ubuntu/+source/dovecot:ubuntu/trusty-updates

Last commit made on 2019-04-01
Get this branch:
git clone -b ubuntu/trusty-updates https://git.launchpad.net/ubuntu/+source/dovecot
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
ubuntu/trusty-updates
Repository:
lp:ubuntu/+source/dovecot

Recent commits

3879053... by Marc Deslauriers on 2019-03-29

Import patches-unapplied version 1:2.2.9-1ubuntu2.6 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 225067069038ac489ed3ba0117b3aa4832e4a313

New changelog entries:
  * SECURITY UPDATE: stack overflow when reading FTS or POP3-UIDL header
    - debian/patches/CVE-2019-7524-2.patch: fix buffer overflow when
      reading oversized fts header in src/plugins/fts/fts-api.c.
    - CVE-2019-7524

2250670... by Marc Deslauriers on 2019-01-28

Import patches-unapplied version 1:2.2.9-1ubuntu2.5 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 1e77a06b1235d67e1b2c3ce6b9ba660ce5616f7e

New changelog entries:
  * SECURITY UPDATE: incorrect client certificate validation
    - debian/patches/CVE-2019-3814-1.patch: do not import empty certificate
      username in src/auth/auth-request.c.
    - debian/patches/CVE-2019-3814-2.patch: fail authentication if
      certificate username was unexpectedly missing in
      src/auth/auth-request-handler.c.
    - debian/patches/CVE-2019-3814-3.patch: ensure we get username from
      certificate in src/login-common/sasl-server.c.
    - CVE-2019-3814

1e77a06... by Marc Deslauriers on 2018-02-27

Import patches-unapplied version 1:2.2.9-1ubuntu2.4 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 9ec1122e0d04be7ba4650e6ca3aadc281f80534b

New changelog entries:
  * SECURITY UPDATE: rfc822_parse_domain Information Leak Vulnerability
    - debian/patches/CVE-2017-14461/*.patch: upstream parsing fixes.
    - CVE-2017-14461
  * SECURITY UPDATE: TLS SNI config lookups DoS
    - debian/patches/CVE-2017-15130/*.patch: upstream config filtering fix.
    - CVE-2017-15130

9ec1122... by Leonidas S. Barbosa on 2018-01-31

Import patches-unapplied version 1:2.2.9-1ubuntu2.3 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 1905608237241d85fb51ec4805fdf3ff838e4745

New changelog entries:
  * SECURITY UPDATE: Memory leak that can cause crash due to memory exhaustion
    - debian/patches/CVE-2017-15132.patch: fix memory leak in
      auth_client_request_abort() in src/lib-auth/auth-client-request.c.
    - debian/patches/CVE-2017-15132-additional.patch: remove request after
      abort in src/lib-auth/auth-client-request.c,
      src/lib-auth/auth-server-connection.c,
      src/lib-auth/auth-serser-connection.h.
    - CVE-2017-15132

1905608... by Marc Deslauriers on 2014-05-14

Import patches-unapplied version 1:2.2.9-1ubuntu2.1 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: b58d024bbf95035aaea1a501ae4478782de6ea5e

New changelog entries:
  * SECURITY UPDATE: denial of service via SSL connection exhaustion
    - debian/patches/CVE-2014-3430.patch: properly close connections in
      src/login-common/client-common.c,
      src/login-common/ssl-proxy-openssl.c,
      src/login-common/ssl-proxy.h.
    - CVE-2014-3430

b58d024... by James Page on 2014-03-07

Import patches-unapplied version 1:2.2.9-1ubuntu2 to ubuntu/trusty-proposed

Imported using git-ubuntu import.

Changelog parent: d580226ce5d01e30c20f4ef1f9b979f1e9afdcbc

New changelog entries:
  * d/dovecot-core.config: Drop db_input for ssl-cert-exists; this message
    not actually an error, is documented in the README.Debian, and blocks
    automated upgrades (LP: #1278897).

d580226... by James Page on 2014-01-08

Import patches-unapplied version 1:2.2.9-1ubuntu1 to ubuntu/trusty-proposed

Imported using git-ubuntu import.

