Commit Graph

414 Commits

Author SHA1 Message Date
Michal Hlavinka
f8f94ccbdf dovecot updated to 2.3.13, pigeonhole to 0.5.13
CVE-2020-24386: Specially crafted command can cause IMAP hibernate to
  allow logged in user to access other people's emails and filesystem
  information.
Metric filter and global event filter variable syntax changed to a
  SQL-like format.
auth: Added new aliases for %{variables}. Usage of the old ones is
  possible, but discouraged.
auth: Removed RPA auth mechanism, SKEY auth mechanism, NTLM auth
  mechanism and related password schemes.
auth: Removed passdb-sia, passdb-vpopmail and userdb-vpopmail.
auth: Removed postfix postmap socket
2021-01-04 19:46:26 +01:00
Michal Hlavinka
5e0f363767 change run directory from /var/run to /run (#1777922) 2021-01-04 10:18:56 +01:00
Tom Stellard
b73f4c06b0 Add BuildRequires: make
https://fedoraproject.org/wiki/Changes/Remove_make_from_BuildRoot
2020-12-17 04:42:04 +00:00
Michal Hlavinka
4ca072df4d enable zstd support 2020-10-20 15:39:01 +02:00
pgfed
e93cbad322 Update dovecot.spec 2020-10-19 20:12:58 +00:00
Michal Hlavinka
29ed947aae fix gssapi issue 2020-09-02 11:58:34 +02:00
Michal Hlavinka
98f6723298 fix FTBFS on 32bit systems 2020-08-26 19:06:39 +02:00
Jeff Law
b50f4be969 Disable LTO for now 2020-08-17 14:52:59 -06:00
Michal Hlavinka
8f461376e7 CVE-2020-12100: Parsing mails with a large number of MIME parts could
have resulted in excessive CPU usage or a crash due to running out of
  stack memory.
CVE-2020-12673: Dovecot's NTLM implementation does not correctly check
  message buffer size, which leads to reading past allocation which can
  lead to crash.
CVE-2020-10967: lmtp/submission: Issuing the RCPT command with an
  address that has the empty quoted string as local-part causes the lmtp
  service to crash.
CVE-2020-12674: Dovecot's RPA mechanism implementation accepts
  zero-length message, which leads to assert-crash later on.
2020-08-15 18:22:04 +02:00
Fedora Release Engineering
b5c6b67b96 - Second attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2020-08-01 00:40:29 +00:00
Fedora Release Engineering
1d11ef9e94 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2020-07-27 15:41:53 +00:00
Troy Dawson
9aea43c6d8 spec file cleanup 2020-07-16 06:53:01 -07:00
Michal Hlavinka
4e11662dbe dovecot updated to 2.3.10.1
fixes CVE-2020-10967, CVE-2020-10958, CVE-2020-10957
2020-05-18 18:12:36 +02:00
Michal Hlavinka
64b3f1c790 dovecot updated to 2.3.10, pigeonhole updated to 0.5.10 2020-04-21 19:12:22 +02:00
Michal Hlavinka
1040ee253b dovecot updated to 2.3.9.3
fixes CVE-2020-7046: Truncated UTF-8 can be used to DoS
      submission-login and lmtp processes.
fixes CVE-2020-7957: Specially crafted mail can crash snippet generation.
2020-02-12 15:16:26 +01:00
Fedora Release Engineering
adf9e045a9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2020-01-28 16:12:26 +00:00
Michal Hlavinka
fc993dbf7d fix permissions of ghost files 2020-01-09 15:31:55 +01:00
Michal Hlavinka
deb9d38bed CVE-2019-19722: Mails with group addresses in From or To fields
caused crash in push notification drivers.
2019-12-19 15:17:08 +01:00
Michal Hlavinka
29bbb4096a dovecot updated to 2.3.9, pigeonhole updated to 0.5.9 2019-12-05 18:10:32 +01:00
Michal Hlavinka
71a430ba9d dovecot updated to 2.3.8, pigeonhole 0.5.8 2019-10-10 13:59:30 +02:00
Michal Hlavinka
2a068bb479 add more buildrequires 2019-10-10 13:04:27 +02:00
Michal Hlavinka
c4e66bf297 dovecot updated to 2.3.7.2, pigeonhole 0.5.7.2
fixes CVE-2019-11500: IMAP protocol parser does not properly handle NUL byte
  when scanning data in quoted strings, leading to out of bounds heap
  memory writes
2019-08-29 09:44:35 +02:00
Michal Hlavinka
581436bcf3 dovecot updated to 2.3.7.1, pigeonhole updated to 0.5.7.1 2019-08-19 15:25:24 +02:00
Fedora Release Engineering
3797f0a352 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2019-07-24 22:19:32 +00:00
Michal Hlavinka
4f0fa7c121 disable gcc 9 stack reuse temporarily 2019-05-31 12:42:18 +02:00
Michal Hlavinka
b242522b1e use /run instead of /var/run (#1706372) 2019-05-13 16:15:48 +02:00
Michal Hlavinka
82caf4b446 dovecot updated to 2.3.6, pigeonhole updated to 0.5.6 2019-05-02 13:49:42 +02:00
Michal Hlavinka
e9463061ff dovecot updated to 2.3.5.2
fixes CVE-2019-10691: Trying to login with 8bit username containing
  invalid UTF8 input causes auth process to crash if auth policy is enabled.
2019-04-18 14:45:08 +02:00
Michal Hlavinka
b9ba0bbcd9 dovecot updated to 2.3.5.1
CVE-2019-7524: Missing input buffer size validation leads into
  arbitrary buffer overflow when reading fts or pop3 uidl header
  from Dovecot index.
2019-03-28 14:56:50 +01:00
Michal Hlavinka
04058156dc dovecot updated to 2.3.5, pigeonhole updated to 0.5.5 2019-03-06 15:41:52 +01:00
Fedora Release Engineering
436dc795a1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2019-01-31 17:32:20 +00:00
Igor Gnatenko
b41067db5b Remove obsolete Group tag
References: https://fedoraproject.org/wiki/Changes/Remove_Group_Tag
2019-01-28 20:23:59 +01:00
Björn Esser
751cddedc2
Rebuilt for libcrypt.so.2 (#1666033) 2019-01-14 19:00:28 +01:00
Michal Hlavinka
d111f39fa0 fix tests 2019-01-09 17:46:45 +01:00
Michal Hlavinka
aa4c0451e3 dovecot updated to 2.3.4, pigeonhole updated to 0.5.4 2019-01-09 17:09:09 +01:00
Michal Hlavinka
6d73939b5f dovecot updated to 2.3.3, pigeonhole pdated to 0.5.3
doveconf hides more secrets now in the default output
NUL bytes in mail headers can cause truncated replies when fetched.
virtual plugin: Some searches used 100% CPU for many seconds
dsync assert-crashed with acl plugin in some situations.
imapc: Fixed various assert-crashes when reconnecting to server.
2018-10-02 10:41:13 +02:00
Michal Hlavinka
ac25631e92 fix dovecot-init service syntax error (#1635017) 2018-10-02 10:36:12 +02:00
Pavel Raiskup
571d3e074e BuildRequires: s/postgresql-devel/libpq-devel/
That's because we moved libpq.so.5 into libpq package.

