import dovecot-2.3.8-6.el8
This commit is contained in:
CentOS Sources
parent
7e699f8952
commit
a9ff1a8a7a
73
SOURCES/dovecot-2.3.8-a668d767.patch
Normal file
73
SOURCES/dovecot-2.3.8-a668d767.patch
Normal file
@ -0,0 +1,73 @@
|
||||
diff --git a/src/lib-mail/message-parser.c b/src/lib-mail/message-parser.c
|
||||
index 011dea9050..8baf622e59 100644
|
||||
--- a/src/lib-mail/message-parser.c
|
||||
+++ b/src/lib-mail/message-parser.c
|
||||
@@ -138,6 +138,7 @@ message_part_append(struct message_parser_ctx *ctx)
|
||||
struct message_part *parent = ctx->part;
|
||||
struct message_part *part;
|
||||
|
||||
+ i_assert(!ctx->preparsed);
|
||||
i_assert(parent != NULL);
|
||||
i_assert((parent->flags & (MESSAGE_PART_FLAG_MULTIPART |
|
||||
MESSAGE_PART_FLAG_MESSAGE_RFC822)) != 0);
|
||||
@@ -171,12 +172,14 @@ static void message_part_finish(struct message_parser_ctx *ctx)
|
||||
{
|
||||
struct message_part **const *parent_next_partp;
|
||||
|
||||
- i_assert(ctx->nested_parts_count > 0);
|
||||
- ctx->nested_parts_count--;
|
||||
+ if (!ctx->preparsed) {
|
||||
+ i_assert(ctx->nested_parts_count > 0);
|
||||
+ ctx->nested_parts_count--;
|
||||
|
||||
- parent_next_partp = array_back(&ctx->next_part_stack);
|
||||
- array_pop_back(&ctx->next_part_stack);
|
||||
- ctx->next_part = *parent_next_partp;
|
||||
+ parent_next_partp = array_back(&ctx->next_part_stack);
|
||||
+ array_pop_back(&ctx->next_part_stack);
|
||||
+ ctx->next_part = *parent_next_partp;
|
||||
+ }
|
||||
|
||||
message_size_add(&ctx->part->parent->body_size, &ctx->part->body_size);
|
||||
message_size_add(&ctx->part->parent->body_size, &ctx->part->header_size);
|
||||
diff --git a/src/lib-mail/test-message-parser.c b/src/lib-mail/test-message-parser.c
|
||||
index 13984f939e..a00f0d6200 100644
|
||||
--- a/src/lib-mail/test-message-parser.c
|
||||
+++ b/src/lib-mail/test-message-parser.c
|
||||
@@ -178,9 +178,10 @@ static void test_message_parser_small_blocks(void)
|
||||
static void test_message_parser_stop_early(void)
|
||||
{
|
||||
struct message_parser_ctx *parser;
|
||||
- struct istream *input;
|
||||
+ struct istream *input, *input2;
|
||||
struct message_part *parts;
|
||||
struct message_block block;
|
||||
+ const char *error;
|
||||
unsigned int i;
|
||||
pool_t pool;
|
||||
int ret;
|
||||
@@ -198,6 +199,24 @@ static void test_message_parser_stop_early(void)
|
||||
&block)) > 0) ;
|
||||
test_assert(ret == 0);
|
||||
message_parser_deinit(&parser, &parts);
|
||||
+
|
||||
+ /* test preparsed - first re-parse everything with a stream
|
||||
+ that sees EOF at this position */
|
||||
+ input2 = i_stream_create_from_data(test_msg, i);
|
||||
+ parser = message_parser_init(pool, input2, &set_empty);
|
||||
+ while ((ret = message_parser_parse_next_block(parser,
|
||||
+ &block)) > 0) ;
|
||||
+ test_assert(ret == -1);
|
||||
+ message_parser_deinit(&parser, &parts);
|
||||
+
|
||||
+ /* now parse from the parts */
|
||||
+ i_stream_seek(input2, 0);
|
||||
+ parser = message_parser_init_from_parts(parts, input2, &set_empty);
|
||||
+ while ((ret = message_parser_parse_next_block(parser,
|
||||
+ &block)) > 0) ;
|
||||
+ test_assert(ret == -1);
|
||||
+ test_assert(message_parser_deinit_from_parts(&parser, &parts, &error) == 0);
|
||||
+ i_stream_unref(&input2);
|
||||
}
|
||||
|
||||
i_stream_unref(&input);
|
||||
20
SOURCES/dovecot-2.3.8-blockcount.patch
Normal file
20
SOURCES/dovecot-2.3.8-blockcount.patch
Normal file
@ -0,0 +1,20 @@
|
||||
diff -up dovecot-2.3.8/src/lib-storage/index/index-mail-binary.c.blockcount dovecot-2.3.8/src/lib-storage/index/index-mail-binary.c
|
||||
--- dovecot-2.3.8/src/lib-storage/index/index-mail-binary.c.blockcount 2020-12-02 11:34:10.229027593 +0100
|
||||
