 100644
index 6a6fdb9..0000000
--- a/3c5101ffdd2a8115e03ed7180d53578765dea4c9.patch
+++ /dev/null
@@ -1,36 +0,0 @@
-From 3c5101ffdd2a8115e03ed7180d53578765dea4c9 Mon Sep 17 00:00:00 2001
-From: Aki Tuomi <aki.tuomi@dovecot.fi>
-Date: Tue, 4 Dec 2018 14:40:04 +0200
-Subject: [PATCH] driver-mysql: Avoid double-closing MySQL connection
-
-Fixes double-free
----
- src/lib-sql/driver-mysql.c | 8 ++++++--
- 1 file changed, 6 insertions(+), 2 deletions(-)
-
-diff --git a/src/lib-sql/driver-mysql.c b/src/lib-sql/driver-mysql.c
-index c87e825e4b..5dd1c3124f 100644
---- a/src/lib-sql/driver-mysql.c
-+++ b/src/lib-sql/driver-mysql.c
-@@ -173,7 +173,9 @@ static int driver_mysql_connect(struct sql_db *_db)
- static void driver_mysql_disconnect(struct sql_db *_db)
- {
- 	struct mysql_db *db = (struct mysql_db *)_db;
--	mysql_close(db->mysql);
-+	if (db->mysql != NULL)
-+		mysql_close(db->mysql);
-+	db->mysql = NULL;
- }
- 
- static int driver_mysql_parse_connect_string(struct mysql_db *db,
-@@ -311,7 +313,9 @@ static void driver_mysql_deinit_v(struct sql_db *_db)
- 	_db->no_reconnect = TRUE;
- 	sql_db_set_state(&db->api, SQL_DB_STATE_DISCONNECTED);
- 
--	mysql_close(db->mysql);
-+	if (db->mysql != NULL)
-+		mysql_close(db->mysql);
-+	db->mysql = NULL;
- 
- 	sql_connection_log_finished(_db);
- 	event_unref(&_db->event);
diff --git a/dovecot-2.3-pigeonhole-0.5.4.tar.gz b/dovecot-2.3-pigeonhole-0.5.4.tar.gz
deleted file mode 100644
index d520fb8..0000000
--- a/dovecot-2.3-pigeonhole-0.5.4.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:547999e67a001abc5e654c7e35653d3fe057fa9a47a24257e39a79c41ef08516
-size 1831570
diff --git a/dovecot-2.3-pigeonhole-0.5.4.tar.gz.sig b/dovecot-2.3-pigeonhole-0.5.4.tar.gz.sig
deleted file mode 100644
index fceeb65..0000000
--- a/dovecot-2.3-pigeonhole-0.5.4.tar.gz.sig
+++ /dev/null
@@ -1,11 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iQEzBAABCgAdFiEEQvPNUNTyWkGDO+43BNYrHj37tPQFAlv3870ACgkQBNYrHj37
-tPQJJwf/QCT3BVbiVC4kUvZWmMoMT8DXt27NNihyQ1slHg3JA5UNR++jK93DBR7u
-vqd2yuhQDPYWlWjwphc4auVNMGh5aIfLahzu4qQeopyHZ0Eo2jAvf27vHCXY0oqG
-o9hO/RmreafsetwU2qhzbTcyVIZsitxwuUWdlhuYrHxR62VZdZ4ZGXGY5QA/+cGT
-UlLTP8izdKaxYyyweMqjr2/PP+rGT37b2coi4DZSbvETZMSewlb48iI7ETWBkFbU
-daULRdmaDrOEZi864tdzhfqyXGxFw39wZEI8Xi1tn6kAi+EF3UPVAPwJF/d3iWdX
-Vhzm3YtNc8v2R7N/CLSKdRe2w1Cxeg==
-=JNE+
------END PGP SIGNATURE-----
diff --git a/dovecot-2.3-pigeonhole-0.5.5.tar.gz b/dovecot-2.3-pigeonhole-0.5.5.tar.gz
new file mode 100644
