diff --git a/.cvsignore b/.cvsignore index c2349f5..4bf4171 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1 +1 @@ -dovecot-1.0.rc7.tar.gz +dovecot-1.0.rc15.tar.gz diff --git a/dovecot-1.0.rc15-default-settings.patch b/dovecot-1.0.rc15-default-settings.patch new file mode 100644 index 0000000..f753585 --- /dev/null +++ b/dovecot-1.0.rc15-default-settings.patch @@ -0,0 +1,107 @@ +--- dovecot-1.0.rc15/src/master/master-settings.c.default-settings 2006-11-12 18:56:07.000000000 +0100 ++++ dovecot-1.0.rc15/src/master/master-settings.c 2006-11-21 09:47:40.000000000 +0100 +@@ -269,8 +269,8 @@ + MEMBER(syslog_facility) "mail", + + /* general */ +- MEMBER(protocols) "imap imaps", +- MEMBER(listen) "*", ++ MEMBER(protocols) "imap imaps pop3 pop3s", ++ MEMBER(listen) "[::]", + MEMBER(ssl_listen) "", + + MEMBER(ssl_disable) FALSE, +@@ -281,7 +281,7 @@ + MEMBER(ssl_parameters_regenerate) 168, + MEMBER(ssl_cipher_list) "", + MEMBER(ssl_verify_client_cert) FALSE, +- MEMBER(disable_plaintext_auth) TRUE, ++ MEMBER(disable_plaintext_auth) FALSE, + MEMBER(verbose_ssl) FALSE, + MEMBER(shutdown_clients) TRUE, + MEMBER(nfs_check) TRUE, +@@ -337,7 +337,7 @@ + MEMBER(maildir_stat_dirs) FALSE, + MEMBER(maildir_copy_with_hardlinks) FALSE, + MEMBER(mbox_read_locks) "fcntl", +- MEMBER(mbox_write_locks) "dotlock fcntl", ++ MEMBER(mbox_write_locks) "fcntl", + MEMBER(mbox_lock_timeout) 300, + MEMBER(mbox_dotlock_change_timeout) 120, + MEMBER(mbox_min_index_size) 0, +@@ -366,7 +366,7 @@ + MEMBER(pop3_enable_last) FALSE, + MEMBER(pop3_reuse_xuidl) FALSE, + MEMBER(pop3_lock_session) FALSE, +- MEMBER(pop3_uidl_format) "", ++ MEMBER(pop3_uidl_format) "%08Xu%08Xv", + MEMBER(pop3_client_workarounds) "", + MEMBER(pop3_logout_format) "top=%t/%p, retr=%r/%b, del=%d/%m, size=%s", + +--- dovecot-1.0.rc15/dovecot-example.conf.default-settings 2006-11-05 18:14:37.000000000 +0100 ++++ dovecot-1.0.rc15/dovecot-example.conf 2006-11-21 09:49:06.000000000 +0100 +@@ -7,17 +7,14 @@ + # value inside quotes, eg.: key = "# char and trailing whitespace " + + # Default values are shown for each setting, it's not required to uncomment +-# any of the lines. Exception to this are paths, they're just examples with +-# the real defaults being based on configure options. The paths listed here +-# are for configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var +-# --with-ssldir=/etc/ssl ++# any of the lines. + + # Base directory where to store runtime data. + #base_dir = /var/run/dovecot/ + + # Protocols we want to be serving: imap imaps pop3 pop3s + # If you only want to use dovecot-auth, you can set this to "none". +-#protocols = imap imaps ++#protocols = imap imaps pop3 pop3s + + # IP or host address where to listen in for connections. It's not currently + # possible to specify multiple addresses. "*" listens in all IPv4 interfaces. +@@ -36,13 +33,13 @@ + # listen = *:10100 + # .. + # } +-#listen = * ++#listen = [::] + + # Disable LOGIN command and all other plaintext authentications unless + # SSL/TLS is used (LOGINDISABLED capability). Note that if the remote IP + # matches the local IP (ie. you're connecting from the same computer), the + # connection is considered secure and plaintext authentication is allowed. +-#disable_plaintext_auth = yes ++#disable_plaintext_auth = no + + # Should all IMAP and POP3 processes be killed when Dovecot master process + # shuts down. Setting this to "no" means that Dovecot can be upgraded without +@@ -87,8 +84,8 @@ + # dropping root privileges, so keep the key file unreadable by anyone but + # root. Included doc/mkcert.sh can be used to easily generate self-signed + # certificate, just make sure to update the domains in dovecot-openssl.cnf +-#ssl_cert_file = /etc/ssl/certs/dovecot.pem +-#ssl_key_file = /etc/ssl/private/dovecot.pem ++#ssl_cert_file = /etc/pki/dovecot/certs/dovecot.pem ++#ssl_key_file = /etc/pki/dovecot/private/dovecot.pem + + # If key file is password protected, give the password here. Alternatively + # give it when starting dovecot with -p parameter. +@@ -425,7 +422,7 @@ + # locking methods as well. Some operating systems don't allow using some of + # them simultaneously. + #mbox_read_locks = fcntl +-#mbox_write_locks = dotlock fcntl ++#mbox_write_locks = fcntl + + # Maximum time in seconds to wait for lock (all of them) before aborting. + #mbox_lock_timeout = 300 +@@ -593,7 +590,7 @@ + # installations. %08Xu%08Xv will be the new default, so use it for new + # installations. + # +- #pop3_uidl_format = ++ #pop3_uidl_format = %08Xu%08Xv + + # POP3 logout format string: + # %t - number of TOP commands diff --git a/dovecot.spec b/dovecot.spec index bffdd53..fb13b3d 100644 --- a/dovecot.spec +++ b/dovecot.spec @@ -1,13 +1,13 @@ Summary: Dovecot Secure imap server Name: dovecot Version: 1.0 -Release: 0.3.rc7%{?dist} +Release: 1.rc15%{?dist} License: LGPL Group: System Environment/Daemons %define build_postgres 1 %define build_mysql 1 -%define upstream 1.0.rc7 +%define upstream 1.0.rc15 Source: %{name}-%{upstream}.tar.gz Source1: dovecot.init @@ -17,7 +17,7 @@ Source4: migrate-folders Source5: migrate-users Source6: perfect_maildir.pl Source7: dovecot-REDHAT-FAQ.txt -Patch100: dovecot-1.0.rc7-default-settings.patch +Patch100: dovecot-1.0.rc15-default-settings.patch Patch101: dovecot-1.0.beta2-pam-tty.patch Patch102: dovecot-1.0.rc2-pam-setcred.patch Patch103: dovecot-1.0.beta2-mkcert-permissions.patch @@ -213,6 +213,10 @@ rm -rf $RPM_BUILD_ROOT %changelog +* Tue Dec 05 2006 Tomas Janousek - 1.0-1.rc15 +- update to latest upstream, fixes a few bugs, plus a security + vulnerability (#216508, CVE-2006-5973) + * Tue Oct 10 2006 Petr Rockai - 1.0-0.3.rc7 - fix few inconsistencies in specfile, fixes #198940 diff --git a/sources b/sources index 52fe141..b14842c 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -665ec0f09fe4f0a8f3f9efd7b9a02297 dovecot-1.0.rc7.tar.gz +26f3d2b075856b1b1d180146363819e6 dovecot-1.0.rc15.tar.gz