dovecot23

pool/dovecot23

SHA256

Fork 1

9313a0925f Accepting request 1225498 from server:mail factory Ana Guerrero 2024-11-21 14:19:14 +0000
8a0ba165a4 - Add dovecot-link-icu76.patch: configure: Explicitly check for icu-uc Ensure we link against libicu-uc when it's split in v76 (boo#1233582). - Call autoreconf in build section, as above patch touches the build system. devel Marcus Rueckert 2024-11-21 09:30:10 +0000
d84d61e74f Accepting request 1194886 from server:mail Ana Guerrero 2024-08-20 14:15:09 +0000
ff7b3d5db3 - update to 2.3.21.1 and pigeonhole 0.5.21.1 Dovecot 2.3.21.1 - CVE-2024-23184: A large number of address headers in email resulted in excessive CPU usage. [boo#1229184] - CVE-2024-23185: Abnormally large email headers are now truncated or discarded, with a limit of 10MB on a single header and 50MB for all the headers of all the parts of an email. [boo#1229183] - oauth2: Dovecot would send client_id and client_secret as POST parameters to introspection server. These need to be optionally in Basic auth instead as required by OIDC specification. - oauth2: JWT key type check was too strict. - oauth2: JWT token audience was not validated against client_id as required by OIDC specification. - oauth2: XOAUTH2 and OAUTHBEARER mechanisms were not giving out protocol specific error message on all errors. This broke OIDC discovery. - oauth2: JWT aud validation was not performed if aud was missing from token, but was configured on Dovecot. Peter Varkoly 2024-08-20 10:30:04 +0000
fcefb90a43 Accepting request 1123902 from server:mail Ana Guerrero 2023-11-07 20:27:29 +0000
7e3b60358f Accepting request 1123622 from home:dimstar:Factory Dirk Mueller 2023-11-07 10:31:30 +0000
4aba1d61aa Accepting request 1111576 from server:mail Ana Guerrero 2023-09-15 20:05:55 +0000
f739a90376 Accepting request 1111575 from home:adkorte:branches:server:mail Marcus Rueckert 2023-09-15 14:23:31 +0000
a08d42cae4 Accepting request 1075272 from home:marxin:branches:server:mail Marcus Rueckert 2023-03-29 14:27:17 +0000
e109a95089 Accepting request 1074626 from server:mail Dominique Leuenberger 2023-03-27 16:17:25 +0000
011563c0e6 Accepting request 1074621 from home:marxin:branches:server:mail Marcus Rueckert 2023-03-27 09:34:43 +0000
4fb268d6ef Accepting request 1063605 from server:mail Dominique Leuenberger 2023-02-07 17:50:04 +0000
bd41626afb Accepting request 1063508 from home:adkorte:branches:server:mail Dirk Stoecker 2023-02-07 10:24:58 +0000
f1d3b5b296 Accepting request 1045048 from server:mail Dominique Leuenberger 2022-12-24 13:52:04 +0000
e26b83b3e6 Accepting request 1044344 from home:stroeder:network Dirk Mueller 2022-12-23 16:13:10 +0000
c88eb3067e Accepting request 1044022 from server:mail Dominique Leuenberger 2022-12-21 15:07:08 +0000
d3b7eeff46 Accepting request 1043991 from home:thiagomacieira Dirk Mueller 2022-12-21 07:28:56 +0000
522a0c3bf8 Accepting request 984208 from server:mail Dominique Leuenberger 2022-06-23 08:23:26 +0000
aca9b3f546 Accepting request 982632 from home:stroeder:network Marcus Rueckert 2022-06-15 09:21:59 +0000
53f96e344e Accepting request 976134 from server:mail Dominique Leuenberger 2022-05-12 20:58:26 +0000
1ee2e837ae Accepting request 976125 from home:adkorte:branches:server:mail Christian Wittmer 2022-05-10 20:18:42 +0000
a6a8fdfb9d Accepting request 953336 from server:mail Dominique Leuenberger 2022-02-11 22:07:41 +0000
78d92b0077 Accepting request 951413 from home:stroeder:network Marcus Rueckert 2022-02-04 01:43:45 +0000
bddef8057b Accepting request 951384 from server:mail Dominique Leuenberger 2022-02-03 22:16:52 +0000
27be5ff268 Accepting request 951326 from home:dimstar:Factory Dirk Mueller 2022-02-03 21:00:58 +0000
c70acd27d4 Accepting request 950732 from home:dimstar:Factory Dirk Mueller 2022-02-03 12:40:28 +0000
