[packages/dovecot] - up to 2.3.13; fixes CVE-2020-24386
arekm
arekm at pld-linux.org
Tue Jan 5 12:30:20 CET 2021
commit d2bda8e3ac9ccdf2d44a555583d8a50067003a99
Author: Arkadiusz Miśkiewicz <arekm at maven.pl>
Date: Tue Jan 5 12:30:08 2021 +0100
- up to 2.3.13; fixes CVE-2020-24386
dovecot.spec | 10 ++++------
tests.patch | 49 -------------------------------------------------
2 files changed, 4 insertions(+), 55 deletions(-)
---
diff --git a/dovecot.spec b/dovecot.spec
index 50af188..1911a11 100644
--- a/dovecot.spec
+++ b/dovecot.spec
@@ -12,13 +12,13 @@
Summary: IMAP and POP3 server written with security primarily in mind
Summary(pl.UTF-8): Serwer IMAP i POP3 pisany głównie z myślą o bezpieczeństwie
Name: dovecot
-Version: 2.3.11.3
-Release: 2
+Version: 2.3.13
+Release: 1
Epoch: 1
License: MIT (libraries), LGPL v2.1 (the rest)
Group: Networking/Daemons
Source0: http://dovecot.org/releases/2.3/%{name}-%{version}.tar.gz
-# Source0-md5: f06f2272fad04e7b0207f8d00a291f66
+# Source0-md5: f512bf1a4dac9ac994fddfb6bc5068ff
Source1: %{name}.pamd
Source2: %{name}.init
Source3: %{name}.sysconfig
@@ -26,7 +26,6 @@ Source4: %{name}.tmpfiles
Patch0: %{name}-config.patch
Patch1: %{name}-rpath.patch
Patch2: %{name}-shebang.patch
-Patch3: tests.patch
URL: http://dovecot.org/
BuildRequires: autoconf
BuildRequires: automake
@@ -165,7 +164,6 @@ Pakiet programistyczny do tworzenia wtyczek dla Dovecota.
%patch0 -p1
%patch1 -p1
%patch2 -p1
-%patch3 -p1
%{__sed} -i 's,/usr/lib/dovecot,%{_libdir}/dovecot,g' doc/example-config/*.conf doc/example-config/conf.d/*.conf
@@ -300,7 +298,7 @@ if [ "$i" -eq 1 ]; then
echo "Please verify contents of %{_sysconfdir}/%{name}/* files."
fi
-%triggerpostun -- %{name} < 1:2.2.4-2
+# < 1:2.2.4-2
%systemd_trigger dovecot.service dovecot.socket
%files
diff --git a/tests.patch b/tests.patch
deleted file mode 100644
index 9b515e8..0000000
--- a/tests.patch
+++ /dev/null
@@ -1,49 +0,0 @@
-commit a744f282947907c794bd23838775b9124c90b11d
-Author: Aki Tuomi <aki.tuomi at open-xchange.com>
-Date: Thu Aug 13 19:13:04 2020 +0300
-
- auth: test-mech - Fix APOP challenge format
-
-diff --git a/src/auth/test-mech.c b/src/auth/test-mech.c
-index cf0537003..0a030a2be 100644
---- a/src/auth/test-mech.c
-+++ b/src/auth/test-mech.c
-@@ -196,8 +196,8 @@ test_mech_construct_apop_challenge(unsigned int connect_uid, unsigned long *len_
- {
- string_t *apop_challenge = t_str_new(128);
-
-- str_printfa(apop_challenge,"<%lx.%u.%"PRIdTIME_T"", (unsigned long) getpid(),
-- connect_uid, process_start_time+10);
-+ str_printfa(apop_challenge,"<%lx.%lx.%"PRIxTIME_T".", (unsigned long)getpid(),
-+ (unsigned long)connect_uid, process_start_time+10);
- str_append_data(apop_challenge, "\0testuser\0responseoflen16-", 26);
- *len_r = apop_challenge->used;
- return apop_challenge->data;
-commit 68817df1ef029913e9fab9f4da75ba8150c65eb6
-Author: Aki Tuomi <aki.tuomi at open-xchange.com>
-Date: Thu Aug 13 19:13:49 2020 +0300
-
- auth: test-mech - Fix type mismatch
-
-diff --git a/src/auth/test-mech.c b/src/auth/test-mech.c
-index 0a030a2be..0a22ff46d 100644
---- a/src/auth/test-mech.c
-+++ b/src/auth/test-mech.c
-@@ -192,7 +192,7 @@ static void test_mech_handle_challenge(struct auth_request *request,
- }
-
- static inline const unsigned char *
--test_mech_construct_apop_challenge(unsigned int connect_uid, unsigned long *len_r)
-+test_mech_construct_apop_challenge(unsigned int connect_uid, size_t *len_r)
- {
- string_t *apop_challenge = t_str_new(128);
-
-@@ -323,7 +323,7 @@ static void test_mechs(void)
- struct test_case *test_case = &tests[running_test];
- const struct mech_module *mech = test_case->mech;
- struct auth_request *request;
-- const char *testname = t_strdup_printf("auth mech %s %d/%lu",
-+ const char *testname = t_strdup_printf("auth mech %s %d/%zu",
- mech->mech_name,
- running_test+1,
- N_ELEMENTS(tests));
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/dovecot.git/commitdiff/d2bda8e3ac9ccdf2d44a555583d8a50067003a99
More information about the pld-cvs-commit
mailing list