CVSROOT: /cvs
Module name: ports
Changes by: [email protected] 2021/01/07 10:22:25
Modified files:
mail/dovecot : Tag: OPENBSD_6_8 Makefile distinfo
mail/dovecot/pkg: Tag: OPENBSD_6_8 PLIST-server
Added files:
mail/dovecot/patches: Tag: OPENBSD_6_8
patch-src_lib_test-file-cache_c
Removed files:
mail/dovecot/patches: Tag: OPENBSD_6_8
patch-src_lib-index_mail-cache_c
Log message:
update to Dovecot 2.3.13, ok Brad
* CVE-2020-24386: Specially crafted command can cause IMAP hibernate to
allow logged in user to access other people's emails and filesystem
information.
(IMAP hibernate is not used by default).
* Mail delivery / parsing crashed when the 10 000th MIME part was
message/rfc822 (or if parent was multipart/digest). This happened
due to earlier MIME parsing changes for CVE-2020-12100.
A number of other crash fixes are included.
https://dovecot.org/pipermail/dovecot-news/2021-January/000448.html