04cc9f5df1 Accepting request 940834 from server:mail Dominique Leuenberger 2021-12-16 08:58:03 +0000
958249c91d Accepting request 940830 from home:favogt:branches:server:mail Peter Varkoly 2021-12-16 08:56:12 +0000
12ede5efbe Accepting request 940573 from server:mail Dominique Leuenberger 2021-12-14 21:02:24 +0000
5c9be102f7 Accepting request 936363 from home:stroeder:network Marcus Rueckert 2021-12-08 02:44:45 +0000
a16673cbb7 Accepting request 912378 from server:mail Richard Brown 2021-08-18 06:55:53 +0000
e60385e579 Accepting request 911327 from home:stroeder:network Marcus Rueckert 2021-08-16 09:39:47 +0000
4c1e9c558b Accepting request 903106 from server:mail Dominique Leuenberger 2021-07-07 16:29:57 +0000
bb5015881c - use lua 5.1 for sle12 Marcus Rueckert 2021-06-22 15:14:08 +0000
4aa711e725 Accepting request 901209 from home:stroeder:network Marcus Rueckert 2021-06-21 17:08:49 +0000
bac18368a8 Accepting request 893339 from server:mail Dominique Leuenberger 2021-05-15 21:16:30 +0000
66ae4aab60 Accepting request 893083 from home:favogt:branches:server:mail Dirk Mueller 2021-05-15 19:51:48 +0000
0c548663d4 Accepting request 878317 from server:mail Dominique Leuenberger 2021-03-11 19:11:38 +0000
572034c16b Accepting request 876725 from home:stroeder:branches:server:mail Marcus Rueckert 2021-03-04 11:59:19 +0000
1f7e4ef9f5 Accepting request 869704 from server:mail Dominique Leuenberger 2021-02-07 14:21:09 +0000
83e56214df Accepting request 869119 from home:adkorte:branches:server:mail Christian Wittmer 2021-02-05 09:43:05 +0000
9633e3d4a6 Accepting request 860321 from server:mail Dominique Leuenberger 2021-01-05 17:13:36 +0000
3d5eb41351 Remove not needed files Peter Varkoly 2021-01-04 19:45:38 +0000
febef4fd55 Accepting request 860209 from home:adkorte:branches:server:mail Peter Varkoly 2021-01-04 16:18:10 +0000
05bb9785d4 Accepting request 850665 from server:mail Dominique Leuenberger 2020-11-25 18:30:04 +0000
c45a5554e7 Accepting request 850375 from home:Guillaume_G:branches:server:mail Peter Varkoly 2020-11-25 07:48:23 +0000
aeadee3317 Accepting request 849256 from server:mail Dominique Leuenberger 2020-11-19 11:00:16 +0000
a14e5a99e9 Accepting request 846304 from home:kukuk:container Peter Varkoly 2020-11-18 10:15:29 +0000
8b267b7029 Accepting request 834633 from server:mail Dominique Leuenberger 2020-09-15 14:34:45 +0000
a55aae303c Accepting request 834577 from home:adkorte Marcus Rueckert 2020-09-15 12:29:29 +0000
c69466d490 Accepting request 832820 from server:mail Dominique Leuenberger 2020-09-08 20:48:59 +0000
42ae3bc819 - libsodium is not strictly required, it is only required for the argon password scheme. This is now no longer supported on sle12 Marcus Rueckert 2020-08-31 15:27:50 +0000
bdd2881250 Accepting request 826276 from server:mail Dominique Leuenberger 2020-08-14 07:33:47 +0000
295de7aafc add bugnumbers Marcus Rueckert 2020-08-13 12:21:40 +0000
e5278c2201 Accepting request 826219 from home:adkorte Marcus Rueckert 2020-08-13 12:18:47 +0000
30655d84fe Accepting request 809014 from server:mail Yuchen Lin 2020-05-26 15:50:29 +0000
b711f39b86 Accepting request 807017 from server:mail Dominique Leuenberger 2020-05-19 12:49:37 +0000
f0df186eb7 - update tls 1.3 patch to allow building with tls 1.0 Marcus Rueckert 2020-05-19 12:05:10 +0000
99d7c3bd24 - add bugnumbers Marcus Rueckert 2020-05-18 16:29:39 +0000
28dac82f7b Accepting request 806987 from home:stroeder:branches:server:mail Marcus Rueckert 2020-05-18 16:25:27 +0000
cfcaf0e22b Accepting request 800837 from server:mail Dominique Leuenberger 2020-05-07 12:55:28 +0000
c112b436c3 Allow setting TLSv1.3 as minimum TLS version Marcus Rueckert 2020-04-29 21:26:47 +0000
