lp:ubuntu/maverick-security/dovecot
- Get this branch:
- bzr branch lp:ubuntu/maverick-security/dovecot
Branch merges
Branch information
Recent revisions
- 81. By Steve Beattie
-
* SECURITY UPDATE: fix memory corruption when header names included
null bytes:
- debian/patches/ dovecot- CVE-2011- 1929.patch: use binary copy rather
than a string based copy.
- CVE-2011-1929 - 80. By Marc Deslauriers
-
* SECURITY UPDATE: information disclosure via newly created mailboxes
with incorrect ACLs
- debian/patches/ CVE-2010- 3304.patch: verify the directory isn't the
same as the INBOX's directory in src/plugins/acl/acl- backend- vfile.c.
- CVE-2010-3304
* SECURITY UPDATE: ACL bypass via incorrect ACL merging
- debian/patches/ CVE-2010- 370x.patch: fix logic of merging multiple
ACLs in src/plugins/acl/{acl- api.h,acl- backend- vfile.c, acl-backend. c,
acl-cache.c}.
- CVE-2010-3706
- CVE-2010-3707
* SECURITY UPDATE: restriction bypass via mailbox ACL changing
- debian/patches/ CVE-2010- 3779.patch: don't give admin rights to all
owner mailboxes in src/plugins/acl/acl- backend- vfile.c.
- CVE-2010-3779
* SECURITY UPDATE: denial of service via many simultaneous disconnects.
- debian/patches/ CVE-2010- 3780.patch: don't die after three failed
writes to log in src/lib/failures.c.
- CVE-2010-3780
* debian/control: removed linux-kernel-headers from Build-Conflicts to
resolve building with sbuild. - 79. By Clint Byrum
-
debian/
mail-stack- delivery. preinst: Fixing shell syntax and typo in
file rename code. (LP: #653362) - 78. By Chuck Short
-
[Dave Walker]
* debian/rules: Build all architecture independent components, rather
than acting on mail-stack-delivery only. (LP: #651027)
* debian/control: dovecot-postfix (transitional package), should depend on
the renamed mail-stack-delivery not the original mail-server-delivery. [Ante Karamatić]
* debian/patches/ mail-stack- dovecot. conf: include additional information.
(LP: #649574) - 77. By Chuck Short
-
debian/
dovecot- common. dovecot. upstart: Fix for non-starting upstart job (LP: #646858) - 76. By Chuck Short
-
debian/
patches/ fix-mbox- autodetection. patch: Re-add allow mailbox creation patch when autodetecting
(LP: #645288) - 75. By Niall Creech
-
* debian/
mail-stack- delivery. preinst:
- Properly close switch/case statement (LP: #645808) - 74. By Chuck Short
-
debian/rules, debian/
dovecot- common. dovecot. upstart, debian/control,
debian/dovecot- common. dirs, dovecot- imapd.{ postrm, postinst, prerm},
debian/dovecot- pop3d.{ postinst, postrm, prerm}, mail-stack- delivery. postinst:
Convert init script up to upstart. Apart of the server-maverick- upstart- conversion
specification. - 72. By Chuck Short
-
* Merge from Debian Unstable, remaining changes:
+ Add mail-stack-delivery as per server-maverick- mail-integratio n spec:
- Update debian/rules
- Convert existing package to a dummy package and add new binary in debian/control
- Update maintainer scripts.
- Move previously installed backups and config files to new package name
space in preinst
- Add new debian/mail-stack- delivery. prerm to handle downgrades
- Rename debian/dovecot- postfix. * to debian/ mail-stack- delivery. *
+ Use Snakeoil SSL certificates by default.
- debian/control: Depend on ssl-cert.
- debian/patches/ ssl-cert- snakeoil. dpatch: Change default SSL cert paths to snakeoil.
- debian/dovecot- common. postinst: Relax grep for SSL_* a bit.
+ Add autopkgtest to debian/tests/*.
+ Add ufw integration:
- Created debian/dovecot- common. ufw.profile.
- debian/rules: install profile.
- debian/control: suggest ufw.
+ debian/{control, rules}: enable PIE hardening.
+ debian/control: Update Vcs-* headers.
+ Add SMTP-AUTH support for Outlook (login auth mechanism)
+ debian/dovecot- common. dirs: Added usr/share/ doc/dovecot- common
+ debian/patches/ fix-dovecot- config- parser. patch: Fix ordering of external config
files. (LP: #597818)
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/natty/dovecot