Date: Thu, 2 May 2019 18:02:41 +0000 (UTC) From: Larry Rosenman <ler@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r500671 - in branches/2019Q2/mail: dovecot dovecot-pigeonhole dovecot/files Message-ID: <201905021802.x42I2fwE021363@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: ler Date: Thu May 2 18:02:40 2019 New Revision: 500671 URL: https://svnweb.freebsd.org/changeset/ports/500671 Log: MFH: r500569 mail/dovecot, mail/dovecot-pigeonhole: upgrade to 2.3.6, 0.5.6 respectively. Dovecot changelog: * CVE-2019-11494: Submission-login crashed with signal 11 due to null pointer access when authentication was aborted by disconnecting. * CVE-2019-11499: Submission-login crashed when authentication was started over TLS secured channel and invalid authentication message was sent. * auth: Support password grant with passdb oauth2. + Use system default CAs for outbound TLS connections. + Simplify array handling with new helper macros. + fts_solr: Enable configuring batch_size and soft_commit features. - lmtp/submission: Fixed various bugs in XCLIENT handling, including a hang when XCLIENT commands were sent infinitely to the remote server. - lmtp/submission: Forwarded multi-line replies were erroneously sent as two replies to the client. - lib-smtp: client: Message was not guaranteed to contain CRLF consistently when CHUNKING was used. - fts_solr: Plugin was no longer compatible with Solr 7. - Make it possible to disable certificate checking without setting ssl_client_ca_* settings. - pop3c: SSL support was broken. - mysql: Closing connection twice lead to crash on some systems. - auth: Multiple oauth2 passdbs crashed auth process on deinit. - HTTP client connection errors infrequently triggered a segmentation fault when the connection was idle and not used for a particular client instance. Pigeonhole changelog: + sieve: Redirect loop prevention is sometimes ineffective. Improve existing loop detection by also recognizing the X-Sieve-Redirected-From header in incoming messages and dropping redirect actions when it points to the sending account. This header is already added by the redirect action, so this improvement only adds an additional use of this header. - sieve: Prevent execution of implicit keep upon temporary failure occurring at runtime. Security: CVE-2019-11494 Security: CVE-2019-11499 Approved by: ports-secteam (miwi) Deleted: branches/2019Q2/mail/dovecot/files/patch-src_lib-sql_driver-mysql.c Modified: branches/2019Q2/mail/dovecot-pigeonhole/Makefile branches/2019Q2/mail/dovecot-pigeonhole/distinfo branches/2019Q2/mail/dovecot/Makefile branches/2019Q2/mail/dovecot/distinfo branches/2019Q2/mail/dovecot/files/patch-src_lib-master_test-event-stats.c branches/2019Q2/mail/dovecot/files/patch-src_plugins_fts-solr_solr-connection.c Directory Properties: branches/2019Q2/ (props changed) Modified: branches/2019Q2/mail/dovecot-pigeonhole/Makefile ============================================================================== --- branches/2019Q2/mail/dovecot-pigeonhole/Makefile Thu May 2 17:10:05 2019 (r500670) +++ branches/2019Q2/mail/dovecot-pigeonhole/Makefile Thu May 2 18:02:40 2019 (r500671) @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= dovecot-pigeonhole -PORTVERSION= 0.5.5 +PORTVERSION= 0.5.6 CATEGORIES= mail MASTER_SITES= http://pigeonhole.dovecot.org/releases/${DOVECOTVERSION}/ DISTNAME= ${PORTNAME:C/-/-${DOVECOTVERSION}-/}-${PORTVERSION} @@ -12,8 +12,8 @@ COMMENT= Sieve plugin for the Dovecot 'deliver' LDA an LICENSE= LGPL21 -BUILD_DEPENDS= dovecot>=2.3.5:mail/dovecot -RUN_DEPENDS= dovecot>=2.3.5:mail/dovecot +BUILD_DEPENDS= dovecot>=2.3.6:mail/dovecot +RUN_DEPENDS= dovecot>=2.3.6:mail/dovecot DOVECOTVERSION= 2.3 Modified: