svn commit: r492248 - in branches/2019Q1/mail/dovecot: . files
Larry Rosenman
ler at FreeBSD.org
Tue Feb 5 15:02:38 UTC 2019
Author: ler
Date: Tue Feb 5 15:02:36 2019
New Revision: 492248
URL: https://svnweb.freebsd.org/changeset/ports/492248
Log:
MFH: r489098 r489515 r492245
mail/dovecot: Pick up a mailinglist patch for solr/tika separation.
solr and tika currently use the same http client connection. Upstream
made the attached patches in response to my (ler@) bug report.
Obtained from: upstream mailing list.
mail/dovecot: Pick up mailing list patch for imap-preauth vs. stats-writer.
see the dovecot mailing list thread on imap-preauth and stats-writer between
Stephan Bosch and a FreeBSD user
Obtained from: upstream mailing list.
mail/dovecot: upgrade to 2.3.4.1
* CVE-2019-3814: If imap/pop3/managesieve/submission client has
trusted certificate with missing username field
(ssl_cert_username_field), under some configurations Dovecot
mistakenly trusts the username provided via authentication instead
of failing.
* ssl_cert_username_field setting was ignored with external SMTP AUTH,
because none of the MTAs (Postfix, Exim) currently send the
cert_username field. This may have allowed users with trusted
certificate to specify any username in the authentication. This bug
didn't affect Dovecot's Submission service.
PR: 235523
Submitted by: pascal.christen at hostpoint.ch
Security: 1340fcc1-2953-11e9-bc44-a4badb296695
Security: CVE-2019-3814
Approved by: ports-secteam (joneum)
Added:
branches/2019Q1/mail/dovecot/files/patch-src_lib-master_master-service.c
- copied unchanged from r489515, head/mail/dovecot/files/patch-src_lib-master_master-service.c
branches/2019Q1/mail/dovecot/files/patch-src_plugins_fts-solr_solr-connection.c
- copied unchanged from r489098, head/mail/dovecot/files/patch-src_plugins_fts-solr_solr-connection.c
branches/2019Q1/mail/dovecot/files/patch-src_plugins_fts_fts-parser-tika.c
- copied unchanged from r489098, head/mail/dovecot/files/patch-src_plugins_fts_fts-parser-tika.c
Modified:
branches/2019Q1/mail/dovecot/Makefile
branches/2019Q1/mail/dovecot/distinfo
Directory Properties:
branches/2019Q1/ (props changed)
Modified: branches/2019Q1/mail/dovecot/Makefile
==============================================================================
--- branches/2019Q1/mail/dovecot/Makefile Tue Feb 5 14:54:17 2019 (r492247)
+++ branches/2019Q1/mail/dovecot/Makefile Tue Feb 5 15:02:36 2019 (r492248)
@@ -7,8 +7,7 @@
######################################################################
PORTNAME= dovecot
-PORTVERSION= 2.3.4
-PORTREVISION= 3
+PORTVERSION= 2.3.4.1
CATEGORIES= mail ipv6
MASTER_SITES= https://www.dovecot.org/releases/2.3/
Modified: branches/2019Q1/mail/dovecot/distinfo
==============================================================================
--- branches/2019Q1/mail/dovecot/distinfo Tue Feb 5 14:54:17 2019 (r492247)
+++ branches/2019Q1/mail/dovecot/distinfo Tue Feb 5 15:02:36 2019 (r492248)
@@ -1,3 +1,3 @@
-TIMESTAMP = 1542984255
-SHA256 (dovecot-2.3.4.tar.gz) = d91b76eff8df6185c1799f1b279f780105bdeeea27e3286b42f4cab18efbef05
-SIZE (dovecot-2.3.4.tar.gz) = 6924178
+TIMESTAMP = 1549377600
+SHA256 (dovecot-2.3.4.1.tar.gz) = b8873e2ce5c33e58963bb7a8d2ff8427c09dbfdd63e13a0b0f4502864043aa07
+SIZE (dovecot-2.3.4.1.tar.gz) = 6925073
Copied: branches/2019Q1/mail/dovecot/files/patch-src_lib-master_master-service.c (from r489515, head/mail/dovecot/files/patch-src_lib-master_master-service.c)
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ branches/2019Q1/mail/dovecot/files/patch-src_lib-master_master-service.c Tue Feb 5 15:02:36 2019 (r492248, copy of r489515, head/mail/dovecot/files/patch-src_lib-master_master-service.c)
@@ -0,0 +1,11 @@
+--- src/lib-master/master-service.c.orig 2019-01-06 17:42:52 UTC
++++ src/lib-master/master-service.c
+@@ -341,7 +341,7 @@ master_service_init(const char *name, enum master_serv
+ if ((flags & MASTER_SERVICE_FLAG_DONT_SEND_STATS) == 0) {
+ /* Initialize stats-client early so it can see all events. */
+ value = getenv(DOVECOT_STATS_WRITER_SOCKET_PATH);
+- if (value != NULL)
++ if (value != NULL && *value = '\0')
+ service->stats_client = stats_client_init(value, FALSE);
+ }
+
Copied: branches/2019Q1/mail/dovecot/files/patch-src_plugins_fts-solr_solr-connection.c (from r489098, head/mail/dovecot/files/patch-src_plugins_fts-solr_solr-connection.c)
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ branches/2019Q1/mail/dovecot/files/patch-src_plugins_fts-solr_solr-connection.c Tue Feb 5 15:02:36 2019 (r492248, copy of r489098, head/mail/dovecot/files/patch-src_plugins_fts-solr_solr-connection.c)
@@ -0,0 +1,11 @@
+--- src/plugins/fts-solr/solr-connection.c.orig 2019-01-02 22:12:57 UTC
++++ src/plugins/fts-solr/solr-connection.c
+@@ -156,7 +156,7 @@ int solr_connection_init(const char *url,
+ http_set.request_timeout_msecs = 60*1000;
+ http_set.ssl = ssl_client_set;
+ http_set.debug = debug;
+- solr_http_client = http_client_init(&http_set);
++ solr_http_client = http_client_init_private(&http_set);
+ }
+
+ conn->xml_parser = XML_ParserCreate("UTF-8");
Copied: branches/2019Q1/mail/dovecot/files/patch-src_plugins_fts_fts-parser-tika.c (from r489098, head/mail/dovecot/files/patch-src_plugins_fts_fts-parser-tika.c)
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ branches/2019Q1/mail/dovecot/files/patch-src_plugins_fts_fts-parser-tika.c Tue Feb 5 15:02:36 2019 (r492248, copy of r489098, head/mail/dovecot/files/patch-src_plugins_fts_fts-parser-tika.c)
@@ -0,0 +1,11 @@
+--- src/plugins/fts/fts-parser-tika.c.orig 2019-01-02 22:11:26 UTC
++++ src/plugins/fts/fts-parser-tika.c
+@@ -77,7 +77,7 @@ tika_get_http_client_url(struct mail_user *user, struc
+ http_set.request_timeout_msecs = 60*1000;
+ http_set.ssl = &ssl_set;
+ http_set.debug = user->mail_debug;
+- tika_http_client = http_client_init(&http_set);
++ tika_http_client = http_client_init_private(&http_set);
+ }
+ *http_url_r = tuser->http_url;
+ return 0;
More information about the svn-ports-branches
mailing list