diff options
Diffstat (limited to 'user/dovecot')
-rw-r--r-- | user/dovecot/APKBUILD | 17 | ||||
-rw-r--r-- | user/dovecot/apop.patch | 40 | ||||
-rw-r--r-- | user/dovecot/test-file-cache-enomem.patch | 20 | ||||
-rw-r--r-- | user/dovecot/time64.patch | 26 |
4 files changed, 38 insertions, 65 deletions
diff --git a/user/dovecot/APKBUILD b/user/dovecot/APKBUILD index 64ac365e5..6f9a8d145 100644 --- a/user/dovecot/APKBUILD +++ b/user/dovecot/APKBUILD @@ -5,10 +5,10 @@ # Contributor: Natanael Copa <ncopa@alpinelinux.org> # Maintainer: Lee Starnes <lee@canned-death.us> pkgname=dovecot -pkgver=2.3.11.3 +pkgver=2.3.14 _pkgvermajor=2.3 pkgrel=0 -_pigeonholever=0.5.11 +_pigeonholever=0.5.14 _pigeonholevermajor=${_pigeonholever%.*} pkgdesc="IMAP and POP3 server" url="https://www.dovecot.org/" @@ -35,14 +35,17 @@ source="https://www.dovecot.org/releases/$_pkgvermajor/dovecot-$pkgver.tar.gz split-protocols.patch default-config.patch ssl-paths.patch + test-file-cache-enomem.patch time64.patch - apop.patch dovecot.logrotate dovecot.initd " _builddir_pigeonhole="$srcdir/$pkgname-$_pkgvermajor-pigeonhole-$_pigeonholever" # secfixes: +# 2.3.13-r0: +# - CVE-2020-24386 +# - CVE-2020-25275 # 2.3.11.3-r0: # - CVE-2020-12100 # - CVE-2020-12673 @@ -255,13 +258,13 @@ _submv() { done } -sha512sums="d83e52a7faab918a8e6f6257acc5936b81733c10489affd042c3a043cb842db060286cba9978be378e4958e9ac2e60b55ce289d7f3a88df08e7637e4785e23bb dovecot-2.3.11.3.tar.gz -793d93edc50192c52654e2f7244d3e01aaa4e69f786e3ecfcd658a4ab26a5099cc5319cb93221150db4ce94bc4515ffb38115b1d0eeb6e052b956efec680b33d dovecot-2.3-pigeonhole-0.5.11.tar.gz +sha512sums="69df234cb739c7ee7ae3acfb9756bc22481e94c95463d32bfac315c7ec4b1ba0dfbff552b769f2ab7ee554087ca2ebbe331aa008d3af26417016612dc7cad103 dovecot-2.3.14.tar.gz +c5d5d309769eabe2c0971646d0c14d166b6b524acf59e1069eca803f764544fa2535c09c9a630ca706aa70442b688ee26af831d29e674823bac7ea7c0e1f33cc dovecot-2.3-pigeonhole-0.5.14.tar.gz fe4fbeaedb377d809f105d9dbaf7c1b961aa99f246b77189a73b491dc1ae0aa9c68678dde90420ec53ec877c08f735b42d23edb13117d7268420e001aa30967a skip-iconv-check.patch 794875dbf0ded1e82c5c3823660cf6996a7920079149cd8eed54231a53580d931b966dfb17185ab65e565e108545ecf6591bae82f935ab1b6ff65bb8ee93d7d5 split-protocols.patch 0d8f89c7ba6f884719b5f9fc89e8b2efbdc3e181de308abf9b1c1b0e42282f4df72c7bf62f574686967c10a8677356560c965713b9d146e2770aab17e95bcc07 default-config.patch 5e68a0042a7c11b3d8c411fc157f5960e2e3305dac11f4b6b880441e2b4105769ddf6c56f67a995af6e1a58f3bfa2c199ea51318a3a0e37c7ef0ae6c4109b13f ssl-paths.patch -ee2e1916c712db77409567b4ded9c7fb7dfed295e044c19694bc369af3d4a7086caf14e97809531f76b630bc578271af6e5137985b7d4e8d2afb2a71f800912f time64.patch -7831276d17386b204ca3aed7fdd9439f00230aa345b367567133d568c07a92bec80ca7512c20b80f692f7f6809cf4a27398c9915aae763e0c9f641650540a73b apop.patch +277d0b55583908cd6c063fb190eb3d2a362a3a33306e35a069a0bca28968f11627c455887d82d01884313b7f7e18530c056bd7a4cda0a1f9c4be7065cd033aa9 test-file-cache-enomem.patch +28e0e3efcb1dd06cd971f1a8caa88989a165dbf14fdebf26ec1ab083020c6831231fec08c2a9d363e6af74003deeeb27122d044eccd02cf7945b464758e04622 time64.patch 9f19698ab45969f1f94dc4bddf6de59317daee93c9421c81f2dbf8a7efe6acf89689f1d30f60f536737bb9526c315215d2bce694db27e7b8d7896036a59c31f0 dovecot.logrotate d91951b81150d7a3ef6a674c0dc7b012f538164dac4b9d27a6801d31da6813b764995a438f69b6a680463e1b60a3b4f2959654f68e565fe116ea60312d5e5e70 dovecot.initd" diff --git a/user/dovecot/apop.patch b/user/dovecot/apop.patch deleted file mode 100644 index a75c770e5..000000000 --- a/user/dovecot/apop.patch +++ /dev/null @@ -1,40 +0,0 @@ -From d1c5d356f36aaf9c32708cc6960fcaebe1cf6e63 Mon Sep 17 00:00:00 2001 -From: Paul Howarth <paul@city-fan.org> -Date: Sun, 16 Aug 2020 20:32:03 +0100 -Subject: [PATCH] Fix APOP test failure on 32-bit systems - -The challenge timestamp is read as a hex number