index 0000000..ca300cd
--- /dev/null
+++ b/dovecot-2.3-pigeonhole-0.5.5.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:cbaa106e1c2b23824420efdd6a9f8572c64c8dccf75a3101a899b6ddb25149a5
+size 1847487
diff --git a/dovecot-2.3-pigeonhole-0.5.5.tar.gz.sig b/dovecot-2.3-pigeonhole-0.5.5.tar.gz.sig
new file mode 100644
index 0000000..7559b03
--- /dev/null
+++ b/dovecot-2.3-pigeonhole-0.5.5.tar.gz.sig
@@ -0,0 +1,17 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQJLBAABCAA1FiEEK+dKqz7nVN+5yA0zGKNIru1AnaEFAlx+agQXHGRvdmVjb3Qt
+Y2VAZG92ZWNvdC5vcmcACgkQGKNIru1AnaFwLhAAmsOF25cj1lPtrIHmL5Oa1mBK
+kcT2+U/CG9a6cFT/7GTu2b1juKeVW0Qcznb82kibeM0ITw/T1iFciTYEwhYykeb6
+RhBFgTqwwufyxWwnzPHzvGRkWp5GRIgoEZQBlc9GbVu3qlWJU1ROvo2E6awkfr1b
+uSG6zpCfBDRjEipEqbByopb/QotTA+bGCJ2lYStVALbHvMGhkuL8LWaGIDn1XW8q
+ULWV7ab544b+Tuoeo7lzUDzmNtpxS5WMqlV44jnLqORHsE65L6LVTjr6tfjbXMaL
+cs/mr3toSfU1uO35YjAIY7PbzPN2Vz7W6yRcFW6gi+fkCEn1ZuQ7+gaHk/lq7RPP
++fqGwqLSewCu0zzyfjSl378hgl6gjacT8CaV8VQyLxUAI0fwUBklZ//sCTtNL9OT
+1/ooTEGOyE8Qd7DsfYNLqh4AfSzqvbDXfNUZ/gI97ujliBg2Ffx+22bbjOYxyB2e
+XyM8I59eEoe5i5lEILnx0lUrpCV/aEt/YmZqocoQd3pYN0pv5rSw9qSYLyNMak01
++jr9trFx652/e/3ortcZVGT4wMgcef0ra2pTmAnBH2cf+KFSfs2z7G3IACWf2Puq
+LW9n2qa0ph7WaqtO6VccNHI9/eyYk92Fi62mm2PPehwEUE/BDzIQGWkWmN+Cuw8P
+M5cDQPS1tGLt4XpHt5U=
+=rdcg
+-----END PGP SIGNATURE-----
diff --git a/dovecot-2.3.4.1.tar.gz b/dovecot-2.3.4.1.tar.gz
deleted file mode 100644
index a476618..0000000
--- a/dovecot-2.3.4.1.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:b8873e2ce5c33e58963bb7a8d2ff8427c09dbfdd63e13a0b0f4502864043aa07
-size 6925073
diff --git a/dovecot-2.3.4.1.tar.gz.sig b/dovecot-2.3.4.1.tar.gz.sig
deleted file mode 100644
index de29adc..0000000
--- a/dovecot-2.3.4.1.tar.gz.sig
+++ /dev/null
@@ -1,17 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iQJLBAABCAA1FiEEK+dKqz7nVN+5yA0zGKNIru1AnaEFAlxZb8EXHGRvdmVjb3Qt
-Y2VAZG92ZWNvdC5vcmcACgkQGKNIru1AnaGwOBAAm9ck9yken0ArzR0njXywornz
-ftUrEflzkEESqVxFVGF7i4ZPxa1Dfrpb5QedIBcdFp1sV1sALSh5HH5k43TV+yBY
-r7trHu8kJSOmFE4KoHst9Y6bewu3Rg5Bh2v5XBaaY6A9ADjdJNamT4AAqDDI2f6Q
-f27P/O+34bvgCI7Ol1VezFXlNagBtcSBAtPTqfqdILqW/H0oV1J21gmBGTT6u6Z8
-aPyf060U46GZWjHBQDoZRq0NUSIYf8H7qdubEbt0kCifWFuT1LjmvLRbQv3Wxp5m
-H0QjzWejVun9AX6MG5mZCzmIn+q30ArUG9EJ4tAAzvsCUqywvpbjjuU2wULGJJNz
-oEAEVIXp84yxXUavnr+DFevh2yruVHZUj16lwF98u29IWiSwFfhZZsyc+jXuwiDm
-WYl/KfOL3ACBakcPxdMyVTwghKBAA9xH0DXAsPTyIrxwmNgn48d/wiQtmtsYVAYb
-HlYtooee4KptiXL9Eq/kAz7oAPrVdhZxqT48CRh6Cd6dfWtGXNQIMdXVt/7T2ygJ
