Date: Sat, 20 Apr 2019 15:46:22 +0000 (UTC) From: Larry Rosenman <ler@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r499451 - branches/2019Q2/mail/dovecot Message-ID: <201904201546.x3KFkMjk038264@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: ler Date: Sat Apr 20 15:46:22 2019 New Revision: 499451 URL: https://svnweb.freebsd.org/changeset/ports/499451 Log: MFH: r499273 mail/dovecot: upgrade to 2.3.5.2 * CVE-2019-10691: Trying to login with 8bit username containing invalid UTF8 input causes auth process to crash if auth policy is enabled. This could be used rather easily to cause a DoS. Similar crash also happens during mail delivery when using invalid UTF8 in From or Subject header when OX push notification driver is used. Security: CVE-2019-10691 Approved by: ports-secteam (miwi) Modified: branches/2019Q2/mail/dovecot/Makefile branches/2019Q2/mail/dovecot/distinfo Directory Properties: branches/2019Q2/ (props changed) Modified: branches/2019Q2/mail/dovecot/Makefile ============================================================================== --- branches/2019Q2/mail/dovecot/Makefile Sat Apr 20 15:41:33 2019 (r499450) +++ branches/2019Q2/mail/dovecot/Makefile Sat Apr 20 15:46:22 2019 (r499451) @@ -7,7 +7,7 @@ ###################################################################### PORTNAME= dovecot -PORTVERSION= 2.3.5.1 +PORTVERSION= 2.3.5.2 CATEGORIES= mail ipv6 MASTER_SITES= https://www.dovecot.org/releases/2.3/ Modified: branches/2019Q2/mail/dovecot/distinfo ============================================================================== --- branches/2019Q2/mail/dovecot/distinfo Sat Apr 20 15:41:33 2019 (r499450) +++ branches/2019Q2/mail/dovecot/distinfo Sat Apr 20 15:46:22 2019 (r499451) @@ -1,3 +1,3 @@ -TIMESTAMP = 1553773734 -SHA256 (dovecot-2.3.5.1.tar.gz) = d78f9d479e3b2caa808160f86bfec1c9c7b46344d8b14b88f5fa9bbbf8c7c33f -SIZE (dovecot-2.3.5.1.tar.gz) = 6953150 +TIMESTAMP = 1555598613 +SHA256 (dovecot-2.3.5.2.tar.gz) = ba14e41aefd81a868a35b83bcb54194116106424d37690519b50ea83c0f31bf2 +SIZE (dovecot-2.3.5.2.tar.gz) = 6953228
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201904201546.x3KFkMjk038264>