Related: rhbz#1618698, rhbz#1623764
2018-09-05 15:07:12 +02:00
Michal Hlavinka
0813442466 do not try to generate ssl-params as its obsolete (#1614640) 2018-08-13 17:51:07 +02:00
Fedora Release Engineering
97ed87d151 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2018-07-12 23:06:07 +00:00
Michal Hlavinka
5cdfe068e4 SSL/TLS servers may have crashed during client disconnection 2018-07-10 09:19:54 +02:00
Michal Hlavinka
d8aa10f515 add compression test suite assert crash fix 2018-07-09 14:03:21 +02:00
Michal Hlavinka
b6cdfb140c dovecot updated to 2.3.2, pigeonhole to 0.5.2 2018-07-09 12:09:49 +02:00
Michal Hlavinka
f874d6b553 fix typo and add c++ BR 2018-04-19 16:20:52 +02:00
Michal Hlavinka
8a7475f62a fix ftbfs - murmurhash3 check fail 2018-03-28 16:20:45 +02:00
Michal Hlavinka
4e81ae6930 dovecot updated to 2.3.1, pigeonhole updated to 0.5.1 2018-03-28 10:43:59 +02:00
Michal Hlavinka
233f79dabd use libxcrypt for Fedora >= 28, part of ftbfs fix (#1548520) 2018-03-27 12:40:22 +02:00
Michal Hlavinka
6f1094ca9f add gcc buildrequire 2018-03-21 17:17:24 +01:00
Michal Hlavinka
88a20bf4a4 dovecot updated to 2.3.0.1, pigeonhole updated to 0.5.0.1 2018-03-01 14:04:22 +01:00
Igor Gnatenko
203deaf4c3
Escape macros in %changelog
Reference: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/thread/Y2ZUKK2B7T2IKXPMODNF6HB2O5T5TS6H/
Signed-off-by: Igor Gnatenko <ignatenkobrain@fedoraproject.org>
2018-02-09 09:04:23 +01:00