rpms/dovecot
6
0
Fork 0
Code Issues Pull Requests Releases Activity

update to upstream version 1.1.6 change permissions of deliver and

Browse Source 
dovecot.conf to prevent possible password exposure
This commit is contained in:
Michal Hlavinka 2008-11-03 10:12:01 +00:00
parent 2574a232f8
commit 63a5416c5b
4 changed files with 24 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.cvsignore
View File

@ -1,4 +1,4 @@
dovecot-1.1.5.tar.gz dovecot-1.1.6.tar.gz
dovecot-1.1.6.tar.gz.sig
dovecot-sieve-1.1.5.tar.gz dovecot-sieve-1.1.5.tar.gz
dovecot-1.1.5.tar.gz.sig
dovecot-sieve-1.1.5.tar.gz.sig dovecot-sieve-1.1.5.tar.gz.sig

11
dovecot-1.1-default-settings-passwd.patch
View File

@ -1,11 +0,0 @@
--- dovecot-1.1.2/dovecot-example.conf.passwd 2008-07-29 14:30:57.000000000 +0200
+++ dovecot-1.1.2/dovecot-example.conf 2008-07-29 14:32:48.000000000 +0200
@@ -92,6 +92,8 @@
# If key file is password protected, give the password here. Alternatively
# give it when starting dovecot with -p parameter.
+# Security note: if you have this config file world readable, then enable
+# password asking during start-up in /etc/sysconfig/dovecot.
#ssl_key_password =
# File containing trusted SSL certificate authorities. Set this only if you

