Overview Repositories Revisions Requests Users Attributes Meta

dovecot23

Edit Package dovecot23
No description set
  • Developed at server:mail
  • Sources inherited from project openSUSE:Factory
  • 3 derived packages
  • Download package
  • osc -A https://api.opensuse.org checkout openSUSE:Factory:Rebuild/dovecot23 && cd $_
  • Create Badge
Refresh
Refresh
Source Files
Filename Size Changed
10048229...de42b54a.patch 0000003087 3.01 KB
3c5101ffdd2a8115e03ed7180d53578765dea4c9.patch 0000001176 1.15 KB
dovecot-2.0.configfiles 0000001000 1000 Bytes
dovecot-2.1-pigeonhole.configfiles 0000000074 74 Bytes
dovecot-2.1.configfiles 0000001117 1.09 KB
dovecot-2.2-pigeonhole.configfiles 0000000149 149 Bytes
dovecot-2.2.configfiles 0000001127 1.1 KB
dovecot-2.3-pigeonhole-0.5.4.tar.gz 0001831570 1.75 MB
dovecot-2.3-pigeonhole-0.5.4.tar.gz.sig 0000000488 488 Bytes
dovecot-2.3-pigeonhole.configfiles 0000000149 149 Bytes
dovecot-2.3.0-better_ssl_defaults.patch 0000002558 2.5 KB
dovecot-2.3.0-dont_use_etc_ssl_certs.patch 0000005212 5.09 KB
dovecot-2.3.4.1.tar.gz 0006925073 6.6 MB
dovecot-2.3.4.1.tar.gz.sig 0000000866 866 Bytes
dovecot-2.3.configfiles 0000001123 1.1 KB
dovecot-rpmlintrc 0000000122 122 Bytes
dovecot23.changes 0000023564 23 KB
dovecot23.keyring 0000004018 3.92 KB
dovecot23.spec 0000027708 27.1 KB
Revision 15 (latest revision is 53)
Stephan Kulow's avatar Stephan Kulow (coolo) accepted request 671912 from Marcus Rueckert's avatar Marcus Rueckert (darix) (revision 15) 
- update to 2.3.4.1 (boo#1123022)
  * CVE-2019-3814: If imap/pop3/managesieve/submission client has
    trusted certificate with missing username field
    (ssl_cert_username_field), under some configurations Dovecot
    mistakenly trusts the username provided via authentication
    instead of failing.
  * ssl_cert_username_field setting was ignored with external
    SMTP AUTH, because none of the MTAs (Postfix, Exim) currently
    send the cert_username field. This may have allowed users with
    trusted certificate to specify any username in the
    authentication. This bug didn't affect Dovecot's Submission
    service.
Comments 0
openSUSE Build Service is sponsored by
Places