From nobody Thu Jul  1 22:45:02 2021
X-Original-To: ports@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 61AF011E379F
	for <ports@mlmmj.nyi.freebsd.org>; Thu,  1 Jul 2021 22:42:31 +0000 (UTC)
	(envelope-from doctor@doctor.nl2k.ab.ca)
Received: from doctor.nl2k.ab.ca (doctor.nl2k.ab.ca [204.209.81.1])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mx1.freebsd.org (Postfix) with ESMTPS id 4GGCs32RH1z3NjS
	for <ports@freebsd.org>; Thu,  1 Jul 2021 22:42:30 +0000 (UTC)
	(envelope-from doctor@doctor.nl2k.ab.ca)
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.94.2 (FreeBSD))
	(envelope-from <doctor@doctor.nl2k.ab.ca>)
	id 1lz5Qc-0006OV-J0; Thu, 01 Jul 2021 16:45:02 -0600
Date: Thu, 1 Jul 2021 16:45:02 -0600
From: The Doctor <doctor@doctor.nl2k.ab.ca>
To: "@lbutlr" <kremels@kreme.com>
Cc: ports@freebsd.org
Subject: Re: Dovecot
Message-ID: <YN5FblFt4bT9Tg0+@doctor.nl2k.ab.ca>
References: <EBF9ECC3-7FAA-4F09-9184-AD97C8659C6A@kreme.com>
List-Id: Porting software to FreeBSD <freebsd-ports.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-ports
List-Help: <mailto:ports+help@freebsd.org>
List-Post: <mailto:ports@freebsd.org>
List-Subscribe: <mailto:ports+subscribe@freebsd.org>
List-Unsubscribe: <mailto:ports+unsubscribe@freebsd.org>
Sender: owner-freebsd-ports@freebsd.org
X-BeenThere: freebsd-ports@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <EBF9ECC3-7FAA-4F09-9184-AD97C8659C6A@kreme.com>
X-Rspamd-Queue-Id: 4GGCs32RH1z3NjS
X-Spamd-Bar: ----
Authentication-Results: mx1.freebsd.org;
	none
X-Spamd-Result: default: False [-4.00 / 15.00];
	 REPLY(-4.00)[]
X-Spam: Yes
X-ThisMailContainsUnwantedMimeParts: N

On Thu, Jul 01, 2021 at 04:21:31PM -0600, @lbutlr wrote:
> The current version of dovecot is 2.3.15. The newest ports version is 2.3.13_1 
> 
> dovecot-2.3.13_1 is vulnerable:
>   dovecot -- multiple vulnerabilities
>   CVE: CVE-2021-33515
>   CVE: CVE-2021-29157
>   WWW: https://vuxml.FreeBSD.org/freebsd/d18f431d-d360-11eb-a32c-00a0989e4ec1.html
> 
> dovecot-pigeonhole-0.5.13 is vulnerable:
>   dovecot-pigeonhole -- Sieve excessive resource usage
>   CVE: CVE-2020-28200
>   WWW: https://vuxml.FreeBSD.org/freebsd/f3fc2b50-d36a-11eb-a32c-00a0989e4ec1.html
> 
> These CVEs were addressed in 2.3.14.1.
> 
> Any idea what the delay is?
> 
> -- 
> Can I borrow your underpants for 10 minutes?
> 
> 

Where is the person responsible for the ports?

-- 
Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca
Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising!
Look at Psalms 14 and 53 on Atheism https://www.empire.kred/ROOTNK?t=94a1f39b  
Muscle, brain, will... all must be exercised if they will be strong.  -unknown Beware https://mindspring.com