Date: Tue, 5 Feb 2019 15:02:36 +0000 (UTC) From: Larry Rosenman <ler@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r492248 - in branches/2019Q1/mail/dovecot: . files Message-ID: <201902051502.x15F2aen050573@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: ler Date: Tue Feb 5 15:02:36 2019 New Revision: 492248 URL: https://svnweb.freebsd.org/changeset/ports/492248 Log: MFH: r489098 r489515 r492245 mail/dovecot: Pick up a mailinglist patch for solr/tika separation. solr and tika currently use the same http client connection. Upstream made the attached patches in response to my (ler@) bug report. Obtained from: upstream mailing list. mail/dovecot: Pick up mailing list patch for imap-preauth vs. stats-writer. see the dovecot mailing list thread on imap-preauth and stats-writer between Stephan Bosch and a FreeBSD user Obtained from: upstream mailing list. mail/dovecot: upgrade to 2.3.4.1 * CVE-2019-3814: If imap/pop3/managesieve/submission client has trusted certificate with missing username field (ssl_cert_username_field), under some configurations Dovecot mistakenly trusts the username provided via authentication instead of failing. * ssl_cert_username_field setting was ignored with external SMTP AUTH, because none of the MTAs (Postfix, Exim) currently send the cert_username field. This may have allowed users with trusted certificate to specify any username in the authentication. This bug didn't affect Dovecot's Submission service. PR: 235523 Submitted by: pascal.christen@hostpoint.ch Security: 1340fcc1-2953-11e9-bc44-a4badb296695 Security: CVE-2019-3814 Approved by: ports-secteam (joneum) Added: branches/2019Q1/mail/dovecot/files/patch-src_lib-master_master-service.c - copied unchanged from r489515, head/mail/dovecot/files/patch-src_lib-master_master-service.c branches/2019Q1/mail/dovecot/files/patch-src_plugins_fts-solr_solr-connection.c - copied unchanged from r489098, head/mail/dovecot/files/patch-src_plugins_fts-solr_solr-connection.c branches/2019Q1/mail/dovecot/files/patch-src_plugins_fts_fts-parser-tika.c - copied unchanged from r489098, head/mail/dovecot/files/patch-src_plugins_fts_fts-parser-tika.c Modified: branches/2019Q1/mail/dovecot/Makefile branches/2019Q1/mail/dovecot/distinfo Directory Properties: branches/2019Q1/ (props changed) Modified: branches/2019Q1/mail/dovecot/Makefile ============================================================================== --- branches/2019Q1/mail/dovecot/Makefile Tue Feb 5 14:54:17 2019 (r492247) +++ branches/2019Q1/mail/dovecot/Makefile Tue Feb 5 15:02:36 2019 (r492248) @@ -7,8 +7,7 @@ ###################################################################### PORTNAME= dovecot -PORTVERSION= 2.3.4 -PORTREVISION= 3 +PORTVERSION= 2.3.4.1 CATEGORIES= mail ipv6 MASTER_SITES= https://www.dovecot.org/releases/2.3/ Modified: branches/2019Q1/mail/dovecot/distinfo ============================================================================== --- branches/2019Q1/mail/dovecot/distinfo Tue Feb 5 14:54:17 2019 (r492247) +++ branches/2019Q1/mail/dovecot/distinfo Tue Feb 5 15:02:36 2019 (r492248) @@ -1,3 +1,3 @@ -TIMESTAMP = 1542984255 -SHA256 (dovecot-2.3.4.tar.gz) = d91b76eff8df6185c1799f1b279f780105bdeeea27e3286b42f4cab18efbef05 -SIZE (dovecot-2.3.4.tar.gz) = 6924178 +TIMESTAMP = 1549377600 +SHA256 (dovecot-2.3.4.1.tar.gz) = b8873e2ce5c33e58963bb7a8d2ff8427c09dbfdd63e13a0b0f4502864043aa07 +SIZE (dovecot-2.3.4.1.tar.gz) = 6925073 Copied: branches/2019Q1/mail/dovecot/files/patch-src_lib-master_master-service.c (from r489515, head/mail/dovecot/files/patch-src_lib-master_master-service.c) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2019Q1/mail/dovecot/files/patch-src_lib-master_master-service.c Tue Feb 5 15:02:36 2019 (r492248, copy of r489515, head/mail/dovecot/files/patch-src_lib-master_master-service.c) @@ -0,0 +1,11 @@ +--- src/lib-master/master-service.c.orig 2019-01-06 17:42:52 UTC ++++ src/lib-master/master-service.c +@@ -341,7 +341,7 @@ master_service_init(const char *name, enum master_serv + if ((flags & MASTER_SERVICE_FLAG_DONT_SEND_STATS) == 0) { + /* Initialize stats-client early so it can see all events. */ + value = getenv(DOVECOT_STATS_WRITER_SOCKET_PATH); +- if (value != NULL) ++ if (value != NULL && *value = '\0') + service->stats_client = stats_client_init(value, FALSE); + } + Copied: branches/2019Q1/mail/dovecot/files/patch-src_plugins_fts-solr_solr-connection.c (from r489098, head/mail/dovecot/files/patch-src_plugins_fts-solr_solr-connection.c) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2019Q1/mail/dovecot/files/patch-src_plugins_fts-solr_solr-connection.c Tue Feb 5 15:02:36 2019 (r492248, copy of r489098, head/mail/dovecot/files/patch-src_plugins_fts-solr_solr-connection.c) @@ -0,0 +1,11 @@ +--- src/plugins/fts-solr/solr-connection.c.orig 2019-01-02 22:12:57 UTC ++++ src/plugins/fts-solr/solr-connection.c +@@ -156,7 +156,7 @@ int solr_connection_init(const char *url, + http_set.request_timeout_msecs = 60*1000; + http_set.ssl = ssl_client_set; + http_set.debug = debug; +- solr_http_client = http_client_init(&http_set); ++ solr_http_client = http_client_init_private(&http_set); + } + + conn->xml_parser = XML_ParserCreate("UTF-8"); Copied: branches/2019Q1/mail/dovecot/files/patch-src_plugins_fts_fts-parser-tika.c (from r489098, head/mail/dovecot/files/patch-src_plugins_fts_fts-parser-tika.c) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2019Q1/mail/dovecot/files/patch-src_plugins_fts_fts-parser-tika.c Tue Feb 5 15:02:36 2019 (r492248, copy of r489098, head/mail/dovecot/files/patch-src_plugins_fts_fts-parser-tika.c) @@ -0,0 +1,11 @@ +--- src/plugins/fts/fts-parser-tika.c.orig 2019-01-02 22:11:26 UTC ++++ src/plugins/fts/fts-parser-tika.c +@@ -77,7 +77,7 @@ tika_get_http_client_url(struct mail_user *user, struc + http_set.request_timeout_msecs = 60*1000; + http_set.ssl = &ssl_set; + http_set.debug = user->mail_debug; +- tika_http_client = http_client_init(&http_set); ++ tika_http_client = http_client_init_private(&http_set); + } + *http_url_r = tuser->http_url; + return 0;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201902051502.x15F2aen050573>