Date: Thu, 18 Apr 2019 15:22:06 +0000 (UTC) From: Larry Rosenman <ler@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r499273 - head/mail/dovecot Message-ID: <201904181522.x3IFM6L1095290@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: ler Date: Thu Apr 18 15:22:06 2019 New Revision: 499273 URL: https://svnweb.freebsd.org/changeset/ports/499273 Log: mail/dovecot: upgrade to 2.3.5.2 * CVE-2019-10691: Trying to login with 8bit username containing invalid UTF8 input causes auth process to crash if auth policy is enabled. This could be used rather easily to cause a DoS. Similar crash also happens during mail delivery when using invalid UTF8 in From or Subject header when OX push notification driver is used. MFH: 2019Q2 Security: CVE-2019-10691 Modified: head/mail/dovecot/Makefile head/mail/dovecot/distinfo Modified: head/mail/dovecot/Makefile ============================================================================== --- head/mail/dovecot/Makefile Thu Apr 18 15:21:04 2019 (r499272) +++ head/mail/dovecot/Makefile Thu Apr 18 15:22:06 2019 (r499273) @@ -7,7 +7,7 @@ ###################################################################### PORTNAME= dovecot -PORTVERSION= 2.3.5.1 +PORTVERSION= 2.3.5.2 CATEGORIES= mail ipv6 MASTER_SITES= https://www.dovecot.org/releases/2.3/ Modified: head/mail/dovecot/distinfo ============================================================================== --- head/mail/dovecot/distinfo Thu Apr 18 15:21:04 2019 (r499272) +++ head/mail/dovecot/distinfo Thu Apr 18 15:22:06 2019 (r499273) @@ -1,3 +1,3 @@ -TIMESTAMP = 1553773734 -SHA256 (dovecot-2.3.5.1.tar.gz) = d78f9d479e3b2caa808160f86bfec1c9c7b46344d8b14b88f5fa9bbbf8c7c33f -SIZE (dovecot-2.3.5.1.tar.gz) = 6953150 +TIMESTAMP = 1555598613 +SHA256 (dovecot-2.3.5.2.tar.gz) = ba14e41aefd81a868a35b83bcb54194116106424d37690519b50ea83c0f31bf2 +SIZE (dovecot-2.3.5.2.tar.gz) = 6953228
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201904181522.x3IFM6L1095290>