svn commit: r499273 - head/mail/dovecot
Larry Rosenman
ler at FreeBSD.org
Thu Apr 18 15:22:07 UTC 2019
Author: ler
Date: Thu Apr 18 15:22:06 2019
New Revision: 499273
URL: https://svnweb.freebsd.org/changeset/ports/499273
Log:
mail/dovecot: upgrade to 2.3.5.2
* CVE-2019-10691: Trying to login with 8bit username containing
invalid UTF8 input causes auth process to crash if auth policy is
enabled. This could be used rather easily to cause a DoS. Similar
crash also happens during mail delivery when using invalid UTF8 in
From or Subject header when OX push notification driver is used.
MFH: 2019Q2
Security: CVE-2019-10691
Modified:
head/mail/dovecot/Makefile
head/mail/dovecot/distinfo
Modified: head/mail/dovecot/Makefile
==============================================================================
--- head/mail/dovecot/Makefile Thu Apr 18 15:21:04 2019 (r499272)
+++ head/mail/dovecot/Makefile Thu Apr 18 15:22:06 2019 (r499273)
@@ -7,7 +7,7 @@
######################################################################
PORTNAME= dovecot
-PORTVERSION= 2.3.5.1
+PORTVERSION= 2.3.5.2
CATEGORIES= mail ipv6
MASTER_SITES= https://www.dovecot.org/releases/2.3/
Modified: head/mail/dovecot/distinfo
==============================================================================
--- head/mail/dovecot/distinfo Thu Apr 18 15:21:04 2019 (r499272)
+++ head/mail/dovecot/distinfo Thu Apr 18 15:22:06 2019 (r499273)
@@ -1,3 +1,3 @@
-TIMESTAMP = 1553773734
-SHA256 (dovecot-2.3.5.1.tar.gz) = d78f9d479e3b2caa808160f86bfec1c9c7b46344d8b14b88f5fa9bbbf8c7c33f
-SIZE (dovecot-2.3.5.1.tar.gz) = 6953150
+TIMESTAMP = 1555598613
+SHA256 (dovecot-2.3.5.2.tar.gz) = ba14e41aefd81a868a35b83bcb54194116106424d37690519b50ea83c0f31bf2
+SIZE (dovecot-2.3.5.2.tar.gz) = 6953228
More information about the svn-ports-all
mailing list