Changelog parent: 2f139eb8bb98b4bfd5075716071321829d353bd8

New changelog entries:
  * Merge from Debian unstable, remaining changes:
    + Add mail-stack-delivery package:
      - Update d/rules
      - d/control: convert existing dovecot-postfix package to a dummy
        package and add new mail-stack-delivery package.
      - Update maintainer scripts.
      - Rename d/dovecot-postfix.* to debian/mail-stack-delivery.*
      - d/mail-stack-delivery.preinst: Move previously installed backups and
        config files to a new package namespace.
      - d/mail-stack-delivery.prerm: Added to handle downgrades.
    + Use Snakeoil SSL certificates by default:
      - d/control: Depend on ssl-cert.
      - d/dovecot-core.postinst: Relax grep for SSL_* a bit.
    + Add autopkgtest to debian/tests/*.
    + Add ufw integration:
      - d/dovecot-core.ufw.profile: new ufw profile.
      - d/rules: install profile in dovecot-core.
      - d/control: dovecot-core - suggest ufw.
    + d/dovecot-core.dirs: Added usr/share/doc/dovecot-core
    + Add apport hook:
      - d/rules, d/source_dovecot.py
    + Add upstart job:
      - d/rules, d/dovecot-core.dovecot.upstart, d/control,
        d/dovecot-core.dirs, dovecot-imapd.{postrm, postinst, prerm},
        d/dovecot-pop3d.{postinst, postrm, prerm}.
        d/mail-stack-deliver.postinst: Convert init script to upstart.
    + Use the autotools-dev dh addon to update config.guess/config.sub for
      arm64.
  * Dropped changes, included in Debian:
    - Update Dovecot name to reflect distribution in login greeting.
    - Update Drac plugin for >= 2.0.0 support.
  * d/control: Drop dovecot-postfix package as its no longer required.

2f139eb... by Jaldhar on 2013-11-28

Import patches-unapplied version 1:2.2.9-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: f6b12bdde461ab3bdbbbe5c5f0b7cbe06c466e4e

New changelog entries:
  [ Jaldhar H. Vyas ]
  * [77468cf] Imported Upstream version 2.2.9
  * [43e08f3] Place dovenull user in its own group. (Closes: #725164)
  * [e1a3e9c] Handled the fact that dovecot-db.conf.ext is no longer used.
    (Closes: #728107, #730403)
  [Debconf translation updates]
  * Russian (Yuri Kozlov). (Closes: #729106)
  * German (Chris Leick). (Closes: #729358)
  * Danish (Joe Hansen). (Closes: #729425)
  * French (Julien Patriarca). (Closes: #729966)
  * Portuguese (Américo Monteiro). (Closes: #730006)
  * Polish (Michał Kułach). (Closes: #730061)
  * Italian (Beatrice Torracca). (Closes: #730136)
  * Japanese (victory). (Closes: #73017)
  * Swedish (Martin Bagge / brother). (Closes: #730188)
  * Spanish; (Camaleón). (Closes: #730354)
  * [6157a2b] New upstream version 2.2.8

f6b12bd... by Jaldhar on 2013-09-09

Import patches-unapplied version 1:2.2.5-1 to debian/experimental

Imported using git-ubuntu import.

Changelog parent: 790a02ae878c2080888db591ab7806b9feef4709

New changelog entries:
  [ Micah Anderson ]
  * [a0035bf] New upstream version 2.2.5
  * [a053c49] Update pigeonhole patch to 0.4.1
  * [689cd67] refreshed patches
  [ Jaldhar H. Vyas ]
  * Caused bugs and then fixed them again.

790a02a... by Jaldhar on 2013-09-07

Import patches-unapplied version 1:2.1.17-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 1339513799baf0aed166ce1d287514594cc4b725

New changelog entries:
  * [e8286e0] New version of drac patch taken from Ubuntu which works better
    with 2.x (Closes: #716764)
  * [23acb40] Add a patch from Ubuntu to report the distro name in the login
    banner why not.
  * [f8d566e] Don't need dovecot-common package anymore; get rid of it.