ubuntu/+source/dovecot:ubuntu/bionic-devel

Last commit made on 2019-08-28
Get this branch:
git clone -b ubuntu/bionic-devel https://git.launchpad.net/ubuntu/+source/dovecot
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
ubuntu/bionic-devel
Repository:
lp:ubuntu/+source/dovecot

Recent commits

605cdfe... by Leonidas S. Barbosa on 2019-08-28

Import patches-unapplied version 1:2.2.33.2-1ubuntu4.5 to ubuntu/bionic-security

Imported using git-ubuntu import.

Changelog parent: 39379e891277d7db2c3dcd67352f2676327e2318

New changelog entries:
  * SECURITY REGRESSION: updating CVE-2019-11500-3.patch with the right check

39379e8... by Leonidas S. Barbosa on 2019-08-14

Import patches-unapplied version 1:2.2.33.2-1ubuntu4.4 to ubuntu/bionic-security

Imported using git-ubuntu import.

Changelog parent: 1db31ec72e2c499c0d99b8f5531fe7dba9d668d0

New changelog entries:
  * SECURITY UPDATE: IMAP do not properly handled NULL byte - bounds
    heap memory writes
    - debian/patches/CVE-2019-11500-*.patch: doesn't accept strings with
      NULs in src/lib-imap/imap-parser.c and
      pigeonhole/src/lib-managesieve/managesieve-parser.c,
      make sure str_unescape won't be writing past allocated memory
      in src/lib-imap/imap-parser.c and
      pieonhole/src/lig-managesieve/managesieve-parser.c.
    - CVE-2019-11500

1db31ec... by Marc Deslauriers on 2019-03-29

Import patches-unapplied version 1:2.2.33.2-1ubuntu4.3 to ubuntu/bionic-security

Imported using git-ubuntu import.

Changelog parent: 558d8b53b9fc14eabc0fb08418b030f7711034d8

New changelog entries:
  * SECURITY UPDATE: stack overflow when reading FTS or POP3-UIDL header
    - debian/patches/CVE-2019-7524-1.patch: fix buffer overflow when
      reading oversized hdr-pop3-uidl header in
      src/lib-storage/index/index-pop3-uidl.c.
    - debian/patches/CVE-2019-7524-2.patch: fix buffer overflow when
      reading oversized fts header in src/plugins/fts/fts-api.c.
    - CVE-2019-7524

558d8b5... by Marc Deslauriers on 2019-01-28

Import patches-unapplied version 1:2.2.33.2-1ubuntu4.2 to ubuntu/bionic-security

Imported using git-ubuntu import.

Changelog parent: c0f83e6580afd04848db79a5475a61302fb556f2

New changelog entries:
  * SECURITY UPDATE: incorrect client certificate validation
    - debian/patches/CVE-2019-3814-1.patch: do not import empty certificate
      username in src/auth/auth-request.c.
    - debian/patches/CVE-2019-3814-2.patch: fail authentication if
      certificate username was unexpectedly missing in
      src/auth/auth-request-handler.c.
    - debian/patches/CVE-2019-3814-3.patch: ensure we get username from
      certificate in src/login-common/sasl-server.c.
    - CVE-2019-3814

c0f83e6... by Christian Ehrhardt  on 2018-06-19

Import patches-unapplied version 1:2.2.33.2-1ubuntu4.1 to ubuntu/bionic-proposed

Imported using git-ubuntu import.

Upload parent: 96c96c4292bab076e6438240804819d6ef6b686a

96c96c4... by Christian Ehrhardt  on 2018-06-19

changelog: Fix log reopen on SIGUSR1 for log rotation (LP: #1777008)

Signed-off-by: Christian Ehrhardt <email address hidden>

21b4179... by Christian Ehrhardt  on 2018-06-19

Fix log reopen on SIGUSR1 for log rotation (LP: #1777008)

Signed-off-by: Christian Ehrhardt <email address hidden>

800bb9d... by Marc Deslauriers on 2018-02-26

Import patches-unapplied version 1:2.2.33.2-1ubuntu4 to ubuntu/bionic-proposed

Imported using git-ubuntu import.

Changelog parent: b8068415017a8a14ef6e984feba6fa336e6c44fd

New changelog entries:
  * SECURITY UPDATE: rfc822_parse_domain Information Leak Vulnerability
    - debian/patches/CVE-2017-14461/*.patch: upstream parsing fixes.
    - CVE-2017-14461
  * SECURITY UPDATE: TLS SNI config lookups DoS
    - debian/patches/CVE-2017-15130/*.patch: upstream config filtering fix.
    - CVE-2017-15130

b806841... by Leonidas S. Barbosa on 2018-02-23

Import patches-unapplied version 1:2.2.33.2-1ubuntu3 to ubuntu/bionic-proposed

Imported using git-ubuntu import.

Changelog parent: eae57207ba47c26aad0131a3fdc3cd1d49abd0df

New changelog entries:
  * SECURITY UPDATE: Memory leak that can cause crash due to memory exhaustion
    - debian/patches/CVE-2017-15132.patch: fix memory leak in
      auth_client_request_abort() in src/lib-auth/auth-client-request.c.
    - debian/patches/CVE-2017-15132-additional.patch: remove request after
      abort in src/lib-auth/auth-client-request.c,
      src/lib-auth/auth-server-connection.c,
      src/lib-auth/auth-serser-connection.h.
    - CVE-2017-15132

eae5720... by Dimitri John Ledkov on 2018-02-06

Import patches-unapplied version 1:2.2.33.2-1ubuntu2 to ubuntu/bionic-proposed

Imported using git-ubuntu import.

Changelog parent: 45e9426d03e5604f78c4c649e927ed7772f2fc3a

New changelog entries:
  * No change rebuild against openssl1.1.