diff options
author | Larry Rosenman <ler@FreeBSD.org> | 2019-08-28 15:59:59 +0000 |
---|---|---|
committer | Larry Rosenman <ler@FreeBSD.org> | 2019-08-28 15:59:59 +0000 |
commit | 3d824592bda988e6d8b3379d3410c6f5bc862dc4 (patch) | |
tree | 229dd553c8a36baddda5bd2b9492354e6d709cd4 /mail/dovecot-pigeonhole | |
parent | 45bb6e18ebb43b223cc4a50a7e064d8b90fb56d5 (diff) | |
download | ports-3d824592bda988e6d8b3379d3410c6f5bc862dc4.tar.gz ports-3d824592bda988e6d8b3379d3410c6f5bc862dc4.zip |
mail/dovecot,mail/dovecot-pigeonhole: fix CVE-2019-11500
Changes
-------
* CVE-2019-11500: IMAP protocol parser does not properly handle NUL byte
when scanning data in quoted strings, leading to out of bounds heap
memory writes. Found by Nick Roessler and Rafi Rubin.
MFH: 2019Q3
Security: CVE-2019-11500
Notes
Notes:
svn path=/head/; revision=510075
Diffstat (limited to 'mail/dovecot-pigeonhole')
-rw-r--r-- | mail/dovecot-pigeonhole/Makefile | 7 | ||||
-rw-r--r-- | mail/dovecot-pigeonhole/distinfo | 6 |
2 files changed, 6 insertions, 7 deletions
diff --git a/mail/dovecot-pigeonhole/Makefile b/mail/dovecot-pigeonhole/Makefile index 216d4c096106..f2ccd0ba551c 100644 --- a/mail/dovecot-pigeonhole/Makefile +++ b/mail/dovecot-pigeonhole/Makefile @@ -2,8 +2,7 @@ # $FreeBSD$ PORTNAME= dovecot-pigeonhole -PORTVERSION= 0.5.7.1 -PORTREVISION= 1 +PORTVERSION= 0.5.7.2 CATEGORIES= mail MASTER_SITES= http://pigeonhole.dovecot.org/releases/${DOVECOTVERSION}/ DISTNAME= ${PORTNAME:C/-/-${DOVECOTVERSION}-/}-${PORTVERSION} @@ -13,8 +12,8 @@ COMMENT= Sieve plugin for the Dovecot 'deliver' LDA and LMTP LICENSE= LGPL21 -BUILD_DEPENDS= dovecot>=2.3.6:mail/dovecot -RUN_DEPENDS= dovecot>=2.3.6:mail/dovecot +BUILD_DEPENDS= dovecot>=2.3.7:mail/dovecot +RUN_DEPENDS= dovecot>=2.3.7:mail/dovecot DOVECOTVERSION= 2.3 diff --git a/mail/dovecot-pigeonhole/distinfo b/mail/dovecot-pigeonhole/distinfo index 8bd6019b3e3e..dcefdc9d94a3 100644 --- a/mail/dovecot-pigeonhole/distinfo +++ b/mail/dovecot-pigeonhole/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1563891950 -SHA256 (dovecot-2.3-pigeonhole-0.5.7.1.tar.gz) = 3270b24c1f75a7c144f54d6d08ce994176e39c2cdb3ac4dd80ad5e64aaaa2028 -SIZE (dovecot-2.3-pigeonhole-0.5.7.1.tar.gz) = 1857291 +TIMESTAMP = 1567007127 +SHA256 (dovecot-2.3-pigeonhole-0.5.7.2.tar.gz) = d59d0c5c5225a126e5b98bf95d75e8dd368bdeeb3da2e9766dbe4fddaa9411b0 +SIZE (dovecot-2.3-pigeonhole-0.5.7.2.tar.gz) = 1857602 |