ubuntu/+source/dovecot:ubuntu/eoan-proposed

Last commit made on 2019-08-30
Get this branch:
git clone -b ubuntu/eoan-proposed https://git.launchpad.net/ubuntu/+source/dovecot
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
ubuntu/eoan-proposed
Repository:
lp:ubuntu/+source/dovecot

Recent commits

d3668cb... by Leonidas S. Barbosa on 2019-08-28

Import patches-unapplied version 1:2.3.4.1-5ubuntu3 to ubuntu/eoan-proposed

Imported using git-ubuntu import.

Upload parent: 0bd2d76f790780853980a75dc017fd7d11980775

0bd2d76... by Bryce Harrington on 2019-08-29

changelog

6e3c199... by Bryce Harrington on 2019-08-29

  * SECURITY UPDATE: The IMAP protocol parser does not properly handled
    the NUL byte when scanning data in quoted strings, leading to out of
    bounds heap memory writes.
    - debian/patches/CVE-2019-11500-*.patch: doesn't accept strings with
      NULs in src/lib-imap/imap-parser.c and
      pigeonhole/src/lib-managesieve/managesieve-parser.c,
      make sure str_unescape won't be writing past allocated memory
      in src/lib-imap/imap-parser.c and
      pieonhole/src/lig-managesieve/managesieve-parser.c.
    - CVE-2019-11500

f2aed84... by Robie Basak on 2019-08-21

Import patches-unapplied version 1:2.3.4.1-5ubuntu2 to ubuntu/eoan-proposed

Imported using git-ubuntu import.

Changelog parent: 5fa1f065892b607edf8297d01a1dd27b6ebe37a1

New changelog entries:
  * No change rebuild for libmysqlclient21.

5fa1f06... by Bryce Harrington on 2019-05-03

Import patches-unapplied version 1:2.3.4.1-5ubuntu1 to ubuntu/eoan-proposed

Imported using git-ubuntu import.

Upload parent: a25190fdf262d67620314d9d30979dc3fd79d6a3

a25190f... by Bryce Harrington on 2019-05-03

update-maintainer

ce1e8b7... by Bryce Harrington on 2019-05-03

reconstruct-changelog

74eb710... by Bryce Harrington on 2019-05-03

merge-changelogs

7facf74... by Bryce Harrington on 2019-05-03

    - SECURITY UPDATE: submission-login denial of service issues
      + debian/patches/CVE-2019-1149x-1.patch: remove unused
        client->pending_starttls in src/submission-login/client.h.
      + debian/patches/CVE-2019-1149x-2.patch: fix crash occurring when
        client disconnects during authentication in
        src/submission-login/client-authenticate.c,
        src/submission-login/client.c.
      + debian/patches/CVE-2019-1149x-3.patch: fix AUTH response error
        handling so that it stops reading more input in
        src/lib-smtp/smtp-server-cmd-auth.c.
      + CVE-2019-11494
      + CVE-2019-11499
      [Fixed in 1:2.3.4.1-5]

43a85bb... by Bryce Harrington on 2019-05-03

    - SECURITY UPDATE: JSON encoder assert DoS
      + debian/patches/CVE-2019-10691.patch: escape invalid UTF-8 as unicode
        bytes in src/lib/json-parser.c, src/lib/test-json-parser.c.
      + CVE-2019-10691
      [Fixed in 1:2.3.4.1-4]