25
dovecot.spec
View File

@ -1,7 +1,7 @@
Summary: Dovecot Secure imap server Summary: Dovecot Secure imap server
Name: dovecot Name: dovecot
Epoch: 1 Epoch: 1
Version: 1.1.5 Version: 1.1.6
Release: 1%{?dist} Release: 1%{?dist}
License: MIT and LGPLv2 and BSD with advertising License: MIT and LGPLv2 and BSD with advertising
Group: System Environment/Daemons Group: System Environment/Daemons
@ -31,7 +31,6 @@ Patch1: dovecot-1.1-default-settings.patch
Patch2: dovecot-1.0.beta2-mkcert-permissions.patch Patch2: dovecot-1.0.beta2-mkcert-permissions.patch
# local filesystem rules # local filesystem rules
Patch3: dovecot-1.0.rc7-mkcert-paths.patch Patch3: dovecot-1.0.rc7-mkcert-paths.patch
Patch4: dovecot-1.1-default-settings-passwd.patch
Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: openssl-devel, pam-devel, zlib-devel BuildRequires: openssl-devel, pam-devel, zlib-devel
@ -150,7 +149,6 @@ This package provides the development files for dovecot.
%patch1 -p1 -b .default-settings %patch1 -p1 -b .default-settings
%patch2 -p1 -b .mkcert-permissions %patch2 -p1 -b .mkcert-permissions
%patch3 -p1 -b .mkcert-paths %patch3 -p1 -b .mkcert-paths
%patch4 -p1 -b .passwd
%if %{build_sieve} %if %{build_sieve}
%setup -q -D -T -a 8 %setup -q -D -T -a 8
@ -228,7 +226,7 @@ chmod 700 $RPM_BUILD_ROOT/var/run/dovecot/login
# Install dovecot.conf and dovecot-openssl.cnf # Install dovecot.conf and dovecot-openssl.cnf
mkdir -p $RPM_BUILD_ROOT%{ssldir} mkdir -p $RPM_BUILD_ROOT%{ssldir}
install -p -m644 dovecot-example.conf $RPM_BUILD_ROOT%{_sysconfdir}/dovecot.conf install -p -m640 dovecot-example.conf $RPM_BUILD_ROOT%{_sysconfdir}/dovecot.conf
rm -f $RPM_BUILD_ROOT%{_sysconfdir}/dovecot-*example.conf # dovecot seems to install this by itself rm -f $RPM_BUILD_ROOT%{_sysconfdir}/dovecot-*example.conf # dovecot seems to install this by itself
install -p -m644 doc/dovecot-openssl.cnf $RPM_BUILD_ROOT%{ssldir}/dovecot-openssl.cnf install -p -m644 doc/dovecot-openssl.cnf $RPM_BUILD_ROOT%{ssldir}/dovecot-openssl.cnf
@ -309,7 +307,7 @@ fi
%files -f libs.filelist %files -f libs.filelist
%defattr(-,root,root,-) %defattr(-,root,root,-)
%doc %{docdir}-%{version} %doc %{docdir}-%{version}
%config(noreplace) %{_sysconfdir}/dovecot.conf %attr(0640,root,mail) %config(noreplace) %{_sysconfdir}/dovecot.conf
%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/sysconfig/dovecot %attr(0600,root,root) %config(noreplace) %{_sysconfdir}/sysconfig/dovecot
%{_initrddir}/dovecot %{_initrddir}/dovecot
%config(noreplace) %{_sysconfdir}/pam.d/dovecot %config(noreplace) %{_sysconfdir}/pam.d/dovecot
@ -320,6 +318,19 @@ fi
%attr(0600,root,root) %ghost %config(missingok,noreplace) %verify(not md5 size mtime) %{ssldir}/certs/dovecot.pem %attr(0600,root,root) %ghost %config(missingok,noreplace) %verify(not md5 size mtime) %{ssldir}/certs/dovecot.pem
%attr(0600,root,root) %ghost %config(missingok,noreplace) %verify(not md5 size mtime) %{ssldir}/private/dovecot.pem %attr(0600,root,root) %ghost %config(missingok,noreplace) %verify(not md5 size mtime) %{ssldir}/private/dovecot.pem
%{_libexecdir}/%{name} %{_libexecdir}/%{name}
%{_libexecdir}/%{name}/checkpassword-reply
%attr(2755,root,mail) %{_libexecdir}/%{name}/deliver
%{_libexecdir}/%{name}/dict
%{_libexecdir}/%{name}/dovecot-auth
%{_libexecdir}/%{name}/gdbhelper
%{_libexecdir}/%{name}/idxview
%{_libexecdir}/%{name}/imap
%{_libexecdir}/%{name}/imap-login
%{_libexecdir}/%{name}/logview
%{_libexecdir}/%{name}/pop3
%{_libexecdir}/%{name}/pop3-login
%{_libexecdir}/%{name}/rawlog
%{_libexecdir}/%{name}/ssl-build-param
%{_sbindir}/dovecot %{_sbindir}/dovecot
%{_sbindir}/dovecotpw %{_sbindir}/dovecotpw
%attr(0755,root,dovecot) %dir /var/run/dovecot %attr(0755,root,dovecot) %dir /var/run/dovecot
@ -376,6 +387,10 @@ fi
%changelog %changelog
* Mon Nov 3 2008 Michal Hlavinka <mhlavink@redhat.com> - 1:1.1.6-1
- update to upstream version 1.1.6
- change permissions of deliver and dovecot.conf to prevent possible password exposure
* Wed Oct 29 2008 Michal Hlavinka <mhlavink@redhat.com> - 1:1.1.5-1 * Wed Oct 29 2008 Michal Hlavinka <mhlavink@redhat.com> - 1:1.1.5-1
- update to upstream version 1.1.5 (Resolves: CVE-2008-4577, CVE-2008-4578) - update to upstream version 1.1.5 (Resolves: CVE-2008-4577, CVE-2008-4578)

4
sources
View File

@ -1,4 +1,4 @@
64e7809aeee750e7c86d81777078e434 dovecot-1.1.5.tar.gz ccbfcfcb5e6d19a3228885a2f7eae2dd dovecot-1.1.6.tar.gz
de8dc8f5b07e6f3aeef5059738ff5bbe dovecot-1.1.6.tar.gz.sig
b4362defe3fc18865db8cf8e1c940b13 dovecot-sieve-1.1.5.tar.gz b4362defe3fc18865db8cf8e1c940b13 dovecot-sieve-1.1.5.tar.gz
e04825c658194f44acd39722d3ef9982 dovecot-1.1.5.tar.gz.sig
0fdb01f9fd960fbd5a8271584ac62cb8 dovecot-sieve-1.1.5.tar.gz.sig 0fdb01f9fd960fbd5a8271584ac62cb8 dovecot-sieve-1.1.5.tar.gz.sig