in mech_apop_auth_initial() -so it should be written as hex, not decimal. - -Also fix compiler warnings for 32-bit architectures. ---- - src/auth/test-mech.c | 6 +++--- - 1 file changed, 3 insertions(+), 3 deletions(-) - -diff --git a/src/auth/test-mech.c b/src/auth/test-mech.c -index cf05370035..db9f85ccfc 100644 ---- a/src/auth/test-mech.c -+++ b/src/auth/test-mech.c -@@ -192,11 +192,11 @@ static void test_mech_handle_challenge(struct auth_request *request, - } - - static inline const unsigned char * --test_mech_construct_apop_challenge(unsigned int connect_uid, unsigned long *len_r) -+test_mech_construct_apop_challenge(unsigned int connect_uid, size_t *len_r) - { - string_t *apop_challenge = t_str_new(128); - -- str_printfa(apop_challenge,"<%lx.%u.%"PRIdTIME_T"", (unsigned long) getpid(), -+ str_printfa(apop_challenge,"<%lx.%u.%"PRIxTIME_T"", (unsigned long) getpid(), - connect_uid, process_start_time+10); - str_append_data(apop_challenge, "\0testuser\0responseoflen16-", 26); - *len_r = apop_challenge->used; -@@ -323,7 +323,7 @@ static void test_mechs(void) - struct test_case *test_case = &tests[running_test]; - const struct mech_module *mech = test_case->mech; - struct auth_request *request; -- const char *testname = t_strdup_printf("auth mech %s %d/%lu", -+ const char *testname = t_strdup_printf("auth mech %s %d/%zu", - mech->mech_name, - running_test+1, - N_ELEMENTS(tests)); diff --git a/user/dovecot/test-file-cache-enomem.patch b/user/dovecot/test-file-cache-enomem.patch new file mode 100644 index 000000000..536b857de --- /dev/null +++ b/user/dovecot/test-file-cache-enomem.patch @@ -0,0 +1,20 @@ +--- a/src/lib/test-file-cache.c 2021-01-05 14:10:50.160000000 +0000 ++++ b/src/lib/test-file-cache.c 2021-01-05 14:10:50.160000000 +0000 +@@ -263,7 +263,7 @@ + }; + const char *errstr = + t_strdup_printf("mmap_anon(.test_file_cache, %zu) failed: " +- "Cannot allocate memory", page_size); ++ "Out of memory", page_size); + test_assert(setrlimit(RLIMIT_AS, &rl_new) == 0); + test_expect_error_string(errstr); + test_assert(file_cache_set_size(cache, 1024) == -1); +@@ -271,7 +271,7 @@ + + /* same for mremap */ + errstr = t_strdup_printf("mremap_anon(.test_file_cache, %zu) failed: " +- "Cannot allocate memory", page_size*2); ++ "Out of memory", page_size*2); + test_assert(file_cache_set_size(cache, 1) == 0); + test_assert(setrlimit(RLIMIT_AS, &rl_new) == 0); + test_expect_error_string(errstr); diff --git a/user/dovecot/time64.patch b/user/dovecot/time64.patch index c6f8e6261..4cd5c46e1 100644 --- a/user/dovecot/time64.patch +++ b/user/dovecot/time64.patch @@ -1,27 +1,17 @@ ---- dovecot-2.3.11.3/src/lib-oauth2/oauth2-jwt.c.old 2020-08-12 12:20:41.000000000 +0000 -+++ dovecot-2.3.11.3/src/lib-oauth2/oauth2-jwt.c 2020-09-15 14:21:24.285796733 +0000 -@@ -31,13 +31,13 @@ +--- dovecot-2.3.14.orig/src/lib-oauth2/oauth2-jwt.c 2021-03-13 23:56:53.250000000 +0000 ++++ dovecot-2.3.14/src/lib-oauth2/oauth2-jwt.c 2021-03-13 23:57:23.640000000 +0000 +@@ -31,7 +31,7 @@ } - static int get_time_field(const struct json_tree *tree, const char *key, -- long *value_r) -+ long long *value_r) + static int +-get_time_field(const struct json_tree *tree, const char *key, long *value_r) ++get_time_field(const struct json_tree *tree, const char *key, long long *value_r) { const char *value = get_field(tree, key); int tz_offset ATTR_UNUSED; - if (value == NULL) - return 0; -- if ((str_to_long(value, value_r) < 0 && -+ if ((str_to_llong(value, value_r) < 0 && - !iso8601_date_parse((const unsigned char*)value, strlen(value), - value_r, &tz_offset)) || - *value_r < 0) -@@ -283,9 +283,9 @@ - const char *sub = get_field(tree, "sub"); - +@@ -313,7 +313,7 @@ int ret; -- long t0 = time(NULL); -+ long long t0 = time(NULL); + long t0 = time(NULL); /* default IAT and NBF to now */ - long iat, nbf, exp; + long long iat, nbf, exp; |