svn commit: r499451 - branches/2019Q2/mail/dovecot
Larry Rosenman
ler at FreeBSD.org
Sat Apr 20 15:46:23 UTC 2019
Author: ler
Date: Sat Apr 20 15:46:22 2019
New Revision: 499451
URL: https://svnweb.freebsd.org/changeset/ports/499451
Log:
MFH: r499273
mail/dovecot: upgrade to 2.3.5.2
* CVE-2019-10691: Trying to login with 8bit username containing
invalid UTF8 input causes auth process to crash if auth policy is
enabled. This could be used rather easily to cause a DoS. Similar
crash also happens during mail delivery when using invalid UTF8 in
From or Subject header when OX push notification driver is used.
Security: CVE-2019-10691
Approved by: ports-secteam (miwi)
Modified:
branches/2019Q2/mail/dovecot/Makefile
branches/2019Q2/mail/dovecot/distinfo
Directory Properties:
branches/2019Q2/ (props changed)
Modified: branches/2019Q2/mail/dovecot/Makefile
==============================================================================
--- branches/2019Q2/mail/dovecot/Makefile Sat Apr 20 15:41:33 2019 (r499450)
+++ branches/2019Q2/mail/dovecot/Makefile Sat Apr 20 15:46:22 2019 (r499451)
@@ -7,7 +7,7 @@
######################################################################
PORTNAME= dovecot
-PORTVERSION= 2.3.5.1
+PORTVERSION= 2.3.5.2
CATEGORIES= mail ipv6
MASTER_SITES= https://www.dovecot.org/releases/2.3/
Modified: branches/2019Q2/mail/dovecot/distinfo
==============================================================================
--- branches/2019Q2/mail/dovecot/distinfo Sat Apr 20 15:41:33 2019 (r499450)
+++ branches/2019Q2/mail/dovecot/distinfo Sat Apr 20 15:46:22 2019 (r499451)
@@ -1,3 +1,3 @@
-TIMESTAMP = 1553773734
-SHA256 (dovecot-2.3.5.1.tar.gz) = d78f9d479e3b2caa808160f86bfec1c9c7b46344d8b14b88f5fa9bbbf8c7c33f
-SIZE (dovecot-2.3.5.1.tar.gz) = 6953150
+TIMESTAMP = 1555598613
+SHA256 (dovecot-2.3.5.2.tar.gz) = ba14e41aefd81a868a35b83bcb54194116106424d37690519b50ea83c0f31bf2
+SIZE (dovecot-2.3.5.2.tar.gz) = 6953228
More information about the svn-ports-all
mailing list