ubuntu/+source/dovecot:debian/stretch

Last commit made on 2019-09-07
Get this branch:
git clone -b debian/stretch https://git.launchpad.net/ubuntu/+source/dovecot
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
debian/stretch
Repository:
lp:ubuntu/+source/dovecot

Recent commits

b837c5d... by Salvatore Bonaccorso on 2019-08-25

Import patches-unapplied version 1:2.2.27-3+deb9u5 to debian/stretch

Imported using git-ubuntu import.

Changelog parent: 102ad2cb0e1f01ddcb451b1e11d94ac4056d71f0

New changelog entries:
  * Non-maintainer upload by the Security Team.
  * Fix CVE-2019-11500
    - lib-imap: Don't accept strings with NULs
    - lib-imap: Make sure str_unescape() won't be writing past allocated
      memory
    - lib-managesieve: Don't accept strings with NULs
    - lib-managesieve: Make sure str_unescape() won't be writing past
      allocated memory

102ad2c... by Apollon Oikonomopoulos <email address hidden> on 2019-03-25

Import patches-unapplied version 1:2.2.27-3+deb9u4 to debian/stretch

Imported using git-ubuntu import.

Changelog parent: 84fd95d42561251243f33c23eeb671508e96229b

New changelog entries:
  * [d402493] Fix two buffer overflows when reading oversized FTS headers
    and/or oversized POP3-UIDL headers (CVE-2019-7524).
  * [1fb4e06] Fix CVE-2019-3814: TLS client auth username handling

84fd95d... by Apollon Oikonomopoulos <email address hidden> on 2018-03-01

Import patches-unapplied version 1:2.2.27-3+deb9u2 to debian/stretch

Imported using git-ubuntu import.

Changelog parent: 13b43d269d9b1e42219478abee6006fad5bfaf8a

New changelog entries:
  * [794e743] Fix CVE-2017-14461: rfc822_parse_domain information leak
    vulnerability (Closes: #891819)
  * [530ca6d] Fix CVE-2017-15130: TLS SNI config lookups are inefficient and
    can be used for DoS (Closes: #891820)
     + Use dh-autoreconf, as src/Makefile.in needs to be regenerated. Also
       disable dovecot_name.patch, since it changes dovecot's banner in
       conjunction with dh_autoreconf.
  * [68c2156] Fix CVE-2017-15132: memory leak on aborted SASL auth (Closes:
    #888432)

13b43d2... by Apollon Oikonomopoulos <email address hidden> on 2017-06-30

Import patches-unapplied version 1:2.2.27-3+deb9u1 to debian/stretch

Imported using git-ubuntu import.

Changelog parent: afdf5408185d24b3f7ddb3bfd126c0c8333a954f

New changelog entries:
  * [8b8226f] Fix fts-solr: escape {} chars when sending queries (Closes:
    #865945)
  * [a97cdab] Add basic usage DEP-8 tests, performing end-to-end testing using
    LDA, IMAP and POP3.

afdf540... by Apollon Oikonomopoulos <email address hidden> on 2017-04-10

Import patches-unapplied version 1:2.2.27-3 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 0fb5befd5be4123b588b69d8a40a7d7a2e5ba470

New changelog entries:
  * [117285a] Remove /etc/dovecot/README (Closes: #849290)
  * [04e8ce3] auth: Do not double-expand key in passdb dict when
    authenticating (CVE-2017-2669) (Closes: #860049)

0fb5bef... by Apollon Oikonomopoulos <email address hidden> on 2016-12-15

Import patches-unapplied version 1:2.2.27-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 14001f8cb7ab0a1636d125abe4b3b72b1ce7239e

New changelog entries:
  * [30586e3] Fix SHA3 on big-endian architectures.

14001f8... by Apollon Oikonomopoulos <email address hidden> on 2016-12-14

Import patches-unapplied version 1:2.2.27-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: a398fa258fed00a68229badb94cd55999ca456be

New changelog entries:
  [ Jaldhar H. Vyas ]
  * [b1e4693] Imported Upstream version 2.2.27
    + Includes fix for CVE-2016-8652 (Closes: #846605)
  [ Apollon Oikonomopoulos ]
  * [b25993a] Drop patches merged upstream:
    + call_openssl_cleanup_at_deinit.patch
    + disable_sslv23.patch

a398fa2... by Apollon Oikonomopoulos <email address hidden> on 2016-11-14

Import patches-unapplied version 1:2.2.26.0-4 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 415b4cdd5059d46d9ab36067255f52d37b8d8cc7

New changelog entries:
  * [3015f35] Drop references to SSLv2 in the default SSL protocols (Closes: #844271)

415b4cd... by Apollon Oikonomopoulos <email address hidden> on 2016-11-13

Import patches-unapplied version 1:2.2.26.0-3 to debian/sid

Imported using git-ubuntu import.

Changelog parent: cd3a80a7ddbb0e9eb79a5f59bd0a05ef9df66fc5

New changelog entries:
  * [b03027b] Call OPENSSL_cleanup() on dcrypt_openssl unload. Fixes FTBFS
    with OpenSSL 1.1.0c.

cd3a80a... by Apollon Oikonomopoulos <email address hidden> on 2016-11-08

Import patches-unapplied version 1:2.2.26.0-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: cdf0657c8dc039e46d08afe1a38a1cee4e2f0cdb

New changelog entries:
  * [9db7d1b] Fix upgrades from 2.2.25 (Closes: #843028)