svn commit: r492248 - in branches/2019Q1/mail/dovecot: . files

Larry Rosenman ler at FreeBSD.org
Tue Feb 5 15:02:38 UTC 2019 

Author: ler
Date: Tue Feb  5 15:02:36 2019
New Revision: 492248
URL: https://svnweb.freebsd.org/changeset/ports/492248

Log:
  MFH: r489098 r489515 r492245
  
  mail/dovecot: Pick up a mailinglist patch for solr/tika separation.
  
  solr and tika currently use the same http client connection.  Upstream
  made the attached patches in response to my (ler@) bug report.
  
  Obtained from:	upstream mailing list.
  
  mail/dovecot: Pick up mailing list patch for imap-preauth vs. stats-writer.
  
  see the dovecot mailing list thread on imap-preauth and stats-writer between
  Stephan Bosch and a FreeBSD user
  
  Obtained from:	upstream mailing list.
  
  mail/dovecot: upgrade to 2.3.4.1
  
      * CVE-2019-3814: If imap/pop3/managesieve/submission client has
        trusted certificate with missing username field
        (ssl_cert_username_field), under some configurations Dovecot
        mistakenly trusts the username provided via authentication instead
        of failing.
      * ssl_cert_username_field setting was ignored with external SMTP AUTH,
        because none of the MTAs (Postfix, Exim) currently send the
        cert_username field. This may have allowed users with trusted
        certificate to specify any username in the authentication. This bug
        didn't affect Dovecot's Submission service.
  
  PR:		235523
  Submitted by:	pascal.christen at hostpoint.ch
  Security:	1340fcc1-2953-11e9-bc44-a4badb296695
  Security:	CVE-2019-3814
  
  Approved by:	ports-secteam (joneum)

Added:
  branches/2019Q1/mail/dovecot/files/patch-src_lib-master_master-service.c
     - copied unchanged from r489515, head/mail/dovecot/files/patch-src_lib-master_master-service.c
  branches/2019Q1/mail/dovecot/files/patch-src_plugins_fts-solr_solr-connection.c
     - copied unchanged from r489098, head/mail/dovecot/files/patch-src_plugins_fts-solr_solr-connection.c
  branches/2019Q1/mail/dovecot/files/patch-src_plugins_fts_fts-parser-tika.c
     - copied unchanged from r489098, head/mail/dovecot/files/patch-src_plugins_fts_fts-parser-tika.c
Modified:
  branches/2019Q1/mail/dovecot/Makefile
  branches/2019Q1/mail/dovecot/distinfo
Directory Properties:
  branches/2019Q1/   (props changed)

Modified: branches/2019Q1/mail/dovecot/Makefile
==============================================================================
--- branches/2019Q1/mail/dovecot/Makefile	Tue Feb  5 14:54:17 2019	(r492247)
+++ branches/2019Q1/mail/dovecot/Makefile	Tue Feb  5 15:02:36 2019	(r492248)
@@ -7,8 +7,7 @@
 ######################################################################
 
 PORTNAME=	dovecot
-PORTVERSION=	2.3.4
-PORTREVISION=	3
+PORTVERSION=	2.3.4.1
 CATEGORIES=	mail ipv6
 MASTER_SITES=	https://www.dovecot.org/releases/2.3/
 

Modified: branches/2019Q1/mail/dovecot/distinfo
==============================================================================
--- branches/2019Q1/mail/dovecot/distinfo	Tue Feb  5 14:54:17 2019	(r492247)
+++ branches/2019Q1/mail/dovecot/distinfo	Tue Feb  5 15:02:36 2019	(r492248)
@@ -1,3 +1,3 @@
-TIMESTAMP = 1542984255
-SHA256 (dovecot-2.3.4.tar.gz) = d91b76eff8df6185c1799f1b279f780105bdeeea27e3286b42f4cab18efbef05
-SIZE (dovecot-2.3.4.tar.gz) = 6924178
+TIMESTAMP = 1549377600
+SHA256 (dovecot-2.3.4.1.tar.gz) = b8873e2ce5c33e58963bb7a8d2ff8427c09dbfdd63e13a0b0f4502864043aa07
+SIZE (dovecot-2.3.4.1.tar.gz) = 6925073

Copied: branches/2019Q1/mail/dovecot/files/patch-src_lib-master_master-service.c (from r489515, head/mail/dovecot/files/patch-src_lib-master_master-service.c)
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ branches/2019Q1/mail/dovecot/files/patch-src_lib-master_master-service.c	Tue Feb  5 15:02:36 2019	(r492248, copy of r489515, head/mail/dovecot/files/patch-src_lib-master_master-service.c)
@@ -0,0 +1,11 @@
+--- src/lib-master/master-service.c.orig	2019-01-06 17:42:52 UTC
++++ src/lib-master/master-service.c
+@@ -341,7 +341,7 @@ master_service_init(const char *name, enum master_serv
+ 	if ((flags & MASTER_SERVICE_FLAG_DONT_SEND_STATS) == 0) {
+ 		/* Initialize stats-client early so it can see all events. */
+ 		value = getenv(DOVECOT_STATS_WRITER_SOCKET_PATH);
+-		if (value != NULL)
++		if (value != NULL && *value = '\0')
+ 			service->stats_client = stats_client_init(value, FALSE);
+ 	}
+ 

Copied: branches/2019Q1/mail/dovecot/files/patch-src_plugins_fts-solr_solr-connection.c (from r489098, head/mail/dovecot/files/patch-src_plugins_fts-solr_solr-connection.c)
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ branches/2019Q1/mail/dovecot/files/patch-src_plugins_fts-solr_solr-connection.c	Tue Feb  5 15:02:36 2019	(r492248, copy of r489098, head/mail/dovecot/files/patch-src_plugins_fts-solr_solr-connection.c)
@@ -0,0 +1,11 @@
+--- src/plugins/fts-solr/solr-connection.c.orig	2019-01-02 22:12:57 UTC
++++ src/plugins/fts-solr/solr-connection.c
+@@ -156,7 +156,7 @@ int solr_connection_init(const char *url,
+ 		http_set.request_timeout_msecs = 60*1000;
+ 		http_set.ssl = ssl_client_set;
+ 		http_set.debug = debug;
+-		solr_http_client = http_client_init(&http_set);
++		solr_http_client = http_client_init_private(&http_set);
+ 	}
+ 
+ 	conn->xml_parser = XML_ParserCreate("UTF-8");

Copied: branches/2019Q1/mail/dovecot/files/patch-src_plugins_fts_fts-parser-tika.c (from r489098, head/mail/dovecot/files/patch-src_plugins_fts_fts-parser-tika.c)
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ branches/2019Q1/mail/dovecot/files/patch-src_plugins_fts_fts-parser-tika.c	Tue Feb  5 15:02:36 2019	(r492248, copy of r489098, head/mail/dovecot/files/patch-src_plugins_fts_fts-parser-tika.c)
@@ -0,0 +1,11 @@
+--- src/plugins/fts/fts-parser-tika.c.orig	2019-01-02 22:11:26 UTC
++++ src/plugins/fts/fts-parser-tika.c
+@@ -77,7 +77,7 @@ tika_get_http_client_url(struct mail_user *user, struc
+ 		http_set.request_timeout_msecs = 60*1000;
+ 		http_set.ssl = &ssl_set;
+ 		http_set.debug = user->mail_debug;
+-		tika_http_client = http_client_init(&http_set);
++		tika_http_client = http_client_init_private(&http_set);
+ 	}
+ 	*http_url_r = tuser->http_url;
+ 	return 0;

More information about the svn-ports-branches mailing list