Accepting request 773697 from home:adkorte:branches:server:mail

- update to 2.3.9.3 * CVE-2020-7046: Truncated UTF-8 can be used to DoS submission-login and lmtp processes. * CVE-2020-7957: Specially crafted mail can crash snippet generation. OBS-URL: https://build.opensuse.org/request/show/773697 OBS-URL: https://build.opensuse.org/package/show/server:mail/dovecot23?expand=0&rev=63
2020-02-12 23:17:47 +00:00 · 2020-02-12 23:17:47 +00:00 · 5ab2c237ea
commit 5ab2c237ea
parent b4cecef615
6 changed files with 30 additions and 22 deletions
--- a/dovecot-2.3.9.2.tar.gz
+++ b/dovecot-2.3.9.2.tar.gz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:4784fb98dd41b83888e4aa9908efcbcad2e04a254e97440863903c0c498486f9
-size 7182306
--- a/dovecot-2.3.9.2.tar.gz.sig
+++ b/dovecot-2.3.9.2.tar.gz.sig
@ -1,17 +0,0 @@
-----BEGIN PGP SIGNATURE-----
-
-iQJLBAABCAA1FiEEK+dKqz7nVN+5yA0zGKNIru1AnaEFAl3zk+0XHGRvdmVjb3Qt
-Y2VAZG92ZWNvdC5vcmcACgkQGKNIru1AnaF8Ug/+LJkNfjvKArSpsnJLhG4Dji8r
-cC4cfHiCLzrNmIgqGlog5o7k8tsT+hTFjd4TGBT5F/pdS2guyk2tEXsRNYV75I7W
-k7GG06bfA9tJYXQJPDiFVpkkVvU+eh447k8GeN8r78+LRYbRUe8Xa+AHBZJ6oj22
-/hn1rHPRpWOEKhuzFOSiIRgv4ERxXCfT5k59WMeRjYL8Ivqwcb/NnXrQFDYynebi
-X1XpKF3YMNzE43E/NYWgz8Wcqbcf/i3kt2ETCyd4ClzpuPNQKdEGPxdSbaA+pdb7
-0v4Lnun/xUaQGdXb/h/3WklaIIcVIveIMT/KAKVyKzEb+Cz5s5LWE2iwTwNb51mf
-iP+t7FIgJdDXaAaSlIESpS7DFFvKNUnAJixMwMI5aEkB3SkH9UQFnvNhpUu8KMdS
-aVE4SJn493+1PfHdBrc6N5gcP00iCUp1IpKBcbc2kMYYYIjNEGRBsTi5X4PVbrVS
-j2JSxmbrj86DsKfg46Oq9EtH5vn8i1nYU3vIMp5vZy0ahGgeuDt09geqTmAdfauZ
-REiPxe4uaP+ik9PnafmiNwtInZbqnEe6gQJkHCmY5q0N7A1YvFHPAUZZROTjT3W/
-dQiKkjq9tI+ZAZBwFmFIBPIasV0V1iQt7TcB72oPrD0xKXbOkn4OdpAZPYv4KrBY
-Sm1JmoXsbxiZW/sLezs=
-=SKvh
-----END PGP SIGNATURE-----
--- a/dovecot-2.3.9.3.tar.gz
+++ b/dovecot-2.3.9.3.tar.gz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:f89fb69423fc5bdc05955c8fc0607eab9e33511f9a643b721763db6156c49651
+size 7181682
--- a/dovecot-2.3.9.3.tar.gz.sig
+++ b/dovecot-2.3.9.3.tar.gz.sig
@ -0,0 +1,17 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQJLBAABCAA1FiEEK+dKqz7nVN+5yA0zGKNIru1AnaEFAl5DuWYXHGRvdmVjb3Qt
+Y2VAZG92ZWNvdC5vcmcACgkQGKNIru1AnaFiTRAAuqV0oxoDkSaYdv/PP4Jws2+y
+PnYLx1SXJG1jrgFtdnzfd5UNZh0PiWt9fZkUy2yOMIzbzvsNw683jlhNBYhm+rwm
+vDQ6Mgbse5UNvIte/vNZxXEFRvIHtBYO1gqpF3GbJkUqzWI7h6s5wWNlaoZJHsl9
+WyOsxKWNK0pHkWW1QBzCk291hec9f6ucUY4Sn1pV2tZI1QINyi4n5eaqscLeOFWX
+IvDIlugU5vY2+poM7Dl+O1S85MxoHsNaVBx4bRki5kX27AuNV5RVL/DaVhz6swiq
+nWEqknGshVgPxNf8/ec2/5MpocN6sZi9vNPKCYN/2oO1R2NhkHZC4YNxCKe7zZ/d
+E7tFW0mENhkFhMdUNNVxKAvu/UK3XpMKz3VLGlveZnsyh9a0FwM1NeP7SAMLqX1L
+cQ+Oih/h/gQiiSEDzKI73FcMWSMb0TZ5UmJkYlrq2bC3rhxRaUp3IYCSz5L5chz/
+FjXUjK/468SZQDEPlc3ys9j4cXu1z27ZprAtS/m6pat8fT+G/BVQYG29BBjJackj
+nN7XO6YqnfvMjdMY2j6ryBiOvzFYlYFydLVnc2lzmlEm1crVA46EVIuGCozhqsX5
+nuP0667Oo0Ubh+Q7AxscFqv+0XBBfzKJeacLzJvPpt3FGCXGr+4D1xCDV2sf9evX
+W+hXgkysRIPhDB8kaKw=
+=vJ7N
+-----END PGP SIGNATURE-----
--- a/dovecot23.changes
+++ b/dovecot23.changes
@ -1,3 +1,11 @@
+-------------------------------------------------------------------
+Wed Feb 12 12:24:46 UTC 2020 - Arjen de Korte <suse+build@de-korte.org>
+
+- update to 2.3.9.3
+  * CVE-2020-7046: Truncated UTF-8 can be used to DoS
+    submission-login and lmtp processes.
+  * CVE-2020-7957: Specially crafted mail can crash snippet generation.
+
 -------------------------------------------------------------------
 Sun Dec 22 19:51:09 UTC 2019 - Peter Varkoly <varkoly@suse.com>

--- a/dovecot23.spec
+++ b/dovecot23.spec
@ -19,10 +19,10 @@
 %global _lto_cflags %{nil}

 Name:           dovecot23
-Version:        2.3.9.2
+Version:        2.3.9.3
 Release:        0
 %define pkg_name dovecot
-%define dovecot_version 2.3.9.2
+%define dovecot_version 2.3.9.3
 %define dovecot_pigeonhole_version 0.5.9
 %define dovecot_branch  2.3
 %define dovecot_pigeonhole_source_dir %{pkg_name}-%{dovecot_branch}-pigeonhole-%{dovecot_pigeonhole_version}