-sC/wpziKEy+BE1J/NSuCOgGNcIQij0VJvl9rnldpxACzNQ0CGaJfKv7/LPF2bO5o
-LED+rFOFfK3IOGxZgr5euQPIVVn7DxAZaIoEumwYW3YO46BJlSB+9XN20YVqH4vY
-jyPHxVeZN6q7RvlP498=
-=HaCn
------END PGP SIGNATURE-----
diff --git a/dovecot-2.3.5.tar.gz b/dovecot-2.3.5.tar.gz
new file mode 100644
index 0000000..1fcf334
--- /dev/null
+++ b/dovecot-2.3.5.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:bfe112ec6d11f7d6c6f7f0440e3b6e2c840c15cec1e99466b5495765d54aaaff
+size 6970480
diff --git a/dovecot-2.3.5.tar.gz.sig b/dovecot-2.3.5.tar.gz.sig
new file mode 100644
index 0000000..1dc6677
--- /dev/null
+++ b/dovecot-2.3.5.tar.gz.sig
@@ -0,0 +1,17 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQJLBAABCAA1FiEEK+dKqz7nVN+5yA0zGKNIru1AnaEFAlx+afoXHGRvdmVjb3Qt
+Y2VAZG92ZWNvdC5vcmcACgkQGKNIru1AnaGmvQ/8D5tOni6a8HJaGF1KlQ1ubMhJ
+CkFWGSNJ5x0UCycCsqgEOMmDPL7Euf9LLwmKgb8FHTWc96TexyiM+n+VXuzaH2yN
+J6UXLrUqtOybKt1kTOmy8L14tcZG9eBq8V3ycogyuXe2qnucVJjr8D1MS3UX4xsV
+ly1Zqcwky8RrUVTcTlbEwjoYUJY75NNeoTEKG/Eq3xwiDSTzh2/JQuhO/wP89ZDW
+8H681rHEGQImzYUVlMMYqeUvgqATVn/pwpDp1ov4/K52vQTfY3vX6xYnE+lQ5cg0
+LzXokkBS54CsVCg7XwqfMpTjEOfpOLSbwCE+Ujak/xIvzz1Fg7sn1XL9oIYaZg5R
+2IU9lmWkzscPiBfz57knOyB/jiNJjSHYEFlgrVjskqId5xfLdkFN/VNeI7LDWNC/
+sKHgRy92EwOVi9gQM8FRTmnsDyfpeSZ5DW8FaNr4iRg8RYfqjwSs1xTH6mzD1hcX
+RodblVxxEWB4uFj/0lY0J60Mad63l+xrsv4NEpnxFRQknoINyWNWM5JHRJjoW2rS
+XGUh8XZWsCiNVg5dQj+1uNLVarLUHBfCzb6+RWevY09hIJqkMafHDYHwwbFDdvZh
+dz3jHdtOksDoObUWKZ/1XJgm/Zg4vw4b2ZfrezCyruo45l/6T2vuaCHsYfF0/hDz
+Ec1Rox1X6gjvbp4IjqA=
+=sFpO
+-----END PGP SIGNATURE-----
diff --git a/dovecot23.changes b/dovecot23.changes
index e95b623..7d06760 100644
--- a/dovecot23.changes
+++ b/dovecot23.changes
@@ -1,3 +1,62 @@
+-------------------------------------------------------------------
+Fri Mar  8 18:09:00 UTC 2019 - Marcus Rueckert <mrueckert@suse.de>
+
+- update to 2.3.5
+  + Lua push notification driver: mail keywords and flags are
+    provided in MessageNew and MessageAppend events.
+  + submission: Implement support for plugins.
+  + auth: When auth_policy_log_only=yes, only log what the policy
+    server response would do without actually doing it.
+  + auth: Always log policy server decisions with auth_verbose=yes
+  - v2.3.[34]: doveadm log errors: Output was missing user/session
+  - lda: Debug log lines could have shown slightly corrupted
+  - login proxy: Login processes may have crashed in various ways
+    when login_proxy_max_disconnect_delay was set.
