Hello community, here is the log from the commit of package cyrus-imapd for openSUSE:Factory checked in at Mon Jun 20 14:02:16 CEST 2011. -------- --- cyrus-imapd/cyrus-imapd.changes 2011-05-23 16:18:17.000000000 +0200 +++ /mounts/work_src_done/STABLE/cyrus-imapd/cyrus-imapd.changes 2011-06-20 11:52:20.000000000 +0200 @@ -1,0 +2,7 @@ +Mon Jun 20 09:50:50 UTC 2011 - rhafer@suse.de + +- TLS initialization failures could lead to a bdb resource leak + resulting lmtpd to stop delivering mails. (bnc#606710, + cyrus-bug#3252) + +------------------------------------------------------------------- calling whatdependson for head-i586 New: ---- cyrus-imapd_tls-session-leak.dif ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ cyrus-imapd.spec ++++++ --- /var/tmp/diff_new_pack.DRQ2SB/_old 2011-06-20 14:01:12.000000000 +0200 +++ /var/tmp/diff_new_pack.DRQ2SB/_new 2011-06-20 14:01:12.000000000 +0200 @@ -57,7 +57,7 @@ %endif Summary: The Cyrus IMAP and POP Mail Server Version: 2.3.16 -Release: 18 +Release: 20 Source: %{prjname}-%{version}.tar.bz2 Source1: cyrus-imapd-rc.tar.gz Source2: DB_CONFIG @@ -75,6 +75,7 @@ Patch19: cyrus-imapd-libdb-4_8.patch Patch20: cyrus-imapd-perl-5.14.patch Patch21: cyrus-imapd-STARTTLS-plaintext-command-injection.patch +Patch22: cyrus-imapd_tls-session-leak.dif %if %{with_kolab} # KOLAB_cyrus-imapd patches are maintained at @@ -189,6 +190,7 @@ %patch19 -p1 %patch20 -p1 %patch21 -p1 +%patch22 -p1 %if %{with_kolab} %patch100 -p1 ++++++ cyrus-imapd_tls-session-leak.dif ++++++ Index: cyrus-imapd-2.3.16/imap/tls.c =================================================================== --- cyrus-imapd-2.3.16.orig/imap/tls.c +++ cyrus-imapd-2.3.16/imap/tls.c @@ -714,6 +714,10 @@ int tls_init_serverengine(const char if (!SSL_CTX_set_cipher_list(s_ctx, cipher_list)) { syslog(LOG_ERR,"TLS server engine: cannot load cipher list '%s'", cipher_list); + if ( sess_dbopen && (DB->close)(sessdb) ) { + syslog(LOG_ERR, "DBERROR: error closing tlsdb: %s", + cyrusdb_strerror(r)); + } return (-1); } @@ -731,6 +735,10 @@ int tls_init_serverengine(const char if (!set_cert_stuff(s_ctx, s_cert_file, s_key_file)) { syslog(LOG_ERR,"TLS server engine: cannot load cert/key data"); + if ( sess_dbopen && (DB->close)(sessdb) ) { + syslog(LOG_ERR, "DBERROR: error closing tlsdb: %s", + cyrusdb_strerror(r)); + } return (-1); } SSL_CTX_set_tmp_rsa_callback(s_ctx, tmp_rsa_cb); ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org