From owner-svn-ports-head@freebsd.org  Thu Mar 28 12:24:42 2019
Return-Path: <owner-svn-ports-head@freebsd.org>
Delivered-To: svn-ports-head@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id C25B6155B535;
 Thu, 28 Mar 2019 12:24:42 +0000 (UTC) (envelope-from ler@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 server-signature RSA-PSS (4096 bits)
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 68B7A6E1FF;
 Thu, 28 Mar 2019 12:24:42 +0000 (UTC) (envelope-from ler@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 3BB3F1F19E;
 Thu, 28 Mar 2019 12:24:42 +0000 (UTC) (envelope-from ler@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id x2SCOgwm018349;
 Thu, 28 Mar 2019 12:24:42 GMT (envelope-from ler@FreeBSD.org)
Received: (from ler@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id x2SCOfbA018347;
 Thu, 28 Mar 2019 12:24:41 GMT (envelope-from ler@FreeBSD.org)
Message-Id: <201903281224.x2SCOfbA018347@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: ler set sender to ler@FreeBSD.org
 using -f
From: Larry Rosenman <ler@FreeBSD.org>
Date: Thu, 28 Mar 2019 12:24:41 +0000 (UTC)
To: ports-committers@freebsd.org, svn-ports-all@freebsd.org,
 svn-ports-head@freebsd.org
Subject: svn commit: r497015 - head/mail/dovecot
X-SVN-Group: ports-head
X-SVN-Commit-Author: ler
X-SVN-Commit-Paths: head/mail/dovecot
X-SVN-Commit-Revision: 497015
X-SVN-Commit-Repository: ports
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Rspamd-Queue-Id: 68B7A6E1FF
X-Spamd-Bar: --
Authentication-Results: mx1.freebsd.org
X-Spamd-Result: default: False [-2.98 / 15.00];
 local_wl_from(0.00)[FreeBSD.org];
 NEURAL_HAM_MEDIUM(-1.00)[-0.996,0];
 NEURAL_HAM_LONG(-1.00)[-1.000,0];
 NEURAL_HAM_SHORT(-0.98)[-0.979,0];
 ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US]
X-BeenThere: svn-ports-head@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: SVN commit messages for the ports tree for head
 <svn-ports-head.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-ports-head>, 
 <mailto:svn-ports-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-ports-head/>
List-Post: <mailto:svn-ports-head@freebsd.org>
List-Help: <mailto:svn-ports-head-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-ports-head>,
 <mailto:svn-ports-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 28 Mar 2019 12:24:42 -0000

Author: ler
Date: Thu Mar 28 12:24:41 2019
New Revision: 497015
URL: https://svnweb.freebsd.org/changeset/ports/497015

Log:
  mail/dovecot: upgrade to 2.3.5.1.
  
      * CVE-2019-7524: Missing input buffer size validation leads into
        arbitrary buffer overflow when reading fts or pop3 uidl header
        from Dovecot index. Exploiting this requires direct write access to
        the index files.
  
  MFH:		2019Q1
  Security:	CVE-2019-7524

Modified:
  head/mail/dovecot/Makefile
  head/mail/dovecot/distinfo

Modified: head/mail/dovecot/Makefile
==============================================================================
--- head/mail/dovecot/Makefile	Thu Mar 28 12:21:36 2019	(r497014)
+++ head/mail/dovecot/Makefile	Thu Mar 28 12:24:41 2019	(r497015)
@@ -7,8 +7,7 @@
 ######################################################################
 
 PORTNAME=	dovecot
-PORTVERSION=	2.3.5
-PORTREVISION=	1
+PORTVERSION=	2.3.5.1
 CATEGORIES=	mail ipv6
 MASTER_SITES=	https://www.dovecot.org/releases/2.3/
 

Modified: head/mail/dovecot/distinfo
==============================================================================
--- head/mail/dovecot/distinfo	Thu Mar 28 12:21:36 2019	(r497014)
+++ head/mail/dovecot/distinfo	Thu Mar 28 12:24:41 2019	(r497015)
@@ -1,3 +1,3 @@
-TIMESTAMP = 1551804380
-SHA256 (dovecot-2.3.5.tar.gz) = bfe112ec6d11f7d6c6f7f0440e3b6e2c840c15cec1e99466b5495765d54aaaff
-SIZE (dovecot-2.3.5.tar.gz) = 6970480
+TIMESTAMP = 1553773734
+SHA256 (dovecot-2.3.5.1.tar.gz) = d78f9d479e3b2caa808160f86bfec1c9c7b46344d8b14b88f5fa9bbbf8c7c33f
+SIZE (dovecot-2.3.5.1.tar.gz) = 6953150