Commit Graph

6 Commits

Author SHA1 Message Date
Michal Hlavinka
e62c64f4af updated to 2.3.19, pigeonhole to 0.5.19 2022-05-30 21:01:34 +02:00
Michal Hlavinka
f9a454dd49 updated to 2.3.18, pigeonhole to 0.5.18 2022-02-09 10:15:45 +01:00
Michal Hlavinka
0874a3628a dovecot updated to 2.3.17.1, pigeonhole to 0.5.17.1
dsync: Add back accidentically removed parameters.
lib-ssl-iostream: Fix assert-crash when OpenSSL returned syscall error
  without errno.
dovecot, managesieve and sieve-tool failed to run if ssl_ca was too large.
2021-12-07 22:22:53 +01:00
Michal Hlavinka
00e2d87780 dovecot updated to 2.3.17, pigeonhole to 0.5.17 2021-11-02 21:53:11 +01:00
Michal Hlavinka
5a2167681c dovecot updated to 2.3.16, pigeonhole to 0.5.16
fixes several regressions
2021-08-20 21:40:35 +02:00
Michal Hlavinka
f838a05fb9 dovecot updated to 2.3.15, pigeonhole updated to 0.5.15
CVE-2021-29157: Dovecot does not correctly escape kid and azp fields in
  JWT tokens. This may be used to supply attacker controlled keys to
  validate tokens, if attacker has local access.
CVE-2021-33515: On-path attacker could have injected plaintext commands
  before STARTTLS negotiation that would be executed after STARTTLS
  finished with the client.
Add TSLv1.3 support to min_protocols.
Allow configuring ssl_cipher_suites. (for TLSv1.3+)
2021-06-21 23:25:54 +02:00