- update to latest upstream, fixes a few bugs, plus a security

vulnerability (#216508, CVE-2006-5973)
2006-12-11 08:51:58 +00:00 · 2006-12-11 08:51:58 +00:00 · 9de1b89680
commit 9de1b89680
parent 43d3914028
4 changed files with 116 additions and 5 deletions
--- a/.cvsignore
+++ b/.cvsignore
@ -1 +1 @@
-dovecot-1.0.rc7.tar.gz
+dovecot-1.0.rc15.tar.gz
--- a/dovecot-1.0.rc15-default-settings.patch
+++ b/dovecot-1.0.rc15-default-settings.patch
@ -0,0 +1,107 @@
+--- dovecot-1.0.rc15/src/master/master-settings.c.default-settings	2006-11-12 18:56:07.000000000 +0100
+++ dovecot-1.0.rc15/src/master/master-settings.c	2006-11-21 09:47:40.000000000 +0100
+@@ -269,8 +269,8 @@
+ 	MEMBER(syslog_facility) "mail",
+ 
+ 	/* general */
+-	MEMBER(protocols) "imap imaps",
+-	MEMBER(listen) "*",
+	MEMBER(protocols) "imap imaps pop3 pop3s",
+	MEMBER(listen) "[::]",
+ 	MEMBER(ssl_listen) "",
+ 
+ 	MEMBER(ssl_disable) FALSE,
+@@ -281,7 +281,7 @@
+ 	MEMBER(ssl_parameters_regenerate) 168,
+ 	MEMBER(ssl_cipher_list) "",
+ 	MEMBER(ssl_verify_client_cert) FALSE,
+-	MEMBER(disable_plaintext_auth) TRUE,
+	MEMBER(disable_plaintext_auth) FALSE,
+ 	MEMBER(verbose_ssl) FALSE,
+ 	MEMBER(shutdown_clients) TRUE,
+ 	MEMBER(nfs_check) TRUE,
+@@ -337,7 +337,7 @@
+ 	MEMBER(maildir_stat_dirs) FALSE,
+ 	MEMBER(maildir_copy_with_hardlinks) FALSE,
+ 	MEMBER(mbox_read_locks) "fcntl",
+-	MEMBER(mbox_write_locks) "dotlock fcntl",
+	MEMBER(mbox_write_locks) "fcntl",
+ 	MEMBER(mbox_lock_timeout) 300,
+ 	MEMBER(mbox_dotlock_change_timeout) 120,
+ 	MEMBER(mbox_min_index_size) 0,
+@@ -366,7 +366,7 @@
+ 	MEMBER(pop3_enable_last) FALSE,
+ 	MEMBER(pop3_reuse_xuidl) FALSE,
+ 	MEMBER(pop3_lock_session) FALSE,
+-	MEMBER(pop3_uidl_format) "",
+	MEMBER(pop3_uidl_format) "%08Xu%08Xv",
+ 	MEMBER(pop3_client_workarounds) "",
+ 	MEMBER(pop3_logout_format) "top=%t/%p, retr=%r/%b, del=%d/%m, size=%s",
+ 
+--- dovecot-1.0.rc15/dovecot-example.conf.default-settings	2006-11-05 18:14:37.000000000 +0100
+++ dovecot-1.0.rc15/dovecot-example.conf	2006-11-21 09:49:06.000000000 +0100
+@@ -7,17 +7,14 @@
+ # value inside quotes, eg.: key = "# char and trailing whitespace  "
+ 
+ # Default values are shown for each setting, it's not required to uncomment
+-# any of the lines. Exception to this are paths, they're just examples with
+-# the real defaults being based on configure options. The paths listed here
+-# are for configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var
+-# --with-ssldir=/etc/ssl
+# any of the lines.
+ 
+ # Base directory where to store runtime data.
+ #base_dir = /var/run/dovecot/
+ 
+ # Protocols we want to be serving: imap imaps pop3 pop3s
+ # If you only want to use dovecot-auth, you can set this to "none".
+-#protocols = imap imaps
+#protocols = imap imaps pop3 pop3s
+ 
+ # IP or host address where to listen in for connections. It's not currently
+ # possible to specify multiple addresses. "*" listens in all IPv4 interfaces.
+@@ -36,13 +33,13 @@
+ #     listen = *:10100
+ #     ..
+ #   }
+-#listen = *
+#listen = [::]
+ 
+ # Disable LOGIN command and all other plaintext authentications unless
+ # SSL/TLS is used (LOGINDISABLED capability). Note that if the remote IP
+ # matches the local IP (ie. you're connecting from the same computer), the
+ # connection is considered secure and plaintext authentication is allowed.
+-#disable_plaintext_auth = yes
+#disable_plaintext_auth = no
+ 
+ # Should all IMAP and POP3 processes be killed when Dovecot master process
+ # shuts down. Setting this to "no" means that Dovecot can be upgraded without
+@@ -87,8 +84,8 @@
+ # dropping root privileges, so keep the key file unreadable by anyone but
+ # root. Included doc/mkcert.sh can be used to easily generate self-signed
+ # certificate, just make sure to update the domains in dovecot-openssl.cnf
+-#ssl_cert_file = /etc/ssl/certs/dovecot.pem
+-#ssl_key_file = /etc/ssl/private/dovecot.pem
+#ssl_cert_file = /etc/pki/dovecot/certs/dovecot.pem
+#ssl_key_file = /etc/pki/dovecot/private/dovecot.pem
+ 
+ # If key file is password protected, give the password here. Alternatively
+ # give it when starting dovecot with -p parameter.
+@@ -425,7 +422,7 @@
+ # locking methods as well. Some operating systems don't allow using some of
+ # them simultaneously.
+ #mbox_read_locks = fcntl
+-#mbox_write_locks = dotlock fcntl
+#mbox_write_locks = fcntl
+ 
+ # Maximum time in seconds to wait for lock (all of them) before aborting.
+ #mbox_lock_timeout = 300
+@@ -593,7 +590,7 @@
+   # installations. %08Xu%08Xv will be the new default, so use it for new
+   # installations.
+   #
+-  #pop3_uidl_format = 
+  #pop3_uidl_format = %08Xu%08Xv
+ 
+   # POP3 logout format string:
+   #  %t - number of TOP commands
--- a/dovecot.spec
+++ b/dovecot.spec
@ -1,13 +1,13 @@
 Summary: Dovecot Secure imap server
 Name: dovecot
 Version: 1.0
-Release: 0.3.rc7%{?dist}
+Release: 1.rc15%{?dist}
 License: LGPL
 Group: System Environment/Daemons