+  - imap: Fix crash with Maildir+zlib if client disconnects during
+    APPEND
+  - lmtp proxy: Fix potential assert-crash
+  - lmtp/submission: Fix crash when SMTP client transaction times
+    out
+  - submission: Split large XCLIENT commands to 512 bytes per
+    command, so Postfix accepts them.
+  - submission: Fix crash when client sends invalid BURL command
+  - submission: relay backend: VRFY command: Avoid forwarding 500
+    and 502 replies back to client.
+  - lib-http: Fix potential assert-crash when DNS lookup fails
+  - lib-fts: Fix search query generation when one language ignores
+    a token (e.g. via stopwords).
+- update pigeonhole to 0.5.5
+  + IMAPSieve: Add new plugin/imapsieve_expunge_discarded setting
+    which causes messages discarded by an IMAPSieve script to be
+    expunged immediately, rather than only being marked as
+    "\Deleted" (which is still the default behavior).
+  - IMAPSieve: Fix panic crash occurring when a COPY command copies
+    messages from a virtual mailbox where the source messages
+    originate from more than a single real mailbox.
+  - imap4flags extension: Fix deleting all keywords. When the
+    action resulted in all keywords being removed, no changes were
+    actually applied.
+  - variables extension: Fix truncation of UTF-8 variable content.
+    The maximum size of Sieve variables was enforced by truncating
+    the variable string content bluntly at the limit, but this does
+    not consider UTF-8 code point boundaries. This resulted in
+    broken UTF-8 strings. This problem also surfaced for variable
+    modifiers, such as the ":encodeurl" modifier provided by the
+    Sieve "enotify" extension. In that case, the resulting URI
+    escaping could also be truncated inappropriately.
+  - IMAPSieve, IMAP FILTER=SIEVE: Fix replacing a modified message.
+    Sieve scripts running in IMAPSIEVE or IMAP FILTER=SIEVE context
+    that modify the message, stored the message a second time,
+    rather than replacing the originally stored unmodified message.
+  - Fix segmentation fault occurring when both the
+    sieve_extprograms plugin (for the Sieve interpreter) and the
+    imap_filter_sieve plugin (for IMAP) are loaded at the same
+    time. A symbol was defined by both plugins, causing a clash
+    when both were loaded.
+- drop patches which were backports
+  - 10048229...de42b54a.patch
+  - 3c5101ffdd2a8115e03ed7180d53578765dea4c9.patch
+
 -------------------------------------------------------------------
 Tue Feb  5 13:45:52 UTC 2019 - Marcus Rueckert <mrueckert@suse.de>
 
diff --git a/dovecot23.spec b/dovecot23.spec
index fbf9431..48252f0 100644
--- a/dovecot23.spec
+++ b/dovecot23.spec
@@ -17,11 +17,11 @@
 
 
 Name:           dovecot23
-Version:        2.3.4.1
+Version:        2.3.5
 Release:        0
 %define pkg_name dovecot
-%define dovecot_version 2.3.4.1
-%define dovecot_pigeonhole_version 0.5.4
+%define dovecot_version 2.3.5
+%define dovecot_pigeonhole_version 0.5.5
 %define dovecot_branch  2.3
 %define dovecot_pigeonhole_source_dir %{pkg_name}-%{dovecot_branch}-pigeonhole-%{dovecot_pigeonhole_version}
 %define dovecot_pigeonhole_docdir     %{_docdir}/%{pkg_name}/dovecot-pigeonhole
@@ -137,8 +137,6 @@ Source11:       http://pigeonhole.dovecot.org/releases/%{dovecot_branch}/%{dovec
 Source12:       dovecot23.keyring
 Patch:          dovecot-2.3.0-dont_use_etc_ssl_certs.patch
 Patch1:         dovecot-2.3.0-better_ssl_defaults.patch
-Patch2:         10048229...de42b54a.patch
-Patch3:         3c5101ffdd2a8115e03ed7180d53578765dea4c9.patch
 Summary:        IMAP and POP3 Server Written Primarily with Security in Mind
 License:        BSD-3-Clause AND LGPL-2.1-or-later AND MIT
 Group:          Productivity/Networking/Email/Servers
@@ -318,8 +316,6 @@ dovecot tree.
