c6d08e3b4c
Update dovecot2 to 2.3.10.1. v2.3.10.1 2020-05-18 Aki Tuomi <aki.tuomi@open-xchange.com> - CVE-2020-10957: lmtp/submission: A client can crash the server by sending a NOOP command with an invalid string parameter. This occurs particularly for a parameter that doesn't start with a double quote. This applies to all SMTP services, including submission-login, which makes it possible to crash the submission service without authentication. - CVE-2020-10958: lmtp/submission: Sending many invalid or unknown commands can cause the server to access freed memory, which can lead to a server crash. This happens when the server closes the connection with a "421 Too many invalid commands" error. The bad command limit depends on the service (lmtp or submission) and varies between 10 to 20 bad commands. - CVE-2020-10967: lmtp/submission: Issuing the RCPT command with an address that has the empty quoted string as local-part causes the lmtp service to crash.
62 lines
1.8 KiB
Text
62 lines
1.8 KiB
Text
# $NetBSD: Makefile.common,v 1.40 2020/05/18 14:20:46 taca Exp $
|
|
#
|
|
# when updating to a new release, update ABI depends in
|
|
# the buildlink3.mk file as well, since the plugins' version
|
|
# must match (see PR 49563).
|
|
#
|
|
# used by mail/dovecot2/Makefile
|
|
# used by mail/dovecot2-gssapi/Makefile
|
|
# used by mail/dovecot2-ldap/Makefile
|
|
# used by mail/dovecot2-mysql/Makefile
|
|
# used by mail/dovecot2-pgsql/Makefile
|
|
# used by mail/dovecot2-sqlite/Makefile
|
|
|
|
DISTNAME= dovecot-2.3.10.1
|
|
CATEGORIES= mail
|
|
MASTER_SITES= https://dovecot.org/releases/${PKGVERSION_NOREV:R:R}/
|
|
|
|
MAINTAINER= adam@NetBSD.org
|
|
HOMEPAGE= https://www.dovecot.org/
|
|
COMMENT= Secure IMAP and POP3 server
|
|
LICENSE= mit AND gnu-lgpl-v2.1 AND modified-bsd
|
|
|
|
DISTINFO_FILE= ${.CURDIR}/../../mail/dovecot2/distinfo
|
|
PATCHDIR= ${.CURDIR}/../../mail/dovecot2/patches
|
|
|
|
USE_LIBTOOL= yes
|
|
USE_TOOLS+= gmake pkg-config rpcgen bash:run
|
|
GNU_CONFIGURE= yes
|
|
|
|
BUILD_DEFS+= VARBASE
|
|
|
|
.include "../../mk/bsd.prefs.mk"
|
|
|
|
.if "${PKGPATH}" != "mail/dovecot2"
|
|
DEPENDS+= dovecot>=${PKGVERSION_NOREV}{nb*,}:../../mail/dovecot2
|
|
.endif
|
|
|
|
CONFIGURE_ARGS+= --localstatedir=${VARBASE}
|
|
CONFIGURE_ARGS+= --sysconfdir=${PKG_SYSCONFDIR}
|
|
CONFIGURE_ARGS+= --with-ssldir=${SSLDIR}
|
|
CONFIGURE_ARGS+= --without-gssapi
|
|
CONFIGURE_ARGS+= --without-ldap
|
|
|
|
# Leave pkgsrc to enable compiler security features as appropriate.
|
|
CONFIGURE_ARGS+= --disable-hardening
|
|
|
|
# Enable generic SQL backend support
|
|
CONFIGURE_ARGS+= --with-sql
|
|
|
|
TEST_TARGET= check
|
|
|
|
# Explicitly disable epoll/inotify on illumos, dovecot assumes Linux-specific
|
|
# implementation details.
|
|
CONFIGURE_ARGS.SunOS+= --with-ioloop=poll
|
|
CONFIGURE_ARGS.SunOS+= --with-notify=none
|
|
|
|
.include "options.mk"
|
|
|
|
.include "../../archivers/bzip2/buildlink3.mk"
|
|
.include "../../archivers/lz4/buildlink3.mk"
|
|
.include "../../archivers/xz/buildlink3.mk"
|
|
.include "../../devel/zlib/buildlink3.mk"
|