Commit Graph

447 Commits

Author SHA1 Message Date
Fedora Release Engineering
ed8d027a72 Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2022-07-21 00:51:53 +00:00
Michal Hlavinka
16f3f32fa2 fix possible privilege escalation when similar master and non-master passdbs are used 2022-07-12 23:02:43 +02:00
Michal Hlavinka
3282577fa1 test could fail causing nonzero return value of whole post script 2022-07-06 21:09:22 +02:00
Michal Hlavinka
061b8c4d54 updated to 2.3.19.1 2022-06-20 23:10:22 +02:00
Michal Hlavinka
e62c64f4af updated to 2.3.19, pigeonhole to 0.5.19 2022-05-30 21:01:34 +02:00
Michal Hlavinka
24321854aa skip aarch64 check, it timeouts 2022-02-09 12:09:44 +01:00
Michal Hlavinka
f9a454dd49 updated to 2.3.18, pigeonhole to 0.5.18 2022-02-09 10:15:45 +01:00
Fedora Release Engineering
e195fa62dc - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2022-01-20 00:59:08 +00:00
Michal Hlavinka
0874a3628a dovecot updated to 2.3.17.1, pigeonhole to 0.5.17.1
dsync: Add back accidentically removed parameters.
lib-ssl-iostream: Fix assert-crash when OpenSSL returned syscall error
  without errno.
dovecot, managesieve and sieve-tool failed to run if ssl_ca was too large.
2021-12-07 22:22:53 +01:00
Michal Hlavinka
00e2d87780 dovecot updated to 2.3.17, pigeonhole to 0.5.17 2021-11-02 21:53:11 +01:00
Michal Hlavinka
abbc1b8cb5 reenable LTO 2021-09-28 13:50:59 +02:00
Michal Hlavinka
b7a5210a80 fix OpenSSLv3 issues 2005884 2021-09-27 20:04:59 +02:00
Sahana Prasad
a833b2f8ba Rebuilt with OpenSSL 3.0.0 2021-09-14 19:00:52 +02:00
Michal Hlavinka
d3bbb3608f also spec file change 2021-08-20 22:51:18 +02:00
Michal Hlavinka
76cf16c36f fix release number 2021-08-20 21:41:35 +02:00
Michal Hlavinka
5a2167681c dovecot updated to 2.3.16, pigeonhole to 0.5.16
fixes several regressions
2021-08-20 21:40:35 +02:00
Fedora Release Engineering
4439c8a833 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2021-07-21 21:05:11 +00:00
Michal Hlavinka
b920232ea6 fix spec file condition 2021-06-23 11:32:21 +02:00
Michal Hlavinka
2e3cc75314 fix FTBFS 2021-06-23 09:58:10 +02:00
Michal Hlavinka
f838a05fb9 dovecot updated to 2.3.15, pigeonhole updated to 0.5.15
CVE-2021-29157: Dovecot does not correctly escape kid and azp fields in
  JWT tokens. This may be used to supply attacker controlled keys to
  validate tokens, if attacker has local access.
CVE-2021-33515: On-path attacker could have injected plaintext commands
  before STARTTLS negotiation that would be executed after STARTTLS
  finished with the client.
Add TSLv1.3 support to min_protocols.
Allow configuring ssl_cipher_suites. (for TLSv1.3+)
2021-06-21 23:25:54 +02:00
Pete Walter
9e2964f1dd Rebuild for ICU 69 2021-05-20 00:58:00 +01:00
Pete Walter
ec859bf9de Rebuild for ICU 69 2021-05-19 16:45:17 +01:00
Jeff Law
4345d3c47b Re-enable LTO 2021-05-10 12:08:39 -06:00
Michal Hlavinka
25d565523c dovecot updated to 2.3.14, pigeonhole to 0.5.14
use OpenSSL's implementation of HMAC
Remove autocreate, expire, snarf and mail-filter plugins.
Remove cydir storage driver.
Remove XZ/LZMA write support. Read support will be removed in future release.