 %setup -q -n %{pkg_name}-%{dovecot_version} -a 1
 %patch -p1
 %patch1 -p1
-%patch2 -p1
-%patch3 -p1
 gzip -9v ChangeLog
 # Fix plugins dir.
 sed -i 's|#mail_plugin_dir = /usr/lib/dovecot|mail_plugin_dir = %{_libdir}/dovecot/modules|' doc/example-config/conf.d/10-mail.conf

From 5865d4af034a2ca00ed5f665559692b610bccb88608d55822789beafb7005f48 Mon Sep 17 00:00:00 2001
From: Marcus Rueckert <mrueckert@suse.com>
Date: Thu, 28 Mar 2019 12:47:57 +0000
Subject: [PATCH 2/2] - update to 2.3.5.1   * CVE-2019-7524: Missing input
 buffer size validation leads into     arbitrary buffer overflow when reading
 fts or pop3 uidl header     from Dovecot index. Exploiting this requires
 direct write     access to the index files.

OBS-URL: https://build.opensuse.org/package/show/server:mail/dovecot23?expand=0&rev=41
---
 dovecot-2.3.5.1.tar.gz     |  3 +++
 dovecot-2.3.5.1.tar.gz.sig | 17 +++++++++++++++++
 dovecot-2.3.5.tar.gz       |  3 ---
 dovecot-2.3.5.tar.gz.sig   | 17 -----------------
 dovecot23.changes          |  9 +++++++++
 dovecot23.spec             |  4 ++--
 6 files changed, 31 insertions(+), 22 deletions(-)
 create mode 100644 dovecot-2.3.5.1.tar.gz
 create mode 100644 dovecot-2.3.5.1.tar.gz.sig
 delete mode 100644 dovecot-2.3.5.tar.gz
 delete mode 100644 dovecot-2.3.5.tar.gz.sig

diff --git a/dovecot-2.3.5.1.tar.gz b/dovecot-2.3.5.1.tar.gz
new file mode 100644
index 0000000..98008e0
--- /dev/null
+++ b/dovecot-2.3.5.1.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:d78f9d479e3b2caa808160f86bfec1c9c7b46344d8b14b88f5fa9bbbf8c7c33f
+size 6953150
diff --git a/dovecot-2.3.5.1.tar.gz.sig b/dovecot-2.3.5.1.tar.gz.sig
new file mode 100644
index 0000000..fdf1864
--- /dev/null
+++ b/dovecot-2.3.5.1.tar.gz.sig
@@ -0,0 +1,17 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQJLBAABCAA1FiEEK+dKqz7nVN+5yA0zGKNIru1AnaEFAlyYoFMXHGRvdmVjb3Qt
+Y2VAZG92ZWNvdC5vcmcACgkQGKNIru1AnaHamhAAkKY08CH7HxUio95L4d2IUS7t
+W7XsCahhsAmhGWyCVTheT2o/3AVPuKW++6nomKwuFmPJFrFdFVmVAhX9tjyNcgHJ
+YGH1IKy0DrV0RKAkYSvJcooyWXaqejTEQ7E/Ad94ldhGF1twa8xX+8Hr/1QY9cnB
+1YuqczirsaU+fI9wBc4Dogt3RfA/r36/jGQKNlQYxf9/KTSV1QXtqKQRQWaBsDni
+W4+ovuXlVNB3B5/aKUylsxHHUWYX5Ls4kk6+qpdKqTw9/WImuWPy7x5byRR3ycIP
+EI31S1LjipM/oe/o0VKHserJCAf8Wkvj8f1t6ZzYFY7LQwj0Lge0FQ8jVctBhv+P
+mFtX3L/tv7GN7k+nsH27jCFPfTlyGD9kN2UivUIXsiDkgRJI3ifcDvIuF1VnEybD
++IQksd3eMCHfV9NnFcIy4X7FiHxTz1S2FTFlb8nbr1CirehV4WJt5x27FDZjVHXP
+mAvRY/iNkzRWEHbrTrgb9I9OUA5mXE2v3lox7WIPJwh+Nc8USS8/O0jFXPE7am5x
+SspQ+2ZAOhLja2fp7wLZR2vxMXyjXAFT0teGoTq67fTPX8OKDgbNjFCKR4ROJKU8
+d33KfXt8N4MPi6F9LZTm352248+jFUI4tXV7eJp6Aw9k8jje9OJzBfPYIdBgd2rD
