ubuntu/+source/dovecot:applied/debian/jessie

Last commit made on 2018-06-23
Get this branch:
git clone -b applied/debian/jessie https://git.launchpad.net/ubuntu/+source/dovecot
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/debian/jessie
Repository:
lp:ubuntu/+source/dovecot

Recent commits

0e889ac... by Apollon Oikonomopoulos <email address hidden> on 2018-03-01

Import patches-applied version 1:2.2.13-12~deb8u4 to applied/debian/jessie

Imported using git-ubuntu import.

Changelog parent: f511c104e9ce098b6bf419a34904a74320f3c317
Unapplied parent: 9220ee44a1d9da7c7fd753ab40858909dbe8bb1d

New changelog entries:
  * [eb6eab8] Fix CVE-2017-14461: rfc822_parse_domain information leak
    (Closes: #891819)
  * [df2ccf9] Fix CVE-2017-15130: TLS SNI config lookups are inefficient and
    can be used for DoS (Closes: #891820)
     + Use dh-autoreconf, as src/Makefile.in needs to be regenerated. Also
       disable dovecot_name.patch, since it changes dovecot's banner in
       conjunction with dh_autoreconf.
  * [292742f] Fix CVE-2017-15132: memory leak on aborted SASL auth
    (Closes: #888432)
  * [3e2ccd1] Add myself to Uploaders

9220ee4... by Apollon Oikonomopoulos <email address hidden> on 2018-03-01

[PATCH 4/4] Fix CVE-2017-15132: memory leak on aborted SASL auth

Gbp-Pq: 0004-Fix-CVE-2017-15132-memory-leak-on-aborted-SASL-auth.patch.

5151903... by Apollon Oikonomopoulos <email address hidden> on 2018-03-01

[PATCH 3/4] Fix CVE-2017-15130: TLS SNI config lookups are

Gbp-Pq: 0003-Fix-CVE-2017-15130-TLS-SNI-config-lookups-are-ineffi.patch.

e6a6e9d... by Apollon Oikonomopoulos <email address hidden> on 2018-03-01

[PATCH 2/4] lib-dns: Add DNS specific matching algorithms

Gbp-Pq: 0002-lib-dns-Add-DNS-specific-matching-algorithms.patch.

d53dc17... by Apollon Oikonomopoulos <email address hidden> on 2018-03-01

[PATCH 1/4] Fix CVE-2017-14461: rfc822_parse_domain information leak

Gbp-Pq: 0001-Fix-CVE-2017-14461-rfc822_parse_domain-information-l.patch.

0d771af... by Apollon Oikonomopoulos <email address hidden> on 2018-03-01

mbox: Fixed corruption in some usage patterns.

Gbp-Pq: fix-mbox-corruption-18679.patch.

3037e5f... by Apollon Oikonomopoulos <email address hidden> on 2018-03-01

mbox: Fixed crash/corruption in some situations when the first mail was expunged.

Gbp-Pq: fix-mbox-corruption-18534.patch.

230fd75... by Apollon Oikonomopoulos <email address hidden> on 2018-03-01

Fix SSL/TLS handshake failures leading to a crash of the login process (CVE-2015-3420)

Gbp-Pq: cve-2015-3420.patch.

25bc2e9... by Apollon Oikonomopoulos <email address hidden> on 2018-03-01

This is a combination of three upstream hg patchsets:

Gbp-Pq: bye_logout_not_sent.patch.

36362c8... by Apollon Oikonomopoulos <email address hidden> on 2018-03-01

For NFS safety, prefer fcntl to dotlocks. Dovecots default is

Gbp-Pq: mboxlocking.patch.