diff options
author | Larry Rosenman <ler@FreeBSD.org> | 2019-08-28 15:59:59 +0000 |
---|---|---|
committer | Larry Rosenman <ler@FreeBSD.org> | 2019-08-28 15:59:59 +0000 |
commit | 3d824592bda988e6d8b3379d3410c6f5bc862dc4 (patch) | |
tree | 229dd553c8a36baddda5bd2b9492354e6d709cd4 | |
parent | 45bb6e18ebb43b223cc4a50a7e064d8b90fb56d5 (diff) | |
download | ports-3d824592bda988e6d8b3379d3410c6f5bc862dc4.tar.gz ports-3d824592bda988e6d8b3379d3410c6f5bc862dc4.zip |
mail/dovecot,mail/dovecot-pigeonhole: fix CVE-2019-11500
Changes
-------
* CVE-2019-11500: IMAP protocol parser does not properly handle NUL byte
when scanning data in quoted strings, leading to out of bounds heap
memory writes. Found by Nick Roessler and Rafi Rubin.
MFH: 2019Q3
Security: CVE-2019-11500
Notes
Notes:
svn path=/head/; revision=510075
-rw-r--r-- | mail/dovecot-pigeonhole/Makefile | 7 | ||||
-rw-r--r-- | mail/dovecot-pigeonhole/distinfo | 6 | ||||
-rw-r--r-- | mail/dovecot/Makefile | 2 | ||||
-rw-r--r-- | mail/dovecot/distinfo | 6 |
4 files changed, 10 insertions, 11 deletions
diff --git a/mail/dovecot-pigeonhole/Makefile b/mail/dovecot-pigeonhole/Makefile index 216d4c096106..f2ccd0ba551c 100644 --- a/mail/dovecot-pigeonhole/Makefile +++ b/mail/dovecot-pigeonhole/Makefile @@ -2,8 +2,7 @@ # $FreeBSD$ PORTNAME= dovecot-pigeonhole -PORTVERSION= 0.5.7.1 -PORTREVISION= 1 +PORTVERSION= 0.5.7.2 CATEGORIES= mail MASTER_SITES= http://pigeonhole.dovecot.org/releases/${DOVECOTVERSION}/ DISTNAME= ${PORTNAME:C/-/-${DOVECOTVERSION}-/}-${PORTVERSION} @@ -13,8 +12,8 @@ COMMENT= Sieve plugin for the Dovecot 'deliver' LDA and LMTP LICENSE= LGPL21 -BUILD_DEPENDS= dovecot>=2.3.6:mail/dovecot -RUN_DEPENDS= dovecot>=2.3.6:mail/dovecot +BUILD_DEPENDS= dovecot>=2.3.7:mail/dovecot +RUN_DEPENDS= dovecot>=2.3.7:mail/dovecot DOVECOTVERSION= 2.3 diff --git a/mail/dovecot-pigeonhole/distinfo b/mail/dovecot-pigeonhole/distinfo index 8bd6019b3e3e..dcefdc9d94a3 100644 --- a/mail/dovecot-pigeonhole/distinfo +++ b/mail/dovecot-pigeonhole/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1563891950 -SHA256 (dovecot-2.3-pigeonhole-0.5.7.1.tar.gz) = 3270b24c1f75a7c144f54d6d08ce994176e39c2cdb3ac4dd80ad5e64aaaa2028 -SIZE (dovecot-2.3-pigeonhole-0.5.7.1.tar.gz) = 1857291 +TIMESTAMP = 1567007127 +SHA256 (dovecot-2.3-pigeonhole-0.5.7.2.tar.gz) = d59d0c5c5225a126e5b98bf95d75e8dd368bdeeb3da2e9766dbe4fddaa9411b0 +SIZE (dovecot-2.3-pigeonhole-0.5.7.2.tar.gz) = 1857602 diff --git a/mail/dovecot/Makefile b/mail/dovecot/Makefile index 45e63dcec97c..0e5702287b7e 100644 --- a/mail/dovecot/Makefile +++ b/mail/dovecot/Makefile @@ -7,7 +7,7 @@ ###################################################################### PORTNAME= dovecot -PORTVERSION= 2.3.7.1 +PORTVERSION= 2.3.7.2 CATEGORIES= mail ipv6 MASTER_SITES= https://dovecot.org/releases/2.3/ diff --git a/mail/dovecot/distinfo b/mail/dovecot/distinfo index 679bd62996c1..d0bd6801671f 100644 --- a/mail/dovecot/distinfo +++ b/mail/dovecot/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1563891542 -SHA256 (dovecot-2.3.7.1.tar.gz) = c5a51d6f76e6e9c843df69e52a364a4c65c4c60e0c51d992eaa45f22f71803c3 -SIZE (dovecot-2.3.7.1.tar.gz) = 7076500 +TIMESTAMP = 1567006255 +SHA256 (dovecot-2.3.7.2.tar.gz) = 666ce084760a47e601d49a9be3c7993c48789d332631e8dfb45f443b367b1260 +SIZE (dovecot-2.3.7.2.tar.gz) = 7076231 |