dgit.raspbian.org Git - dovecot.git/log

Dovecot Maintainers [Tue, 31 Mar 2026 19:07:17 +0000 (15:07 -0400)]

Fix GSSAPI regression

Origin: https://dovecot.org/mailman3/archives/list/dovecot@dovecot.org/message/O54EAGLIXXHMOH7BQCCKHHB3Z32HDWVR/
Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104549
Last-Update: 2025-05-02

Dovecot 2.4 introduced a regression that broke GSSAPI authentication for
some clients. This patch contains a fix provided by the upstream maintainers.
Last-Update: 2025-05-02
Gbp-Pq: Name bug1104549-gssapi-regression.patch

commit | commitdiff | tree

Dovecot Maintainers [Tue, 31 Mar 2026 19:07:17 +0000 (15:07 -0400)]

fit-32-bit-test-integers

===================================================================

Gbp-Pq: Name fit-32-bit-test-integers.patch

commit | commitdiff | tree

Christian Göttsche [Thu, 22 Dec 2022 16:00:53 +0000 (17:00 +0100)]

Use _FORTIFY_SOURCE level 3

Forwarded: not-needed

Gbp-Pq: Name Use-_FORTIFY_SOURCE-level-3.patch

commit | commitdiff | tree

Timo Sirainen [Mon, 26 May 2025 06:45:56 +0000 (09:45 +0300)]

[PATCH] lda: Default mail_home=$HOME environment if not using userdb lookup

The previous code to do this was removed by
e57d5b9002f910c095ee5b55821395fcf1da016a

Gbp-Pq: Name 0002-lda-Default-mail_home-HOME-environment-if-not-using-.patch

commit | commitdiff | tree

Timo Sirainen [Mon, 26 May 2025 06:37:35 +0000 (09:37 +0300)]

[PATCH] lda: Fix using USER environment if -d hasn't been specified

This became broken at some point.

Gbp-Pq: Name 0001-lda-Fix-using-USER-environment-if-d-hasn-t-been-spec.patch

commit | commitdiff | tree

Noah Meyerhans [Fri, 22 May 2020 04:48:59 +0000 (21:48 -0700)]

Don't try to build doc/rfc subdir components

Forwarded: not-needed

Forwarded: not-needed
Gbp-Pq: Name skip-rfc-subdir.patch

commit | commitdiff | tree

Noah Meyerhans [Tue, 31 Mar 2026 19:07:17 +0000 (15:07 -0400)]

dovecot (1:2.4.1+dfsg1-6+deb13u4) trixie-security; urgency=medium

  * [bc29057] CVE-2025-59028: auth: Don't disconnect auth client when
    invalid base64 SASL input is received
  * [fee7a9a] CVE-2025-59031: stop shipping the decode2text shell script
  * [9a4442e] CVE-2025-59032: managesieve-login: Fix crash when command
    didn't finish on the first call
  * [2711b3e] CVE-2026-24031, CVE-2026-27860: auth: fix ldap and sql
    injection
  * [d30f1c3] CVE-2026-27855: fix OTP authentication reply vulnerability
  * [e1b0ff7] CVE-2026-27856: doveadm: fix timing oracle attack
  * [b8a69bf] CVE-2026-27857: fix resource exhaustion DoS in NOOP command
    parsing
  * [85dd068] CVE-2026-27858: fix pre-authentication managesieve memory
    consumption issue
  * [880e332] CVE-2026-27859: fix uncontrolled resource allocation when
    delivering specially crafted email messages

[dgit import unpatched dovecot 1:2.4.1+dfsg1-6+deb13u4]

commit | commitdiff | tree

Noah Meyerhans [Tue, 31 Mar 2026 19:07:17 +0000 (15:07 -0400)]

Import dovecot_2.4.1+dfsg1-6+deb13u4.debian.tar.xz

[dgit import tarball dovecot 1:2.4.1+dfsg1-6+deb13u4 dovecot_2.4.1+dfsg1-6+deb13u4.debian.tar.xz]

commit | commitdiff | tree

Noah Meyerhans [Sun, 30 Mar 2025 15:48:57 +0000 (11:48 -0400)]

Import dovecot_2.4.1+dfsg1.orig.tar.gz

[dgit import orig dovecot_2.4.1+dfsg1.orig.tar.gz]

commit | commitdiff | tree

Noah Meyerhans [Sun, 30 Mar 2025 15:48:57 +0000 (11:48 -0400)]

Import dovecot_2.4.1+dfsg1.orig-pigeonhole.tar.gz

[dgit import orig dovecot_2.4.1+dfsg1.orig-pigeonhole.tar.gz]

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom