- dovecot (1:2.4.1+dfsg1-6+rpi1+deb13u3) trixie-staging; urgency=medium
++dovecot (1:2.4.1+dfsg1-6+rpi1+deb13u5) trixie-staging; urgency=medium
+
+ [changes brought forward from 1:2.3.21+dfsg1-3+rpi1 by Peter Michael Green <plugwash@raspbian.org> at Thu, 20 Jun 2024 17:16:27 +0000]
+ * Disablte testsuite.
+
- -- Raspbian forward porter <root@raspbian.org> Tue, 17 Mar 2026 14:28:20 +0000
++ -- Raspbian forward porter <root@raspbian.org> Tue, 19 May 2026 21:45:11 +0000
++
+ dovecot (1:2.4.1+dfsg1-6+deb13u5) trixie; urgency=medium
+
+ * [b357180] autopkgtests: Add managesieved authentication test
+ * [c9d69a1] Fix memory leak in CVE-2026-27857 fix
+
+ -- Noah Meyerhans <noahm@debian.org> Wed, 06 May 2026 15:18:43 -0400
+
+ dovecot (1:2.4.1+dfsg1-6+deb13u4) trixie-security; urgency=medium
+
+ * [bc29057] CVE-2025-59028: auth: Don't disconnect auth client when
+ invalid base64 SASL input is received
+ * [fee7a9a] CVE-2025-59031: stop shipping the decode2text shell script
+ * [9a4442e] CVE-2025-59032: managesieve-login: Fix crash when command
+ didn't finish on the first call
+ * [2711b3e] CVE-2026-24031, CVE-2026-27860: auth: fix ldap and sql
+ injection
+ * [d30f1c3] CVE-2026-27855: fix OTP authentication reply vulnerability
+ * [e1b0ff7] CVE-2026-27856: doveadm: fix timing oracle attack
+ * [b8a69bf] CVE-2026-27857: fix resource exhaustion DoS in NOOP command
+ parsing
+ * [85dd068] CVE-2026-27858: fix pre-authentication managesieve memory
+ consumption issue
+ * [880e332] CVE-2026-27859: fix uncontrolled resource allocation when
+ delivering specially crafted email messages
+
+ -- Noah Meyerhans <noahm@debian.org> Tue, 31 Mar 2026 15:07:17 -0400
dovecot (1:2.4.1+dfsg1-6+deb13u3) trixie; urgency=medium
projects / dovecot.git / commitdiff