Ubuntu
dovecot package

lp:ubuntu/hardy-updates/dovecot

  1. Hardy (8.04)
  2. hardy-updates
Created by James Westby and last modified
Get this branch:
bzr branch lp:ubuntu/hardy-updates/dovecot
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Review team:
Ubuntu Development Team
Status:
Mature

Recent revisions

34. By Marc Deslauriers

* SECURITY UPDATE: access restriction bypass from negative access rights
  being treated as positive access rights in the ACL plugin
  - debian/patches/security-CVE-2008-4577.dpatch: fix rights mask in
    src/plugins/acl/acl-cache.c.
  - CVE-2008-4577
* SECURITY UPDATE: arbitrary code execution via buffer overlows in
  the Sieve plugin
  - debian/patches/security-CVE-2009-3235.dpatch: increase scount size in
    dovecot-sieve/src/libsieve/bc_eval.c, use snprintf in
    dovecot-sieve/src/libsieve/sieve.y, use snprintf and calculate the
    right length in dovecot-sieve/src/libsieve/script.c.
  - CVE-2009-2632
  - CVE-2009-3235

33. By Nicolas Valcarcel

Fixed error with multiple ssl certs on postinst limiting the grep result
to 1 cert. Thanks Matt LaPlante for the suggestions (LP: #182086)

32. By Chuck Short

* debian/dovecot-common.init
  - Check to see if there is an /etc/inetd.conf. (LP: #208411)

31. By Kees Cook

* SECURITY UPDATE: mailboxes of other users could be read via symlinks.
* Add upstream-mail-group-fixes.dpatch: upstream fixes (CVE-2008-1199).
* Add upstream-invalid-password-fixes.dpatch: proactive upstream fixes
  to avoid future issues in underlying passdb (CVE-2008-1218).
* References
  http://dovecot.org/list/dovecot-news/2008-March/000060.html
  http://dovecot.org/list/dovecot-news/2008-March/000064.html

30. By Steve Langasek

No-change rebuild against libldap-2.4-2.

29. By Soren Hansen

* Merge from debian unstable, remaining changes:
  - DebianMaintainerField.
  - Use Snakeoil SSL certificate by default.
    + debian/control: Depend on ssl-cert
    + debian/patches/ssl-cert-snakeoil.dpatch: Change default SSL cert paths
      to snakeoil.
    + debian/dovecot-common.postinst: Relax grep for SSL_* a bit.
  - Fast TearDown:
    + debian/rules: Call dh_installinit in 'multiuser' mode.
    + debian/control: Depend on newer sysv-rc for this.
    + debian/dovecot-common.postinst: Remove stop script symlinks from rc0
      and rc6 on upgrades. Needs to be kept until next LTS release.
  - Add autopkgtest in debian/tests/.
  - Don't fail in postinst if dovecot-{sql,ldap} is missing. (LP #153161)

28. By Soren Hansen

* Merge from debian unstable, remaining changes:
  - DebianMaintainerField.
  - Use Snakeoil SSL certificate by default.
    + debian/control: Depend on ssl-cert
    + debian/patches/ssl-cert-snakeoil.dpatch: Change default SSL cert paths
      to snakeoil.
    + debian/dovecot-common.postinst: Relax grep for SSL_* a bit.
  - Fast TearDown:
    + debian/rules: Call dh_installinit in 'multiuser' mode.
    + debian/control: Depend on newer sysv-rc for this.
    + debian/dovecot-common.postinst: Remove stop script symlinks from rc0
      and rc6 on upgrades. Needs to be kept until next LTS release.
  - Add autopkgtest in debian/tests/.
  - Don't fail in postinst if dovecot-{sql,ldap} is missing. (LP #153161)

27. By Soren Hansen

Don't fail in postinst if dovecot-{sql,ldap} is missing. (LP: #153161)
Thanks to Adam Sommer for the initial patch!

26. By Mathias Gug

* Fix dovecot restart when removing -pop3d/-imapd packages (LP: #151650):
  - debian/dovecot-{pop3d,imapd}.postrm: start dovecot.
* Restart dovecot when -pop3d/-imapd package are installed:
  - debian/dovecot-{pop3d,imapd}.postinst: restart dovecot.

25. By Soren Hansen

[Mathias Gug]
* Merge with Debian (LP: #149049); remaining changes:
  - Use Snakeoil SSL certificate by default.
    + debian/control: Depend on ssl-cert
    + debian/patches/ssl-cert-snakeoil.dpatch: Change default SSL cert paths
      to snakeoil.
    + debian/dovecot-common.postinst: Relax grep for SSL_* a bit.
  - Fast TearDown:
    + debian/rules: Call dh_installinit in 'multiuser' mode.
    + debian/control: Depend on newer sysv-rc for this.
    + debian/dovecot-common.postinst: Remove stop script symlinks from rc0
      and rc6 on upgrades. Needs to be kept until next LTS release.
  - Add autopkgtest in debian/tests/.

[Soren Hansen]
* Based on work by Mathias Gug: Enable imap/pop3 protocols when installing
  dovecot-imap/dovecot-pop3 package (LP: #146648):
  - debian/dovecot-pop3d.postinst, debian/dovecot-imapd.postinst: add
    imap,imaps/pop3,pop3s to protocols line in dovecot.conf (removing "none"
    if it's there).
  - debian/dovecot-pop3d.postrm, debian/dovecot-imapd.postrm: remove
    imap,imaps/pop3,pop3s from protocols line in dovecot.conf (putting
    "none" if last protocol is removed).
* debian/patches/exec_check_for_none.dpatch:
  - Disable access(..., X_OK) check for protocols that are not going to be
    started anyway.
* debian/patches/protocols_none_by_default.dpatch:
  - Set "protocols = none" by default.

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:ubuntu/lucid/dovecot
This branch contains Public information 
Everyone can see this information.

Subscribers