branches/2019Q2/mail/dovecot-pigeonhole/distinfo ============================================================================== --- branches/2019Q2/mail/dovecot-pigeonhole/distinfo Thu May 2 17:10:05 2019 (r500670) +++ branches/2019Q2/mail/dovecot-pigeonhole/distinfo Thu May 2 18:02:40 2019 (r500671) @@ -1,3 +1,3 @@ -TIMESTAMP = 1551805776 -SHA256 (dovecot-2.3-pigeonhole-0.5.5.tar.gz) = cbaa106e1c2b23824420efdd6a9f8572c64c8dccf75a3101a899b6ddb25149a5 -SIZE (dovecot-2.3-pigeonhole-0.5.5.tar.gz) = 1847487 +TIMESTAMP = 1556659509 +SHA256 (dovecot-2.3-pigeonhole-0.5.6.tar.gz) = 7c2fe7e23e732a8451172c00da5f19532448c95e03e44d47c61b123e8210f5b8 +SIZE (dovecot-2.3-pigeonhole-0.5.6.tar.gz) = 1854287 Modified: branches/2019Q2/mail/dovecot/Makefile ============================================================================== --- branches/2019Q2/mail/dovecot/Makefile Thu May 2 17:10:05 2019 (r500670) +++ branches/2019Q2/mail/dovecot/Makefile Thu May 2 18:02:40 2019 (r500671) @@ -7,7 +7,7 @@ ###################################################################### PORTNAME= dovecot -PORTVERSION= 2.3.5.2 +PORTVERSION= 2.3.6 CATEGORIES= mail ipv6 MASTER_SITES= https://www.dovecot.org/releases/2.3/ Modified: branches/2019Q2/mail/dovecot/distinfo ============================================================================== --- branches/2019Q2/mail/dovecot/distinfo Thu May 2 17:10:05 2019 (r500670) +++ branches/2019Q2/mail/dovecot/distinfo Thu May 2 18:02:40 2019 (r500671) @@ -1,3 +1,3 @@ -TIMESTAMP = 1555598613 -SHA256 (dovecot-2.3.5.2.tar.gz) = ba14e41aefd81a868a35b83bcb54194116106424d37690519b50ea83c0f31bf2 -SIZE (dovecot-2.3.5.2.tar.gz) = 6953228 +TIMESTAMP = 1556658186 +SHA256 (dovecot-2.3.6.tar.gz) = ed1d8dc1beeae9c6c73deac73a62ef19fe9262fbffd86604a3f690452f5536c7 +SIZE (dovecot-2.3.6.tar.gz) = 6980135 Modified: branches/2019Q2/mail/dovecot/files/patch-src_lib-master_test-event-stats.c ============================================================================== --- branches/2019Q2/mail/dovecot/files/patch-src_lib-master_test-event-stats.c Thu May 2 17:10:05 2019 (r500670) +++ branches/2019Q2/mail/dovecot/files/patch-src_lib-master_test-event-stats.c Thu May 2 18:02:40 2019 (r500671) @@ -1,4 +1,4 @@ ---- src/lib-master/test-event-stats.c.orig 2018-11-23 11:06:49 UTC +--- src/lib-master/test-event-stats.c.orig 2019-04-30 12:25:06 UTC +++ src/lib-master/test-event-stats.c @@ -12,6 +12,7 @@ #include "stats-client.h" @@ -6,5 +6,5 @@ #include <fcntl.h> +#include <signal.h> #include <unistd.h> + #include <signal.h> #include <sys/socket.h> - #include <sys/un.h> Modified: branches/2019Q2/mail/dovecot/files/patch-src_plugins_fts-solr_solr-connection.c ============================================================================== --- branches/2019Q2/mail/dovecot/files/patch-src_plugins_fts-solr_solr-connection.c Thu May 2 17:10:05 2019 (r500670) +++ branches/2019Q2/mail/dovecot/files/patch-src_plugins_fts-solr_solr-connection.c Thu May 2 18:02:40 2019 (r500671) @@ -1,9 +1,9 @@ ---- src/plugins/fts-solr/solr-connection.c.orig 2019-01-02 22:12:57 UTC +--- src/plugins/fts-solr/solr-connection.c.orig 2019-04-30 12:25:06 UTC +++ src/plugins/fts-solr/solr-connection.c -@@ -156,7 +156,7 @@ int solr_connection_init(const char *url, - http_set.request_timeout_msecs = 60*1000; +@@ -156,7 +156,7 @@ int solr_connection_init(const struct fts_solr_setting http_set.ssl = ssl_client_set; - http_set.debug = debug; + http_set.debug = solr_set->debug; + http_set.rawlog_dir = solr_set->rawlog_dir; - solr_http_client = http_client_init(&http_set); + solr_http_client = http_client_init_private(&http_set); }
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201905021802.x42I2fwE021363>