c201bf892a Accepting request 785090 from server:mail Dominique Leuenberger 2020-03-16 09:19:02 +0000
21a5cd0499 Accepting request 784360 from home:adkorte:branches:server:mail Dirk Mueller 2020-03-14 16:19:45 +0000
8020d4180f Accepting request 779422 from server:mail Dominique Leuenberger 2020-02-27 13:36:56 +0000
8b548c1efa Accepting request 779407 from home:dimstar:Factory Marcus Rueckert 2020-02-26 13:41:24 +0000
4613f3da69 Accepting request 774042 from server:mail Dominique Leuenberger 2020-02-13 09:13:38 +0000
5ab2c237ea Accepting request 773697 from home:adkorte:branches:server:mail Marcus Rueckert 2020-02-12 23:17:47 +0000
af9359f227 Accepting request 763048 from server:mail Dominique Leuenberger 2020-01-12 22:23:45 +0000
b4cecef615 Accepting request 758889 from home:varkoly:branches:server:mail Wolfgang Rosenauer 2020-01-11 08:39:16 +0000
0e50a65ead Accepting request 757626 from server:mail Dominique Leuenberger 2019-12-18 13:45:44 +0000
75113b87e9 Accepting request 756989 from home:stroeder:branches:server:mail Lars Vogdt 2019-12-17 21:27:17 +0000
7299a27556 Accepting request 748910 from server:mail Dominique Leuenberger 2019-11-15 21:39:40 +0000
5228e3fbb8 Accepting request 746586 from home:adkorte:branches:server:mail Marcus Rueckert 2019-11-08 16:10:55 +0000
c0053f3eff Accepting request 738214 from server:mail Dominique Leuenberger 2019-10-17 10:21:18 +0000
7b89c83568 Accepting request 736329 from home:stroeder:branches:server:mail Marcus Rueckert 2019-10-09 16:25:24 +0000
d0d85ab997 Accepting request 726988 from server:mail Dominique Leuenberger 2019-08-29 15:28:03 +0000
7db7add968 add bugnumbers Marcus Rueckert 2019-08-29 10:35:16 +0000
2cb5006e53 - update to 2.3.7.2 * CVE-2019-11500: IMAP protocol parser does not properly handle NUL byte when scanning data in quoted strings, leading to out of bounds heap memory writes. Found by Nick Roessler and Rafi Rubin. - update pigeonhole to 0.5.7.2 * CVE-2019-11500: ManageSieve protocol parser does not properly handle NUL byte when scanning data in quoted strings, leading to out of bounds heap memory writes. Found by Nick Roessler and Rafi Rubin. - refreshed patches to apply cleanly again: dovecot-2.3.0-better_ssl_defaults.patch dovecot-2.3.0-dont_use_etc_ssl_certs.patch Marcus Rueckert 2019-08-28 17:07:06 +0000
937581144b Accepting request 718437 from server:mail Dominique Leuenberger 2019-07-26 10:40:22 +0000
b0eea71fbb Accepting request 718004 from home:stroeder:branches:server:mail Marcus Rueckert 2019-07-24 13:30:23 +0000
9777cde63e Accepting request 704275 from home:varkoly:branches:server:mail Lars Vogdt 2019-06-17 05:44:13 +0000
1f4f8d23fc Accepting request 699690 from server:mail Dominique Leuenberger 2019-05-02 17:18:31 +0000
6686f19e4a - update pigeonhole to 0.5.6 + sieve: Redirect loop prevention is sometimes ineffective. Improve existing loop detection by also recognizing the X-Sieve-Redirected-From header in incoming messages and dropping redirect actions when it points to the sending account. This header is already added by the redirect action, so this improvement only adds an additional use of this header. - sieve: Prevent execution of implicit keep upon temporary failure occurring at runtime. Marcus Rueckert 2019-04-30 13:50:19 +0000
