import CS dovecot-2.3.21-19.el10
This commit is contained in:
AlmaLinux RelEng Bot
parent
aff32787a8
commit
a544b04a72
23
dovecot.spec
23
dovecot.spec
@ -6,7 +6,7 @@ Name: dovecot
|
||||
Epoch: 1
|
||||
Version: 2.3.21
|
||||
%global prever %{nil}
|
||||
Release: 16%{?dist}.1
|
||||
Release: 19%{?dist}
|
||||
#dovecot itself is MIT, a few sources are PD, pigeonhole is LGPLv2
|
||||
License: MIT AND LGPL-2.1-only
|
||||
|
||||
@ -69,15 +69,15 @@ Patch28: dovecot-2.3.21.1-CVE-2024-23184.patch
|
||||
# https://github.com/dovecot/core/compare/f020e13%5E...ce88c33.patch
|
||||
Patch29: dovecot-2.3.21.1-CVE-2024-23185.patch
|
||||
|
||||
# from upstream for < 2.4.3, RHEL-161625
|
||||
# from upstream for < 2.4.3, RHEL-161626
|
||||
# https://github.com/dovecot/pigeonhole/commit/54f645225a8a7911d7e16e9d50f170d217b0be95
|
||||
Patch30: dovecot-2.3-cve-2026-27858.patch
|
||||
|
||||
# from upstream for < 2.4.3, RHEL-162273
|
||||
# from upstream for < 2.4.3, RHEL-162274
|
||||
# https://github.com/dovecot/pigeonhole/commit/efb68fac3a9d2d04d38c4ab14dd570cf0c23923c
|
||||
Patch31: dovecot-2.3-cve-2025-59032.patch
|
||||
|
||||
# from upstream for < 2.4.3, RHEL-161664
|
||||
# from upstream for < 2.4.3, RHEL-161665
|
||||
# https://github.com/dovecot/core/commit/825bc297f87b856992aa14beac596ec838248210
|
||||
Patch32: dovecot-2.3-cve-2026-27857p1of5.patch
|
||||
# https://github.com/dovecot/core/commit/d0f67b52914565a35f3817335ab9633cb291513c
|
||||
@ -562,10 +562,17 @@ make check
|
||||
%{_libdir}/%{name}/dict/libdriver_pgsql.so
|
||||
|
||||
%changelog
|
||||
* Tue Apr 07 2026 Michal Hlavinka <mhlavink@redhat.com> - 1:2.3.21-16.1
|
||||
- fix CVE-2026-27858: denial of service via crafted message before authentication (RHEL-161625)
|
||||
- fix CVE-2025-59032: ManageSieve: Denial of Service via crafted SASL initial response in AUTHENTICATE command (RHEL-162273)
|
||||
- fix CVE-2026-27857: denial of service via specially crafted NOOP command (RHEL-161664)
|
||||
* Mon May 11 2026 Michal Hlavinka <mhlavink@redhat.com> - 1:2.3.21-19
|
||||
- update release for rebuild
|
||||
|
||||
* Thu Apr 30 2026 Michal Hlavinka <mhlavink@redhat.com> - 1:2.3.21-18
|
||||
- fix CVE-2026-27858: denial of service via crafted message before authentication (RHEL-161626)
|
||||
- fix CVE-2025-59032: ManageSieve: Denial of Service via crafted SASL initial response in AUTHENTICATE command (RHEL-162274)
|
||||
- fix CVE-2026-27857: denial of service via specially crafted NOOP command (RHEL-161665)
|
||||
|
||||
* Mon Jan 12 2026 Michal Hlavinka <mhlavink@redhat.com> - 1:2.3.21-17
|
||||
- fix building with latest openssl (RHEL-117460)
|
||||
- add /var/lib/dovecot to tmpfiles for image mode (RHEL-130953)
|
||||
|
||||
* Wed Feb 05 2025 Michal Hlavinka <mhlavink@redhat.com> - 1:2.3.21-16
|
||||
- fix sysusers config file name (RHEL-77323)
|
||||
|
||||
@ -1,2 +1,3 @@
|
||||
d /run/dovecot 0755 root dovecot -
|
||||
d /var/lib/dovecot 0750 dovecot dovecot - -
|
||||
|
||||
|
||||
0
prestartscript
Executable file → Normal file
0
prestartscript
Executable file → Normal file
Loading…
Reference in New Issue
Block a user