+++ dovecot-2.3.8/src/lib-storage/index/index-mail-binary.c 2020-12-02 11:36:47.328933276 +0100
|
||||
@@ -339,13 +339,14 @@ blocks_count_lines(struct binary_ctx *ct
|
||||
i_stream_skip(full_input, skip);
|
||||
cur_block_offset += skip;
|
||||
|
||||
- if (cur_block->input->eof) {
|
||||
+ if (i_stream_read_eof(cur_block->input)) {
|
||||
/* go to the next block */
|
||||
- if (++block_idx == block_count) {
|
||||
+ if (block_idx+1 == block_count) {
|
||||
i_assert(i_stream_read_eof(full_input));
|
||||
ret = -1;
|
||||
break;
|
||||
}
|
||||
+ block_idx++;
|
||||
cur_block++;
|
||||
cur_block_offset = 0;
|
||||
}
|
||||
@ -5,7 +5,7 @@ Name: dovecot
|
||||
Epoch: 1
|
||||
Version: 2.3.8
|
||||
%global prever %{nil}
|
||||
Release: 4%{?dist}
|
||||
Release: 6%{?dist}
|
||||
#dovecot itself is MIT, a few sources are PD, pigeonhole is LGPLv2
|
||||
License: MIT and LGPLv2
|
||||
Group: System Environment/Daemons
|
||||
@ -55,6 +55,12 @@ Patch20: dovecot-2.3.8-CVE_2020_12673.patch
|
||||
Patch21: dovecot-2.3.8-CVE_2020_12674prereq.patch
|
||||
Patch22: dovecot-2.3.8-CVE_2020_12674.patch
|
||||
|
||||
# from upstream, for dovecot <= 2.3.11.3, rhbz#1894418
|
||||
Patch23: dovecot-2.3.8-blockcount.patch
|
||||
|
||||
# from upstream, for dovecot < 2.3.11.3, rhbz#1888111
|
||||
Patch24: dovecot-2.3.8-a668d767.patch
|
||||
|
||||
Source15: prestartscript
|
||||
|
||||
BuildRequires: openssl-devel, pam-devel, zlib-devel, bzip2-devel, libcap-devel
|
||||
@ -69,6 +75,7 @@ BuildRequires: krb5-devel
|
||||
BuildRequires: quota-devel
|
||||
BuildRequires: xz-devel
|
||||
BuildRequires: lz4-devel
|
||||
BuildRequires: multilib-rpm-config
|
||||
#BuildRequires: libsodium-devel
|
||||
#BuildRequires: libexttextcat-devel
|
||||
#BuildRequires: libstemmer-devel
|
||||
@ -166,6 +173,8 @@ This package provides the development files for dovecot.
|
||||
%patch20 -p1 -b .CVE_2020_12673
|
||||
%patch21 -p1 -b .CVE_2020_12674prereq
|
||||
%patch22 -p1 -b .CVE_2020_12674
|
||||
%patch23 -p1 -b .blockcount
|
||||
%patch24 -p1 -b .a668d767
|
||||
pushd dovecot-2*3-pigeonhole-%{pigeonholever}
|
||||
|
||||
popd
|
||||
@ -184,6 +193,7 @@ autoreconf -I . -fiv #required for aarch64 support
|
||||
%endif
|
||||
%configure \
|
||||
INSTALL_DATA="install -c -p -m644" \
|
||||
--localstatedir=%{_rundir} \
|
||||
--docdir=%{_docdir}/%{name} \
|
||||
--disable-static \
|
||||
--disable-rpath \
|
||||
@ -230,9 +240,11 @@ rm -rf $RPM_BUILD_ROOT
|
||||
|
||||
make install DESTDIR=$RPM_BUILD_ROOT
|
||||
|
||||
#move doc dir back to build dir so doc macro in files section can use it
|
||||
# move doc dir back to build dir so doc macro in files section can use it
|
||||
mv $RPM_BUILD_ROOT/%{_docdir}/%{name} %{_builddir}/%{name}-%{version}%{?prever}/docinstall
|
||||
|
||||
# fix multilib issues
|
||||
%multilib_fix_c_header --file %{_includedir}/dovecot/config.h
|
||||
|
||||
pushd dovecot-2*3-pigeonhole-%{pigeonholever}
|
||||
make install DESTDIR=$RPM_BUILD_ROOT
|
||||
@ -525,6 +537,14 @@ make check
|
||||
%{_libdir}/%{name}/dict/libdriver_pgsql.so
|
||||
|
||||
%changelog
|
||||
* Wed Dec 02 2020 Michal Hlavinka <mhlavink@redhat.com> - 1:2.3.8-6
|
||||
- fix mail storage block count parsing (#1894418)
|
||||
- MIME parser crashed when boundaries were wrong (#1888111)
|
||||
- change run directory from /var/run to /run (#1805947)
|
||||
|
||||
* Mon Nov 02 2020 Michal Hlavinka <mhlavink@redhat.com> - 1:2.3.8-5
|
||||
- multilib compatibility (#1853137)
|
||||
|
||||
* Fri Aug 07 2020 Michal Hlavinka <mhlavink@redhat.com> - 1:2.3.8-4
|
||||
- fix CVE-2020-12100 resource exhaustion via deeply nested MIME parts (#1866756)
|
||||
- fix CVE-2020-12673 out of bound reads in dovecot NTLM implementation (#1866761)
|
||||
|
||||
Loading…
Reference in New Issue
Block a user