Re: [blfs-book] [BLFS Trac] #12005: dovecot-2.3.6 (was: dovecot-2.3.5)

Wed, 01 May 2019 08:32:10 -0700 

#12005: dovecot-2.3.6
-------------------------+-----------------------
 Reporter:  bdubbs       |       Owner:  timtas
     Type:  enhancement  |      Status:  assigned
 Priority:  normal       |   Milestone:  8.5
Component:  BOOK         |     Version:  SVN
 Severity:  normal       |  Resolution:
 Keywords:               |
-------------------------+-----------------------
Changes (by timtas):

 * owner:  blfs-book => timtas
 * status:  new => assigned


Old description:

> New point version.

New description:

 New point version.

--

Comment:

 Changes
 -------

 * CVE-2019-11494: Submission-login crashed with signal 11 due to null
 pointer access when authentication was aborted by disconnecting.
 * CVE-2019-11499: Submission-login crashed when authentication was started
 over TLS secured channel and invalid authentication message was sent.
 * auth: Support password grant with passdb oauth2.
 + Use system default CAs for outbound TLS connections.
 + Simplify array handling with new helper macros.
 + fts_solr: Enable configuring batch_size and soft_commit features.
 - lmtp/submission: Fixed various bugs in XCLIENT handling, including a
 hang when XCLIENT commands were sent infinitely to the remote server.
 - lmtp/submission: Forwarded multi-line replies were erroneously sent as
 two replies to the client.
 - lib-smtp: client: Message was not guaranteed to contain CRLF
 consistently when CHUNKING was used.
 - fts_solr: Plugin was no longer compatible with Solr 7.
 - Make it possible to disable certificate checking without setting
 ssl_client_ca_* settings.
 - pop3c: SSL support was broken.
 - mysql: Closing connection twice lead to crash on some systems.
 - auth: Multiple oauth2 passdbs crashed auth process on deinit.
 - HTTP client connection errors infrequently triggered a segmentation
 fault when the connection was idle and not used for a particular client
 instance.

--
Ticket URL: <http://wiki.linuxfromscratch.org/blfs/ticket/12005#comment:1>
BLFS Trac <http://wiki.linuxfromscratch.org/blfs>
Beyond Linux From Scratch
-- 
http://lists.linuxfromscratch.org/listinfo/blfs-book
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page

Reply via email to