pool/dovecot24
SHA256
17
0
Fork 0
Code Issues Pull Requests Activity
Files
factory
dovecot24/dovecot24.keyring
Marcus Rueckert cc01911aa8 - Update to 2.4.0 
https://github.com/dovecot/core/releases/tag/2.4.0
  https://github.com/dovecot/pigeonhole/releases/tag/2.4.0
  New 2.4 packages are not compatible with old 2.3 configuration,
  please carefully review
  https://doc.dovecot.org/2.4.0/installation/upgrade/2.3-to-2.4.html
  before installing the new packages.
  https://doc.dovecot.org/2.4.0/installation/installation.html

- Add dovecot-link-icu76.patch: configure: Explicitly check for icu-uc
  Ensure we link against libicu-uc when it's split in v76
  (boo#1233582).
- Call autoreconf in build section, as above patch touches the
  build system.

- update to 2.3.21.1 and pigeonhole 0.5.21.1
  Dovecot 2.3.21.1
  - CVE-2024-23184: A large number of address headers in email resulted
    in excessive CPU usage. [boo#1229184]
  - CVE-2024-23185: Abnormally large email headers are now truncated or
    discarded, with a limit of 10MB on a single header and 50MB for all
    the headers of all the parts of an email. [boo#1229183]
  - oauth2: Dovecot would send client_id and client_secret as POST parameters
    to introspection server. These need to be optionally in Basic auth
    instead as required by OIDC specification.
  - oauth2: JWT key type check was too strict.
  - oauth2: JWT token audience was not validated against client_id as
    required by OIDC specification.
  - oauth2: XOAUTH2 and OAUTHBEARER mechanisms were not giving out
    protocol specific error message on all errors. This broke OIDC discovery.

OBS-URL: https://build.opensuse.org/package/show/server:mail/dovecot24?expand=0&rev=1
2025-01-24 21:26:53 +00:00

26 lines
1.4 KiB
Plaintext
Raw Permalink Blame History

-----BEGIN PGP PUBLIC KEY BLOCK-----
mDMEZ49ZxhYJKwYBBAHaRw8BAQdABhVJFqsoq7gZeXhY/xcz5Vc0i+vM/Df8RDSW
lzPHsoC0MkRvdmVjb3QgQ29tbXVuaXR5IEVkaXRpb24gPGRvdmVjb3QtY2VAZG92
ZWNvdC5vcmc+iJAEExYIADgWIQTvCIIHn9TtMr+LI7KhsJ74TtxSGQUCZ49ZxgIb
AwULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRChsJ74TtxSGUgvAP9gNC6pZKBV
micPYvE2UOTvX8WoEcjWI1UptTxFsHXOjwEA6DZiPoPn9Vvl4PuyG8TavjDslOL8
pfn+XKZho2WoAgSJAjMEEAEKAB0WIQQr50qrPudU37nIDTMYo0iu7UCdoQUCZ49a
xgAKCRAYo0iu7UCdoVPOD/452ZnhEYW2/VxgDmD7DNaaxdfL/vKifc9MP2sJm+a2
T95zHpm/erV2xw3gPpKcLuMaPhkexf6MMhoh9GnUnwEuoOfMWhMAn26RNPFvuUL0
a73qoxRY9D+Q/PUNjNsNFj/3c8VIC3DeQhO77wVblLWr9+7J9GrzKtBCkb7zC5Xf
8zjLkCWZ15S0kVKNvBsZzEzLYVN/+Kk1s1WP4x1gnQdPm8N7+b4XAQSOUXLjkL5S
vGyIUuHwnYHQJeH51L+q8SpzEr59K9OiVYOCm0ICl28xjOjIC9Ym7a8W5Xa5new3
ScxNeTuxRItYeDyxXi+YIYGHWYGjmppmlq3VksXirUHfgNoipVSbmGxCukShSsfH
f/40iO8DRFRnsUN2lzN4TCcT1ayQvKoyMFuoXQJonuLdbc7E+YLNIPsW66+aoAuW
g+5j2QFMFxAJS9IoTCsVQv52MuCj2X5KgwmBcYSgWGpoog9Yx+aaVQQ+X++9FX8r
RcnyOGOBaA6htH4g1kUOWwZ/NxObRiA7QLo4Rz6CJrU7ueRIaeSCCXTxCb5dJDeE
IB1MZh1artKZ6Rko+cv/Vy0Ojb0JfPDDoQyhblPIXhlJN8/4zFCjxilMDA9CTAB6
kY1TVGp138CDnJHZvCdvbrlWf7ktw3+CGKQsZq96Jf756L28dTA42E+WqCBFMZna
V7g4BGePWcYSCisGAQQBl1UBBQEBB0A50U//EHUvujYRMNqQ3XMVt8lxU7HtdmsH
Bamh6BjmLgMBCAeIeAQYFggAIBYhBO8Iggef1O0yv4sjsqGwnvhO3FIZBQJnj1nG
AhsMAAoJEKGwnvhO3FIZEZQBAKuMI//Cjl38pD68fQfcnIMDV2YnXjvaswe7jbDr
Jyo4AQDr/VanhFwPxSlZ3MKY4PWyLw4Fm9mTT2ofcluFttRsDg==
=eQ4x
-----END PGP PUBLIC KEY BLOCK-----
Reference in New Issue View Git Blame Copy Permalink