From d8d3b259d77102c8ec2fa44bffbfa6a5c0d1fd2a Mon Sep 17 00:00:00 2001 From: Lee Starnes Date: Tue, 5 Jan 2021 14:31:29 +0000 Subject: user/dovecot: security bump to 2.3.13 - Fix CVE-2020-25275 and CVE-2020-24386 - apop.patch is no longer needed - Added patch to handle hardcoded message differing with musl --- user/dovecot/APKBUILD | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) (limited to 'user/dovecot/APKBUILD') diff --git a/user/dovecot/APKBUILD b/user/dovecot/APKBUILD index 64ac365e5..b7aaceef8 100644 --- a/user/dovecot/APKBUILD +++ b/user/dovecot/APKBUILD @@ -5,10 +5,10 @@ # Contributor: Natanael Copa # Maintainer: Lee Starnes pkgname=dovecot -pkgver=2.3.11.3 +pkgver=2.3.13 _pkgvermajor=2.3 pkgrel=0 -_pigeonholever=0.5.11 +_pigeonholever=0.5.13 _pigeonholevermajor=${_pigeonholever%.*} pkgdesc="IMAP and POP3 server" url="https://www.dovecot.org/" @@ -35,14 +35,17 @@ source="https://www.dovecot.org/releases/$_pkgvermajor/dovecot-$pkgver.tar.gz split-protocols.patch default-config.patch ssl-paths.patch + test-file-cache-enomem.patch time64.patch - apop.patch dovecot.logrotate dovecot.initd " _builddir_pigeonhole="$srcdir/$pkgname-$_pkgvermajor-pigeonhole-$_pigeonholever" # secfixes: +# 2.3.13-r0: +# - CVE-2020-24386 +# - CVE-2020-25275 # 2.3.11.3-r0: # - CVE-2020-12100 # - CVE-2020-12673 @@ -255,13 +258,13 @@ _submv() { done } -sha512sums="d83e52a7faab918a8e6f6257acc5936b81733c10489affd042c3a043cb842db060286cba9978be378e4958e9ac2e60b55ce289d7f3a88df08e7637e4785e23bb dovecot-2.3.11.3.tar.gz -793d93edc50192c52654e2f7244d3e01aaa4e69f786e3ecfcd658a4ab26a5099cc5319cb93221150db4ce94bc4515ffb38115b1d0eeb6e052b956efec680b33d dovecot-2.3-pigeonhole-0.5.11.tar.gz +sha512sums="758a169fba8925637ed18fa7522a6f06c9fe01a1707b1ca0d0a4d8757c578a8e117c91733e8314403839f9a484bbcac71ce3532c82379eb583b480756d556a95 dovecot-2.3.13.tar.gz +fcbc13d71af4e6dd4e34192484e203d755e5015da76a4774b11a79182b2baad36cab5a471346093111ace36a7775dfe8294555f8b777786dde386820b3ec5cd3 dovecot-2.3-pigeonhole-0.5.13.tar.gz fe4fbeaedb377d809f105d9dbaf7c1b961aa99f246b77189a73b491dc1ae0aa9c68678dde90420ec53ec877c08f735b42d23edb13117d7268420e001aa30967a skip-iconv-check.patch 794875dbf0ded1e82c5c3823660cf6996a7920079149cd8eed54231a53580d931b966dfb17185ab65e565e108545ecf6591bae82f935ab1b6ff65bb8ee93d7d5 split-protocols.patch 0d8f89c7ba6f884719b5f9fc89e8b2efbdc3e181de308abf9b1c1b0e42282f4df72c7bf62f574686967c10a8677356560c965713b9d146e2770aab17e95bcc07 default-config.patch 5e68a0042a7c11b3d8c411fc157f5960e2e3305dac11f4b6b880441e2b4105769ddf6c56f67a995af6e1a58f3bfa2c199ea51318a3a0e37c7ef0ae6c4109b13f ssl-paths.patch +277d0b55583908cd6c063fb190eb3d2a362a3a33306e35a069a0bca28968f11627c455887d82d01884313b7f7e18530c056bd7a4cda0a1f9c4be7065cd033aa9 test-file-cache-enomem.patch ee2e1916c712db77409567b4ded9c7fb7dfed295e044c19694bc369af3d4a7086caf14e97809531f76b630bc578271af6e5137985b7d4e8d2afb2a71f800912f time64.patch -7831276d17386b204ca3aed7fdd9439f00230aa345b367567133d568c07a92bec80ca7512c20b80f692f7f6809cf4a27398c9915aae763e0c9f641650540a73b apop.patch 9f19698ab45969f1f94dc4bddf6de59317daee93c9421c81f2dbf8a7efe6acf89689f1d30f60f536737bb9526c315215d2bce694db27e7b8d7896036a59c31f0 dovecot.logrotate d91951b81150d7a3ef6a674c0dc7b012f538164dac4b9d27a6801d31da6813b764995a438f69b6a680463e1b60a3b4f2959654f68e565fe116ea60312d5e5e70 dovecot.initd" -- cgit v1.2.3-60-g2f50