kpriv/pkgsrc-wip
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Update to Dovecot 1.1rc3. From the release announcement mail:

Browse source 
Note that the changes for the security hole fix were quite large. I
tested with several auth configurations myself and they seemed to work,
but it's possible I left a bug somewhere in there breaking someone's
configuration. So make sure to test that it works after upgrading.

Of course it would be really nice if Dovecot had a proper test suite
where testing all configurations could be automated and run before each
release. I've already started this with my imaptest tool
(http://imapwiki.org/ImapTest), but it only does IMAP tests and a lot of
things are still missing. Some help would be nice here.

	* Fixed a security hole in blocking passdbs (MySQL always. PAM, passwd
	  and shadow if blocking=yes) where user could specify extra fields
	  in the password. The main problem here is when specifying
	  "skip_password_check" introduced in v1.0.11 for fixing master user
	  logins, allowing the user to log in as anyone without a valid
	  password.

	- mail_privileged_group was broken in some systems (OS X, Solaris?)
	- IMAP THREAD: Fixed some correctness problems
This commit is contained in:
Geert Hendrickx 2008-03-09 12:52:46 +00:00 committed by Thomas Klausner
parent f55d449bd7
commit 10d30142ed
2 changed files with 6 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
dovecot/Makefile
View file

@ -1,6 +1,6 @@
# $NetBSD: Makefile,v 1.40 2008/03/08 10:26:08 ghen Exp $
# $NetBSD: Makefile,v 1.41 2008/03/09 12:52:46 ghen Exp $
DISTNAME= dovecot-1.1.rc2
DISTNAME= dovecot-1.1.rc3
PKGNAME= ${DISTNAME:S/.rc/rc/}
CATEGORIES= mail
MASTER_SITES= http://www.dovecot.org/releases/1.1/rc/

8
dovecot/distinfo
View file

@ -1,8 +1,8 @@
$NetBSD: distinfo,v 1.28 2008/03/08 10:26:08 ghen Exp $
$NetBSD: distinfo,v 1.29 2008/03/09 12:52:46 ghen Exp $
SHA1 (dovecot-1.1.rc2.tar.gz) = 28fe4fb27c05b3f3625ca9fad311de535f1c28db
RMD160 (dovecot-1.1.rc2.tar.gz) = 3b23f36f23c1c270e9db2c469d79ead20470be48
Size (dovecot-1.1.rc2.tar.gz) = 2221209 bytes
SHA1 (dovecot-1.1.rc3.tar.gz) = 82a7f3f44b29988cfb8b7e2fe06a91174d2cc32e
RMD160 (dovecot-1.1.rc3.tar.gz) = f62fdfaef7ab9ec1433b6c2907b6b15822e305b6
Size (dovecot-1.1.rc3.tar.gz) = 2222329 bytes
SHA1 (patch-aa) = 6258057d49add91f06d4dd51ded72e42f6774354
SHA1 (patch-ab) = e298616fa4b88da4f0748b025deeedd36b5a49dd
SHA1 (patch-ac) = 55d54585f4cd5028d8c1b16c21ae354e9f1d3027