kpriv/freebsd-ports
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

mail/dovecot: upgrade to 2.3.5.1.

Browse source 
* CVE-2019-7524: Missing input buffer size validation leads into
      arbitrary buffer overflow when reading fts or pop3 uidl header
      from Dovecot index. Exploiting this requires direct write access to
      the index files.

MFH:		2019Q1
Security:	CVE-2019-7524
This commit is contained in:
Larry Rosenman 2019-03-28 12:24:41 +00:00
parent c32d138002
commit 0c2a225328
Notes: svn2git 2021-03-31 03:12:20 +00:00 
svn path=/head/; revision=497015
2 changed files with 4 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
mail/dovecot/Makefile
View file

@ -7,8 +7,7 @@
######################################################################
PORTNAME= dovecot
PORTVERSION= 2.3.5
PORTREVISION= 1
PORTVERSION= 2.3.5.1
CATEGORIES= mail ipv6
MASTER_SITES= https://www.dovecot.org/releases/2.3/

6
mail/dovecot/distinfo
View file

@ -1,3 +1,3 @@
TIMESTAMP = 1551804380
SHA256 (dovecot-2.3.5.tar.gz) = bfe112ec6d11f7d6c6f7f0440e3b6e2c840c15cec1e99466b5495765d54aaaff
SIZE (dovecot-2.3.5.tar.gz) = 6970480
TIMESTAMP = 1553773734
SHA256 (dovecot-2.3.5.1.tar.gz) = d78f9d479e3b2caa808160f86bfec1c9c7b46344d8b14b88f5fa9bbbf8c7c33f
SIZE (dovecot-2.3.5.1.tar.gz) = 6953150