ubuntu/+source/dovecot:debian/jessie

Last commit made on 2018-06-23
Get this branch:
git clone -b debian/jessie https://git.launchpad.net/ubuntu/+source/dovecot
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
debian/jessie
Repository:
lp:ubuntu/+source/dovecot

Recent commits

8830dcd... by Apollon Oikonomopoulos <email address hidden> on 2018-03-01

Import patches-unapplied version 1:2.2.13-12~deb8u4 to debian/jessie

Imported using git-ubuntu import.

Changelog parent: 2aa47e7d2f0b9cf4eea5143956d3300ec94ecd9b

New changelog entries:
  * [eb6eab8] Fix CVE-2017-14461: rfc822_parse_domain information leak
    (Closes: #891819)
  * [df2ccf9] Fix CVE-2017-15130: TLS SNI config lookups are inefficient and
    can be used for DoS (Closes: #891820)
     + Use dh-autoreconf, as src/Makefile.in needs to be regenerated. Also
       disable dovecot_name.patch, since it changes dovecot's banner in
       conjunction with dh_autoreconf.
  * [292742f] Fix CVE-2017-15132: memory leak on aborted SASL auth
    (Closes: #888432)
  * [3e2ccd1] Add myself to Uploaders

2aa47e7... by Salvatore Bonaccorso on 2017-04-11

Import patches-unapplied version 1:2.2.13-12~deb8u3 to debian/jessie

Imported using git-ubuntu import.

Changelog parent: a048bb37cb0ef8420eb4bf5c2484e01ec237d369

New changelog entries:
  * Non-maintainer upload by the Security Team.
  * Revert "auth: Do not double-expand key in passdb dict when authenticating
    (CVE-2017-2669)"
    This reverts the applied patch which resulted in no longer interpreting
    placeholders in the keys even once with dict-based userdb or passdb.
    The actual vulnerability was introduced later with "auth-db-dict: Allow
    key name expansion" in 2.2.26.
    Thanks to Nick Thomas <email address hidden> and Aki Tuomi <email address hidden>
  * Non-maintainer upload by the Security Team.
  * auth: Do not double-expand key in passdb dict when authenticating
    (CVE-2017-2669)

a048bb3... by Jaldhar on 2015-05-31

Import patches-unapplied version 1:2.2.13-12~deb8u1 to debian/jessie

Imported using git-ubuntu import.

Changelog parent: a250638a8600e789851970a195d1b005fd34aa00

New changelog entries:
  * [6e16721] Fix a mbox corruption problem by applying two patches from
    mercurial upstream.
    - fix-mbox-corruption-18534.patch (changeset 18534:94bd895721d8).
    - fix-mbox-corruption-18679.patch (changeset 18679:b6ea460e7cc4).
    Thanks to Santiago Vila <email address hidden> (Closes: 776094)

a250638... by Jelmer Vernooij on 2015-05-04

Import patches-unapplied version 1:2.2.13-12 to debian/sid

Imported using git-ubuntu import.

Changelog parent: d816f6d1f322c08208c9eb0087e3987275529fec

New changelog entries:
  * [48f6fe4] Add patch cve-2015-3420.patch: Fix SSL/TLS handshake failures
    leading to a crash of the login process with newer versions of OpenSSL.
    Closes: #783649 (CVE-2015-3420)

d816f6d... by Jaldhar on 2014-12-14

Import patches-unapplied version 1:2.2.13-11 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 941a9249f395663c73d43e45a574d30552f24aa6

New changelog entries:
  * [ebc0377] Don't allow install of dovecot-sieve without a new enough
    dovecot-core. (Closes: #772885)

941a924... by Jaldhar on 2014-12-11

Import patches-unapplied version 1:2.2.13-10 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 593dafad6f161d76ab68705ce0cef086ca9c7943

New changelog entries:
  [ Jelmer Vernooij ]
  * [93db7f0] Fix path to 90-sieve-extprograms.conf in dovecot-sieve.postinst.
    Closes: #772703, #772711
  [ Jaldhar H. Vyas ]
  * [8c627a4] Add another db_stop this time for triggers. Die #770695 die!

593dafa... by Jaldhar on 2014-12-09

Import patches-unapplied version 1:2.2.13-9 to debian/sid

Imported using git-ubuntu import.

Changelog parent: e09811af030ba8a0948520fec26fb1d89814296d

New changelog entries:
  * [5b689f6] Made some overlooked configuration files into conffiles;
    deleted excess files from /usr/share/doc/dovecot-core.
  * [83f2fc4] Explicitly stop debconf in dovecot-core postinst which hopefully
    fixes the last of the install hangs.
    Thanks to Chris Gilbert <email address hidden> (Closes: #770695)

e09811a... by Jaldhar on 2014-12-02

Import patches-unapplied version 1:2.2.13-8 to debian/sid

Imported using git-ubuntu import.

Changelog parent: c3fff29b4873b8c28de7d31e76133d7b87f9f244

New changelog entries:
  * [b2f652f] Turn off SSL by default and leave SSL cert locations commented
    out. Hopefully this will be a satisfactory lowest common denominator for
    new installs without messing with upgrades.
    (Closes: #771334, #771407)

c3fff29... by Jaldhar on 2014-11-28

Import patches-unapplied version 1:2.2.13-7 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 6601a055c3f7b9373d7275746600f193198adfba

New changelog entries:
  * [daea09a] Commented out cert locations so install doesn't bomb if the
    certs haven't been created yet.
    (Closes: #706216, #732263, #767154, #768253, #769461, #770697)

6601a05... by Jaldhar on 2014-10-26

Import patches-unapplied version 1:2.2.13-6 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 84454766e9825de7300b12b2de89308832384272

New changelog entries:
  * [f7205c0] dovecot-dev: removed dependency on dovecot-core
  * [e393868] Removed SSL certificate generation from postinst. From now on
    you have to do this yourself. See dovecot-core's README.debian for
    instructions. (Closes: #730828)