[arch-commits] Commit in dovecot/trunk (CVE-2015-3420.patch PKGBUILD)
Andreas Radke
andyrtr at archlinux.org
Fri May 15 12:56:03 UTC 2015
Date: Friday, May 15, 2015 @ 14:56:03
Author: andyrtr
Revision: 239405
upgpkg: dovecot 2.2.18-1
upstream update 2.2.18
Modified:
dovecot/trunk/PKGBUILD
Deleted:
dovecot/trunk/CVE-2015-3420.patch
---------------------+
CVE-2015-3420.patch | 58 --------------------------------------------------
PKGBUILD | 16 ++++---------
2 files changed, 5 insertions(+), 69 deletions(-)
Deleted: CVE-2015-3420.patch
===================================================================
--- CVE-2015-3420.patch 2015-05-15 12:42:53 UTC (rev 239404)
+++ CVE-2015-3420.patch 2015-05-15 12:56:03 UTC (rev 239405)
@@ -1,58 +0,0 @@
-
-diff -r a2d342257b25 -r 86f535375750 src/login-common/ssl-proxy-openssl.c
---- a/src/login-common/ssl-proxy-openssl.c Sat Apr 25 12:16:07 2015 +0300
-+++ b/src/login-common/ssl-proxy-openssl.c Tue Apr 28 11:27:04 2015 +0200
-@@ -80,6 +80,7 @@
- unsigned int cert_broken:1;
- unsigned int client_proxy:1;
- unsigned int flushing:1;
-+ unsigned int failed:1;
- };
-
- struct ssl_parameters {
-@@ -131,6 +132,12 @@
- static int ssl_proxy_ctx_get_pkey_ec_curve_name(const struct master_service_ssl_settings *set);
- #endif
-
-+static void ssl_proxy_destroy_failed(struct ssl_proxy *proxy)
-+{
-+ proxy->failed = TRUE;
-+ ssl_proxy_destroy(proxy);
-+}
-+
- static unsigned int ssl_server_context_hash(const struct ssl_server_context *ctx)
- {
- unsigned int i, g, h = 0;
-@@ -462,7 +469,7 @@
-
- if (errstr != NULL) {
- proxy->last_error = i_strdup(errstr);
-- ssl_proxy_destroy(proxy);
-+ ssl_proxy_destroy_failed(proxy);
- }
- ssl_proxy_unref(proxy);
- }
-@@ -492,7 +499,7 @@
-
- if (proxy->handshake_callback != NULL) {
- if (proxy->handshake_callback(proxy->handshake_context) < 0)
-- ssl_proxy_destroy(proxy);
-+ ssl_proxy_destroy_failed(proxy);
- }
- }
-
-@@ -822,7 +829,8 @@
- if (proxy->destroyed || proxy->flushing)
- return;
- proxy->flushing = TRUE;
-- ssl_proxy_flush(proxy);
-+ if (!proxy->failed && proxy->handshaked)
-+ ssl_proxy_flush(proxy);
- proxy->destroyed = TRUE;
-
- ssl_proxy_count--;
-
-
-
-
-
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2015-05-15 12:42:53 UTC (rev 239404)
+++ PKGBUILD 2015-05-15 12:56:03 UTC (rev 239405)
@@ -8,15 +8,15 @@
# --->>> remember to rebuild/bump pigeonhole in one step <<<---
pkgname=dovecot
-pkgver=2.2.16
-pkgrel=2
+pkgver=2.2.18
+pkgrel=1
pkgdesc="An IMAP and POP3 server written with security primarily in mind"
arch=('i686' 'x86_64')
url="http://dovecot.org/"
license=("LGPL")
depends=('krb5' 'openssl' 'sqlite' 'libmariadbclient'
- 'postgresql-libs' 'bzip2' 'lz4' 'expat' 'curl')
-makedepends=('pam' 'libcap' 'libldap' 'clucene')
+ 'postgresql-libs' 'bzip2' 'lz4' 'expat' 'curl' 'pam')
+makedepends=('libcap' 'libldap' 'clucene')
optdepends=('libldap: ldap plugin'
'xz: imap zlib plugin'
'clucene: alternative FTS indexer')
@@ -23,20 +23,14 @@
provides=('imap-server' 'pop3-server')
install=$pkgname.install
source=(http://dovecot.org/releases/2.2/${pkgname}-${pkgver}.tar.gz{,.sig}
- CVE-2015-3420.patch
dovecot.tmpfilesd)
-md5sums=('8dba21e817b4239e462d98a925233418'
+md5sums=('1e42eb3b69544c447ad882d7858f3630'
'SKIP'
- '730366bb5895a3092f1b6511e254709a'
'342a28251d40f983c98c0d1f1bf3d07d')
validpgpkeys=('E643F0BDFDCD04D9FFCB6279C948525140558AC9') # Timo Sirainen <tss at iki.fi>
prepare() {
cd $pkgname-$pkgver
-
- # https://bugs.archlinux.org/task/44757
- patch -Np1 -i ${srcdir}/CVE-2015-3420.patch
-
# fix path in helper script
sed -i 's:OPENSSLCONFIG=${OPENSSLCONFIG-dovecot-openssl.cnf}:OPENSSLCONFIG=${OPENSSLCONFIG- /etc/ssl/dovecot-openssl.cnf}:' doc/mkcert.sh
}
More information about the arch-commits
mailing list