rpms/dovecot
7
0
Fork 0
Code Issues Pull Requests Releases Activity

import CS dovecot-2.3.16-18.el9

Browse Source
This commit is contained in:
AlmaLinux RelEng Bot 2026-05-20 04:49:47 -04:00
parent 8a7e432fc0
commit 5800c29f3d
3 changed files with 16 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
SOURCES/dovecot.tmpfilesd
View File

@ -1,2 +1,3 @@
d /run/dovecot 0755 root dovecot -
d /var/lib/dovecot 0750 dovecot dovecot - -

0
SOURCES/prestartscript Executable file → Normal file
View File

23
SPECS/dovecot.spec
View File

@ -6,7 +6,7 @@ Name: dovecot
Epoch: 1
Version: 2.3.16
%global prever %{nil}
Release: 15%{?dist}.1
Release: 18%{?dist}
#dovecot itself is MIT, a few sources are PD, pigeonhole is LGPLv2
License: MIT and LGPLv2
@ -73,15 +73,15 @@ Patch28: dovecot-2.3.21.1-CVE-2024-23184.patch
# https://github.com/dovecot/core/compare/f020e13%5E...ce88c33.patch
Patch29: dovecot-2.3.21.1-CVE-2024-23185.patch
# from upstream for < 2.4.3, RHEL-161639
# from upstream for < 2.4.3, RHEL-161640
# https://github.com/dovecot/pigeonhole/commit/54f645225a8a7911d7e16e9d50f170d217b0be95
Patch30: dovecot-2.3-cve-2026-27858.patch
# from upstream for < 2.4.3, RHEL-162287
# from upstream for < 2.4.3, RHEL-162288
# https://github.com/dovecot/pigeonhole/commit/efb68fac3a9d2d04d38c4ab14dd570cf0c23923c
Patch31: dovecot-2.3-cve-2025-59032.patch
# from upstream for < 2.4.3, RHEL-161678
# from upstream for < 2.4.3, RHEL-161679
# https://github.com/dovecot/core/commit/825bc297f87b856992aa14beac596ec838248210
Patch32: dovecot-2.3-cve-2026-27857p1of5.patch
# https://github.com/dovecot/core/commit/d0f67b52914565a35f3817335ab9633cb291513c
@ -551,10 +551,17 @@ make check
%{_libdir}/%{name}/dict/libdriver_pgsql.so
%changelog
* Mon Apr 13 2026 Michal Hlavinka <mhlavink@redhat.com> - 1:2.3.16-15.1
- fix CVE-2026-27858: denial of service via crafted message before authentication (RHEL-161639)
- fix CVE-2025-59032: ManageSieve: Denial of Service via crafted SASL initial response in AUTHENTICATE command (RHEL-162287)
- fix CVE-2026-27857: denial of service via specially crafted NOOP command (RHEL-161678)
* Mon May 11 2026 Michal Hlavinka <mhlavink@redhat.com> - 1:2.3.16-18
- rebuild
* Mon May 04 2026 Michal Hlavinka <mhlavink@redhat.com> - 1:2.3.16-17
- fix CVE-2026-27858: denial of service via crafted message before authentication (RHEL-161640)
- fix CVE-2025-59032: ManageSieve: Denial of Service via crafted SASL initial response in AUTHENTICATE command (RHEL-162288)
- fix CVE-2026-27857: denial of service via specially crafted NOOP command (RHEL-161679)
* Mon Jan 12 2026 Michal Hlavinka <mhlavink@redhat.com> - 1:2.3.16-16
- add /var/lib/dovecot to tmpfiles for image mode (RHEL-139098)
- fix building with latest openssl (RHEL-140619)
* Wed Feb 05 2025 Michal Hlavinka <mhlavink@redhat.com> - 1:2.3.16-15
- fix sysusers config file name (RHEL-77322)