1f53965469 - update to 2.3.6: (boo#1133624 boo#1133625) * CVE-2019-11494: Submission-login crashed with signal 11 due to null pointer access when authentication was aborted by disconnecting. * CVE-2019-11499: Submission-login crashed when authentication was started over TLS secured channel and invalid authentication message was sent. * auth: Support password grant with passdb oauth2. + Use system default CAs for outbound TLS connections. + Simplify array handling with new helper macros. + fts_solr: Enable configuring batch_size and soft_commit features. - lmtp/submission: Fixed various bugs in XCLIENT handling, including a hang when XCLIENT commands were sent infinitely to the remote server. - lmtp/submission: Forwarded multi-line replies were erroneously sent as two replies to the client. - lib-smtp: client: Message was not guaranteed to contain CRLF consistently when CHUNKING was used. - fts_solr: Plugin was no longer compatible with Solr 7. - Make it possible to disable certificate checking without setting ssl_client_ca_* settings. - pop3c: SSL support was broken. - mysql: Closing connection twice lead to crash on some systems. - auth: Multiple oauth2 passdbs crashed auth process on deinit. - HTTP client connection errors infrequently triggered a segmentation fault when the connection was idle and not used for a particular client instance. - drop https://github.com/dovecot/core/commit/3c5101ffd.patch Marcus Rueckert 2019-04-30 13:41:27 +0000
8b970068e3 - backport https://github.com/dovecot/core/commit/3c5101ffd.patch [PATCH] driver-mysql: Avoid double-closing MySQL connection Marcus Rueckert 2019-04-29 22:20:50 +0000
8d2188ca9a Accepting request 695556 from server:mail Dominique Leuenberger 2019-04-19 16:38:42 +0000
6e450a619d - update to 2.3.5.2 (boo#1132501) * CVE-2019-10691: Trying to login with 8bit username containing invalid UTF8 input causes auth process to crash if auth policy is enabled. This could be used rather easily to cause a DoS. Similar crash also happens during mail delivery when using invalid UTF8 in From or Subject header when OX push notification driver is used. - update to 2.3.5.1 (boo#1130116) Marcus Rueckert 2019-04-18 11:49:39 +0000
bd6ab02f8e Accepting request 689340 from server:mail Dominique Leuenberger 2019-04-04 13:22:16 +0000
5865d4af03 - update to 2.3.5.1 * CVE-2019-7524: Missing input buffer size validation leads into arbitrary buffer overflow when reading fts or pop3 uidl header from Dovecot index. Exploiting this requires direct write access to the index files. Marcus Rueckert 2019-03-28 12:47:57 +0000
be50c964a0 - update to 2.3.5 and pigeonhole to 0.5.5 Marcus Rueckert 2019-03-08 18:12:37 +0000
be1de09640 Accepting request 671912 from server:mail Stephan Kulow 2019-02-06 13:07:20 +0000
850a9b2907 - update to 2.3.4.1 (boo#1123022) * CVE-2019-3814: If imap/pop3/managesieve/submission client has trusted certificate with missing username field (ssl_cert_username_field), under some configurations Dovecot mistakenly trusts the username provided via authentication instead of failing. * ssl_cert_username_field setting was ignored with external SMTP AUTH, because none of the MTAs (Postfix, Exim) currently send the cert_username field. This may have allowed users with trusted certificate to specify any username in the authentication. This bug didn't affect Dovecot's Submission service. Marcus Rueckert 2019-02-05 14:50:04 +0000
0283fb7b23 Accepting request 667410 from server:mail Dominique Leuenberger 2019-01-24 13:12:00 +0000
d6d0b37521 Accepting request 666836 from home:adkorte:branches:openSUSE:Factory Jan Engelhardt 2019-01-21 09:39:59 +0000
b8368d0aab Accepting request 655862 from server:mail Dominique Leuenberger 2018-12-07 13:38:22 +0000
fbdf7e7877 Accepting request 655860 from home:darix:branches:server:mail Andreas Schneider 2018-12-06 17:41:29 +0000
0fe6e1543b Accepting request 653727 from server:mail Dominique Leuenberger 2018-12-04 19:57:36 +0000
16852df8e8 - added 10048229...de42b54a.patch: Fix build failures on TW i586 Marcus Rueckert 2018-11-25 00:21:54 +0000
a5908002a7 - update to 2.3.4 - update pigeonhole to 0.5.4 Marcus Rueckert 2018-11-24 00:58:20 +0000

Commit Graph Select branches Hide Pull Requests devel factory Mono Color

Commit Graph

Select branches

Hide Pull Requests

devel

factory