2021-03-22 21:06:01 +01:00
Michal Hlavinka
8550d54fac do not use own implementation of HMAC, use OpenSSL 2021-03-22 19:30:17 +01:00
Pavel Raiskup
abd5abe3b4 rebuild for libpq ABI fix
Related: rhbz#1908268
2021-02-08 09:24:17 +01:00
Michal Hlavinka
886a96b230 use make macros 2021-02-01 13:51:01 +01:00
Fedora Release Engineering
06d34fe3ea - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2021-01-26 03:42:56 +00:00
Michal Hlavinka
2860368c09 fix multilib issues 2021-01-18 14:33:47 +01:00
Michal Hlavinka
abd275bba1 bump release and rebuild 2021-01-18 13:57:17 +01:00
Michal Hlavinka
f1771ed0fa fix rundir location 2021-01-07 18:28:31 +01:00
Michal Hlavinka
cc81c97592 fix release number 2021-01-06 14:01:36 +01:00
Michal Hlavinka
432e04624d dovecot updated to 2.3.13, pigeonhole to 0.5.13
CVE-2020-24386: Specially crafted command can cause IMAP hibernate to
  allow logged in user to access other people's emails and filesystem
  information.
Metric filter and global event filter variable syntax changed to a
  SQL-like format.
auth: Added new aliases for %{variables}. Usage of the old ones is
  possible, but discouraged.
auth: Removed RPA auth mechanism, SKEY auth mechanism, NTLM auth
  mechanism and related password schemes.
auth: Removed passdb-sia, passdb-vpopmail and userdb-vpopmail.
auth: Removed postfix postmap socket
2021-01-06 11:29:46 +01:00
Michal Hlavinka
f8f94ccbdf dovecot updated to 2.3.13, pigeonhole to 0.5.13
CVE-2020-24386: Specially crafted command can cause IMAP hibernate to
  allow logged in user to access other people's emails and filesystem
  information.
Metric filter and global event filter variable syntax changed to a
  SQL-like format.
auth: Added new aliases for %{variables}. Usage of the old ones is
  possible, but discouraged.
auth: Removed RPA auth mechanism, SKEY auth mechanism, NTLM auth
  mechanism and related password schemes.
auth: Removed passdb-sia, passdb-vpopmail and userdb-vpopmail.
auth: Removed postfix postmap socket
2021-01-04 19:46:26 +01:00
Michal Hlavinka
5e0f363767 change run directory from /var/run to /run (#1777922) 2021-01-04 10:18:56 +01:00
Tom Stellard
b73f4c06b0 Add BuildRequires: make
https://fedoraproject.org/wiki/Changes/Remove_make_from_BuildRoot
2020-12-17 04:42:04 +00:00
Michal Hlavinka
4ca072df4d enable zstd support 2020-10-20 15:39:01 +02:00
pgfed
e93cbad322 Update dovecot.spec 2020-10-19 20:12:58 +00:00
Michal Hlavinka
29ed947aae fix gssapi issue 2020-09-02 11:58:34 +02:00
Michal Hlavinka
98f6723298 fix FTBFS on 32bit systems 2020-08-26 19:06:39 +02:00
Jeff Law
b50f4be969 Disable LTO for now 2020-08-17 14:52:59 -06:00
Michal Hlavinka
8f461376e7 CVE-2020-12100: Parsing mails with a large number of MIME parts could
have resulted in excessive CPU usage or a crash due to running out of
  stack memory.
CVE-2020-12673: Dovecot's NTLM implementation does not correctly check
  message buffer size, which leads to reading past allocation which can
  lead to crash.
CVE-2020-10967: lmtp/submission: Issuing the RCPT command with an
  address that has the empty quoted string as local-part causes the lmtp
  service to crash.
CVE-2020-12674: Dovecot's RPA mechanism implementation accepts
  zero-length message, which leads to assert-crash later on.
2020-08-15 18:22:04 +02:00
Fedora Release Engineering
b5c6b67b96 - Second attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2020-08-01 00:40:29 +00:00
Fedora Release Engineering
1d11ef9e94 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2020-07-27 15:41:53 +00:00
Troy Dawson
9aea43c6d8 spec file cleanup 2020-07-16 06:53:01 -07:00
Michal Hlavinka
4e11662dbe dovecot updated to 2.3.10.1
fixes CVE-2020-10967, CVE-2020-10958, CVE-2020-10957
2020-05-18 18:12:36 +02:00
Michal Hlavinka
64b3f1c790 dovecot updated to 2.3.10, pigeonhole updated to 0.5.10 2020-04-21 19:12:22 +02:00
Michal Hlavinka
1040ee253b dovecot updated to 2.3.9.3
fixes CVE-2020-7046: Truncated UTF-8 can be used to DoS
      submission-login and lmtp processes.
fixes CVE-2020-7957: Specially crafted mail can crash snippet generation.
2020-02-12 15:16:26 +01:00
Fedora Release Engineering
adf9e045a9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2020-01-28 16:12:26 +00:00
Michal Hlavinka
fc993dbf7d fix permissions of ghost files 2020-01-09 15:31:55 +01:00