 %define build_postgres 1
 %define build_mysql 1
-%define upstream 1.0.rc7
+%define upstream 1.0.rc15

 Source: %{name}-%{upstream}.tar.gz
 Source1: dovecot.init
@ -17,7 +17,7 @@ Source4: migrate-folders
 Source5: migrate-users
 Source6: perfect_maildir.pl
 Source7: dovecot-REDHAT-FAQ.txt
-Patch100: dovecot-1.0.rc7-default-settings.patch
+Patch100: dovecot-1.0.rc15-default-settings.patch
 Patch101: dovecot-1.0.beta2-pam-tty.patch
 Patch102: dovecot-1.0.rc2-pam-setcred.patch
 Patch103: dovecot-1.0.beta2-mkcert-permissions.patch
@ -213,6 +213,10 @@ rm -rf $RPM_BUILD_ROOT


 %changelog
+* Tue Dec 05 2006 Tomas Janousek <tjanouse@redhat.com> - 1.0-1.rc15
+- update to latest upstream, fixes a few bugs, plus a security
+  vulnerability (#216508, CVE-2006-5973)
+
 * Tue Oct 10 2006 Petr Rockai <prockai@redhat.com> - 1.0-0.3.rc7
 - fix few inconsistencies in specfile, fixes #198940

--- a/2
+++ b/2
@ -1 +1 @@
-665ec0f09fe4f0a8f3f9efd7b9a02297  dovecot-1.0.rc7.tar.gz
+26f3d2b075856b1b1d180146363819e6  dovecot-1.0.rc15.tar.gz