diff options
author | Tobias Geerinckx-Rice <me@tobias.gr> | 2018-02-28 22:57:04 +0100 |
---|---|---|
committer | Tobias Geerinckx-Rice <me@tobias.gr> | 2018-02-28 22:58:23 +0100 |
commit | 9d43579f2d7d517de3a67c41b2429b467c651514 (patch) | |
tree | d2dd198b4f7484ceafff63fcc3031edbf110ac6e | |
parent | 4321aeb6d34904cb9401e769009315e9c86c1941 (diff) | |
download | guix-9d43579f2d7d517de3a67c41b2429b467c651514.tar guix-9d43579f2d7d517de3a67c41b2429b467c651514.tar.gz |
gnu: dovecot: Update to 2.3.0.1 [fixes CVE-2017-14461].
* gnu/packages/mail.scm (dovecot): Update to 2.3.0.1.
[source]: Remove upstreamed patch.
* gnu/packages/patches/dovecot-CVE-2017-15132.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
-rw-r--r-- | gnu/local.mk | 1 | ||||
-rw-r--r-- | gnu/packages/mail.scm | 5 | ||||
-rw-r--r-- | gnu/packages/patches/dovecot-CVE-2017-15132.patch | 36 |
3 files changed, 2 insertions, 40 deletions
diff --git a/gnu/local.mk b/gnu/local.mk index 9cc00b844c..3d0bd38e50 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -618,7 +618,6 @@ dist_patch_DATA = \ %D%/packages/patches/docbook-xsl-nonrecursive-string-subst.patch \ %D%/packages/patches/doc++-include-directives.patch \ %D%/packages/patches/doc++-segfault-fix.patch \ - %D%/packages/patches/dovecot-CVE-2017-15132.patch \ %D%/packages/patches/doxygen-test.patch \ %D%/packages/patches/dvd+rw-tools-add-include.patch \ %D%/packages/patches/eigen-arm-neon-fixes.patch \ diff --git a/gnu/packages/mail.scm b/gnu/packages/mail.scm index 9fbfddbec1..8d3544f908 100644 --- a/gnu/packages/mail.scm +++ b/gnu/packages/mail.scm @@ -1180,16 +1180,15 @@ facilities for checking incoming mail.") (define-public dovecot (package (name "dovecot") - (version "2.3.0") + (version "2.3.0.1") (source (origin (method url-fetch) (uri (string-append "https://www.dovecot.org/releases/" (version-major+minor version) "/" name "-" version ".tar.gz")) - (patches (search-patches "dovecot-CVE-2017-15132.patch")) (sha256 (base32 - "10c5myzgys866c3x6jdr1s9x9pqnjd5vpyz8z384sph21m3wnq6y")))) + "0lzisrdgrj5qqwjb7bv99mf2aljm568r6g108yisp0s644z2nxxb")))) (build-system gnu-build-system) (native-inputs `(("pkg-config" ,pkg-config))) diff --git a/gnu/packages/patches/dovecot-CVE-2017-15132.patch b/gnu/packages/patches/dovecot-CVE-2017-15132.patch deleted file mode 100644 index 32666b8557..0000000000 --- a/gnu/packages/patches/dovecot-CVE-2017-15132.patch +++ /dev/null @@ -1,36 +0,0 @@ -Fix CVE-2017-15132: - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15132 - -Patch copied from upstream source repository: - -https://github.com/dovecot/core/commit/1a29ed2f96da1be22fa5a4d96c7583aa81b8b060 - -From 1a29ed2f96da1be22fa5a4d96c7583aa81b8b060 Mon Sep 17 00:00:00 2001 -From: Timo Sirainen <timo.sirainen@dovecot.fi> -Date: Mon, 18 Dec 2017 16:50:51 +0200 -Subject: [PATCH] lib-auth: Fix memory leak in auth_client_request_abort() - -This caused memory leaks when authentication was aborted. For example -with IMAP: - -a AUTHENTICATE PLAIN -* - -Broken by 9137c55411aa39d41c1e705ddc34d5bd26c65021 ---- - src/lib-auth/auth-client-request.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/src/lib-auth/auth-client-request.c b/src/lib-auth/auth-client-request.c -index 480fb42b30..046f7c307d 100644 ---- a/src/lib-auth/auth-client-request.c -+++ b/src/lib-auth/auth-client-request.c -@@ -186,6 +186,7 @@ void auth_client_request_abort(struct auth_client_request **_request) - - auth_client_send_cancel(request->conn->client, request->id); - call_callback(request, AUTH_REQUEST_STATUS_ABORT, NULL, NULL); -+ pool_unref(&request->pool); - } - - unsigned int auth_client_request_get_id(struct auth_client_request *request) |