+EBi+rfFY/GcORlMO6Wc=
+=RY2x
+-----END PGP SIGNATURE-----
diff --git a/dovecot-2.3.5.tar.gz b/dovecot-2.3.5.tar.gz
deleted file mode 100644
index 1fcf334..0000000
--- a/dovecot-2.3.5.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:bfe112ec6d11f7d6c6f7f0440e3b6e2c840c15cec1e99466b5495765d54aaaff
-size 6970480
diff --git a/dovecot-2.3.5.tar.gz.sig b/dovecot-2.3.5.tar.gz.sig
deleted file mode 100644
index 1dc6677..0000000
--- a/dovecot-2.3.5.tar.gz.sig
+++ /dev/null
@@ -1,17 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iQJLBAABCAA1FiEEK+dKqz7nVN+5yA0zGKNIru1AnaEFAlx+afoXHGRvdmVjb3Qt
-Y2VAZG92ZWNvdC5vcmcACgkQGKNIru1AnaGmvQ/8D5tOni6a8HJaGF1KlQ1ubMhJ
-CkFWGSNJ5x0UCycCsqgEOMmDPL7Euf9LLwmKgb8FHTWc96TexyiM+n+VXuzaH2yN
-J6UXLrUqtOybKt1kTOmy8L14tcZG9eBq8V3ycogyuXe2qnucVJjr8D1MS3UX4xsV
-ly1Zqcwky8RrUVTcTlbEwjoYUJY75NNeoTEKG/Eq3xwiDSTzh2/JQuhO/wP89ZDW
-8H681rHEGQImzYUVlMMYqeUvgqATVn/pwpDp1ov4/K52vQTfY3vX6xYnE+lQ5cg0
-LzXokkBS54CsVCg7XwqfMpTjEOfpOLSbwCE+Ujak/xIvzz1Fg7sn1XL9oIYaZg5R
-2IU9lmWkzscPiBfz57knOyB/jiNJjSHYEFlgrVjskqId5xfLdkFN/VNeI7LDWNC/
-sKHgRy92EwOVi9gQM8FRTmnsDyfpeSZ5DW8FaNr4iRg8RYfqjwSs1xTH6mzD1hcX
-RodblVxxEWB4uFj/0lY0J60Mad63l+xrsv4NEpnxFRQknoINyWNWM5JHRJjoW2rS
-XGUh8XZWsCiNVg5dQj+1uNLVarLUHBfCzb6+RWevY09hIJqkMafHDYHwwbFDdvZh
-dz3jHdtOksDoObUWKZ/1XJgm/Zg4vw4b2ZfrezCyruo45l/6T2vuaCHsYfF0/hDz
-Ec1Rox1X6gjvbp4IjqA=
-=sFpO
------END PGP SIGNATURE-----
diff --git a/dovecot23.changes b/dovecot23.changes
index 7d06760..99bf0f3 100644
--- a/dovecot23.changes
+++ b/dovecot23.changes
@@ -1,3 +1,12 @@
+-------------------------------------------------------------------
+Thu Mar 28 12:36:55 UTC 2019 - Marcus Rueckert <mrueckert@suse.de>
+
+- update to 2.3.5.1
+  * CVE-2019-7524: Missing input buffer size validation leads into
+    arbitrary buffer overflow when reading fts or pop3 uidl header
+    from Dovecot index. Exploiting this requires direct write
+    access to the index files.
+
 -------------------------------------------------------------------
 Fri Mar  8 18:09:00 UTC 2019 - Marcus Rueckert <mrueckert@suse.de>
 
diff --git a/dovecot23.spec b/dovecot23.spec
index 48252f0..f906d90 100644
--- a/dovecot23.spec
+++ b/dovecot23.spec
@@ -17,10 +17,10 @@
 
 
 Name:           dovecot23
-Version:        2.3.5
+Version:        2.3.5.1
 Release:        0
 %define pkg_name dovecot
-%define dovecot_version 2.3.5
+%define dovecot_version 2.3.5.1
 %define dovecot_pigeonhole_version 0.5.5
 %define dovecot_branch  2.3
 %define dovecot_pigeonhole_source_dir %{pkg_name}-%{dovecot_branch}-pigeonhole-%{dovecot_pigeonhole_version}