Hello community, here is the log from the commit of package dovecot23 for openSUSE:Factory checked in at 2020-02-13 10:13:38 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/dovecot23 (Old) and /work/SRC/openSUSE:Factory/.dovecot23.new.26092 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "dovecot23" Thu Feb 13 10:13:38 2020 rev:25 rq:774042 version:2.3.9.3 Changes: -------- --- /work/SRC/openSUSE:Factory/dovecot23/dovecot23.changes 2020-01-12 23:25:40.094844622 +0100 +++ /work/SRC/openSUSE:Factory/.dovecot23.new.26092/dovecot23.changes 2020-02-13 10:14:02.400427813 +0100 @@ -1,0 +2,8 @@ +Wed Feb 12 12:24:46 UTC 2020 - Arjen de Korte <[email protected]> + +- update to 2.3.9.3 + * CVE-2020-7046: Truncated UTF-8 can be used to DoS + submission-login and lmtp processes. + * CVE-2020-7957: Specially crafted mail can crash snippet generation. + +------------------------------------------------------------------- Old: ---- dovecot-2.3.9.2.tar.gz dovecot-2.3.9.2.tar.gz.sig New: ---- dovecot-2.3.9.3.tar.gz dovecot-2.3.9.3.tar.gz.sig ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ dovecot23.spec ++++++ --- /var/tmp/diff_new_pack.AwZlch/_old 2020-02-13 10:14:03.444428419 +0100 +++ /var/tmp/diff_new_pack.AwZlch/_new 2020-02-13 10:14:03.444428419 +0100 @@ -19,10 +19,10 @@ %global _lto_cflags %{nil} Name: dovecot23 -Version: 2.3.9.2 +Version: 2.3.9.3 Release: 0 %define pkg_name dovecot -%define dovecot_version 2.3.9.2 +%define dovecot_version 2.3.9.3 %define dovecot_pigeonhole_version 0.5.9 %define dovecot_branch 2.3 %define dovecot_pigeonhole_source_dir %{pkg_name}-%{dovecot_branch}-pigeonhole-%{dovecot_pigeonhole_version} ++++++ dovecot-2.3.9.2.tar.gz -> dovecot-2.3.9.3.tar.gz ++++++ /work/SRC/openSUSE:Factory/dovecot23/dovecot-2.3.9.2.tar.gz /work/SRC/openSUSE:Factory/.dovecot23.new.26092/dovecot-2.3.9.3.tar.gz differ: char 5, line 1
