Ubuntu
dovecot package

Merge ~michal-maloszewski99/ubuntu/+source/dovecot:jammy-dovecot-fix into ubuntu/+source/dovecot:ubuntu/jammy-devel

  1. Git
  2. lp:~michal-maloszewski99/ubuntu/+source/dovecot
  3. jammy-dovecot-fix
  4. Merge into ubuntu/jammy-devel
Proposed by Michał Małoszewski
Status: Work in progress
Proposed branch: ~michal-maloszewski99/ubuntu/+source/dovecot:jammy-dovecot-fix
Merge into: ubuntu/+source/dovecot:ubuntu/jammy-devel
Diff against target: 67 lines (+45/-0)
3 files modified
debian/changelog (+7/-0)
debian/patches/jammy-fix-leaking-mailboxes.patch (+37/-0)
debian/patches/series (+1/-0)
Reviewer Review Type Date Requested Status
git-ubuntu import Pending
Review via email: mp+431937@code.launchpad.net
To post a comment you must log in.

Unmerged commits

86848ae... by Michał Małoszewski

changelog (LP: #1992848)

739107c... by Michał Małoszewski

Fix the dovecot package

Fix leaking mailboxes if virtual mailbox cannot be opened.
(LP: #1992848)

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/debian/changelog b/debian/changelog
2index b02548e..7221207 100644
3--- a/debian/changelog
4+++ b/debian/changelog
5@@ -1,3 +1,10 @@
6+dovecot (1:2.3.16+dfsg1-3ubuntu2.2) jammy; urgency=medium
7+
8+ * d/p/jammy-fix-leaking-mailboxes.patch: Fix leaking mailboxes if
9+ virtual mailbox can not be opened (LP: #1992848)
10+
11+ -- Michal Maloszewski <michal.maloszewski@canonical.com> Thu, 20 Oct 2022 23:36:54 +0200
12+
13 dovecot (1:2.3.16+dfsg1-3ubuntu2.1) jammy-security; urgency=medium
14
15 * SECURITY UPDATE: privilege escalation via multiple passdbs
16diff --git a/debian/patches/jammy-fix-leaking-mailboxes.patch b/debian/patches/jammy-fix-leaking-mailboxes.patch
17new file mode 100644
18index 0000000..bb7979e
19--- /dev/null
20+++ b/debian/patches/jammy-fix-leaking-mailboxes.patch
21@@ -0,0 +1,37 @@
22+From bdf4474ed82aaf964e7d94e72ca56b496e3815f9 Mon Sep 17 00:00:00 2001
23+From: Timo Sirainen <timo.sirainen@open-xchange.com>
24+Date: Fri, 1 Oct 2021 15:08:45 +0300
25+Subject: [PATCH] virtual: Fix leaking mailboxes if virtual mailbox can't
26+ be opened
27+
28+Fixes also a crash at deinit:
29+Panic: file mail-user.c: line 232 (mail_user_deinit): assertion failed: ((*user)->refcount == 1)
30+
31+Description: Fix the dovecot package to prevent from leaking mailboxes
32+ if virtual mailbox cannot be opened.
33+Origin: upstream, https://github.com/dovecot/core/commit/bdf4474ed82aaf964e7d94e72ca56b496e3815f9
34+Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/dovecot/+bug/1992848
35+Last-Update: 2022-10-20
36+---
37+ src/plugins/virtual/virtual-storage.c | 4 ++--
38+ 1 file changed, 2 insertions(+), 2 deletions(-)
39+
40+diff --git a/src/plugins/virtual/virtual-storage.c b/src/plugins/virtual/virtual-storage.c
41+index 2f31503d53..a0779cc186 100644
42+--- a/src/plugins/virtual/virtual-storage.c
43++++ b/src/plugins/virtual/virtual-storage.c
44+@@ -495,12 +495,12 @@ static int virtual_mailbox_open(struct mailbox *box)
45+ ret = virtual_mailboxes_open(mbox, box->flags);
46+ array_pop_back(&mbox->storage->open_stack);
47+ }
48++ if (ret == 0)
49++ ret = index_storage_mailbox_open(box, FALSE);
50+ if (ret < 0) {
51+ virtual_mailbox_close_internal(mbox);
52+ return -1;
53+ }
54+- if (index_storage_mailbox_open(box, FALSE) < 0)
55+- return -1;
56+
57+ mbox->virtual_ext_id =
58+ mail_index_ext_register(mbox->box.index, "virtual", 0,
59diff --git a/debian/patches/series b/debian/patches/series
60index 6839beb..b8f8ff6 100644
61--- a/debian/patches/series
62+++ b/debian/patches/series
63@@ -22,3 +22,4 @@ mail-cache-bigendian-1.patch
64 # Ubuntu patches
65 OpenSSL3.patch
66 CVE-2022-30550.patch
67+jammy-fix-leaking-mailboxes.patch

Subscribers

People subscribed via source and target branches