Commit Graph

3 Commits

Author SHA1 Message Date
Michal Hlavinka
91c7c1a6c5 dovecot updated to 2.3.15, pigeonhole updated to 0.5.15
CVE-2021-29157: Dovecot does not correctly escape kid and azp fields in
  JWT tokens. This may be used to supply attacker controlled keys to
  validate tokens, if attacker has local access (#1979833)
CVE-2021-33515: On-path attacker could have injected plaintext commands
  before STARTTLS negotiation that would be executed after STARTTLS
  finished with the client
Add TSLv1.3 support to min_protocols.
Resolves: #1979833
2021-07-21 11:29:52 +02:00
DistroBaker
db7d02b1eb Merged update from upstream sources
This is an automated DistroBaker update from upstream sources.
If you do not know what this is about or would like to opt out,
contact the OSCI team.

Source: https://src.fedoraproject.org/rpms/dovecot.git#eb6cf88afcc8956c250549a04e7f7dec87577c1b
2021-04-04 23:30:41 +00:00
Petr Šabata
a4ed96afc1 RHEL 9.0.0 Alpha bootstrap
The content of this branch was automatically imported from Fedora ELN
with the following as its source:
https://src.fedoraproject.org/rpms/dovecot#29ed947aaea4a89dbadcab2fd9c843ae48a7d156
2020-10-14 23:50:22 +02:00