Mailinglist Archive: opensuse-commit (1903 mails)

< Previous Next >
commit dovecot23 for openSUSE:Factory
Hello community,

here is the log from the commit of package dovecot23 for openSUSE:Factory
checked in at 2019-04-19 18:38:42
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/dovecot23 (Old)
and /work/SRC/openSUSE:Factory/.dovecot23.new.5536 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "dovecot23"

Fri Apr 19 18:38:42 2019 rev:17 rq:695556 version:2.3.5.2

Changes:
--------
--- /work/SRC/openSUSE:Factory/dovecot23/dovecot23.changes 2019-04-04
15:27:27.338899173 +0200
+++ /work/SRC/openSUSE:Factory/.dovecot23.new.5536/dovecot23.changes
2019-04-19 18:38:46.763214914 +0200
@@ -1,0 +2,11 @@
+Thu Apr 18 11:40:06 UTC 2019 - Marcus Rueckert <mrueckert@xxxxxxx>
+
+- update to 2.3.5.2 (boo#1132501)
+ * CVE-2019-10691: Trying to login with 8bit username containing
+ invalid UTF8 input causes auth process to crash if auth policy
+ is enabled. This could be used rather easily to cause a DoS.
+ Similar crash also happens during mail delivery when using
+ invalid UTF8 in From or Subject header when OX push
+ notification driver is used.
+
+-------------------------------------------------------------------
@@ -4 +15 @@
-- update to 2.3.5.1
+- update to 2.3.5.1 (boo#1130116)

Old:
----
dovecot-2.3.5.1.tar.gz
dovecot-2.3.5.1.tar.gz.sig

New:
----
dovecot-2.3.5.2.tar.gz
dovecot-2.3.5.2.tar.gz.sig

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ dovecot23.spec ++++++
--- /var/tmp/diff_new_pack.UN8HQh/_old 2019-04-19 18:38:48.667217332 +0200
+++ /var/tmp/diff_new_pack.UN8HQh/_new 2019-04-19 18:38:48.671217337 +0200
@@ -17,10 +17,10 @@


Name: dovecot23
-Version: 2.3.5.1
+Version: 2.3.5.2
Release: 0
%define pkg_name dovecot
-%define dovecot_version 2.3.5.1
+%define dovecot_version 2.3.5.2
%define dovecot_pigeonhole_version 0.5.5
%define dovecot_branch 2.3
%define dovecot_pigeonhole_source_dir
%{pkg_name}-%{dovecot_branch}-pigeonhole-%{dovecot_pigeonhole_version}


++++++ dovecot-2.3.5.1.tar.gz -> dovecot-2.3.5.2.tar.gz ++++++
/work/SRC/openSUSE:Factory/dovecot23/dovecot-2.3.5.1.tar.gz
/work/SRC/openSUSE:Factory/.dovecot23.new.5536/dovecot-2.3.5.2.tar.gz differ:
char 5, line 1



< Previous Next >
This Thread