CVSROOT: /cvs
Module name: ports
Changes by: [email protected] 2016/12/04 14:36:02
Modified files:
mail/dovecot : Makefile distinfo
mail/dovecot/patches: patch-doc_mkcert_sh
patch-src_lib-dcrypt_dcrypt-openssl_c
patch-src_lib-ssl-iostream_dovecot-openssl-common_c
mail/dovecot/pkg: PLIST-server
Log message:
update to dovecot-2.2.27, and use https HOMEPAGE. From Brad.
CVE-2016-8652 (the version in 6.0 isn't affected): "If auth-policy
component has been activated in Dovecot, then remote user can use
SASL authentication to crash auth component. Workaround is to disable
auth-policy component until fix is in place."
