- update to 1.2.6 - remove files/patch-src-auth-mech-gssapi.c which is now implemented upstream Builds and installs on 7.2-RELEASE tinderbox, but I have not performed any runtime testing. Fix: diff attached. Patch attached with submission follows:
Responsible Changed From-To: freebsd-ports-bugs->itetcu itetcu@ wants his PRs (via the GNATS Auto Assign Tool)
Maintainer of mail/dovecot, Please note that PR ports/139386 has just been submitted. If it contains a patch for an upgrade, an enhancement or a bug fix you agree on, reply to this email stating that you approve the patch and a committer will take care of it. The full text of the PR can be found at: http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/139386 -- Edwin Groothuis via the GNATS Auto Assign Tool edwin@FreeBSD.org
State Changed From-To: open->feedback Awaiting maintainers feedback (via the GNATS Auto Assign Tool)
Approved. -- Yarema
State Changed From-To: feedback->open Maintainer approved
State Changed From-To: open->feedback fails to build on 6.X http://32bit.miwibox.org/index.php?action=describe_port&id=1279 http://64bit.miwibox.org/index.php?action=describe_port&id=1293
This breaks on 6.X because Dovecot expects a newer version of OpenSSL that is unavailable on 6.X. This issue was fixed upstream and the revised patch for 1.2.8 *should* compile on 6.X but I have not tested it -- miwi@ would you mind re-running it on your 6.X tinderbuild? Otherwise I will be able to test it tomorrow once I've built 6.X. Also, this update to 1.2.8 addresses a security issue[1]. A new managesieve explicitly for 1.2.8 is yet to be released, but the 1.2.7 patch applies without hunks so I have included it here; hopefully Yarema (the maintainer) is OK with that. Finally, only compile/build testing performed; no run time testing. [1] http://www.dovecot.org/list/dovecot-news/2009-November/000143.html -- Sahil Tandon <sahil@tandon.net>
Sahil, No problem. So long as the currently available managesieve patch works. We can get the port updated with the new patch once it becomes available. Thanks much far all your efforts in this cause.. :) Most appreciated. -- Yarema
> Also, this update to 1.2.8 addresses a security issue[1]. A new > managesieve explicitly for 1.2.8 is yet to be released, but the 1.2.7 > patch applies without hunks so I have included it here; hopefully Yarema > (the maintainer) is OK with that. The patch dovecot-1.2.8-managesieve-0.11.9 is now released. A build on 6.4/7.2/8.0 was done successful. -- olli hauer
Please, don't forget to bump dovecot-antispam (see Makefile for an explanation). -- wbr, pluknet
A revised CVS diff is attached and ports/140878 has been filed to bump mail/dovecot-antispam. -- Sahil Tandon <sahil@tandon.net>
Gentlemen, good day. I fixed a bit the pkg-plist for the dovecot 1.2.8 -- for this version POP3 support is compiled unconditionally, so the builds with WITHOUT_POP3 will have broken plist with the patches mentioned earlier in this PR. I had also created VuXML entry for the CVE-2009-3897 that was the reason why 1.2.8 was rolled out. And I had made a small patch that will check for the remains from the CVE-2009-3897 during the startup of the dovecot daemon via rc.d script. The links are: http://codelabs.ru/fbsd/patches/dovecot/cve-2009-3897/vuln.xml http://codelabs.ru/fbsd/patches/dovecot/cve-2009-3897/dovecot-update-to-1.2.8.diff http://codelabs.ru/fbsd/patches/dovecot/cve-2009-3897/dovecot-check-for-CVE-2009-3897-rc.d-script.diff The patch for update also includes the version bump for the dovecot-antispam. Updated port passes Tinderbox builds on 7.x, 8.x and 9.x; it also works on my servers (IMAP only, no POP3). -- Eygene _ ___ _.--. # \`.|\..----...-'` `-._.-'_.-'` # Remember that it is hard / ' ` , __.--' # to read the on-line manual )/' _/ \ `-_, / # while single-stepping the kernel. `-'" `"\_ ,_.-;_.-\_ ', fsc/as # _.-'_./ {_.' ; / # -- FreeBSD Developers handbook {_.-``-' {_/ #
Please commit the following patch. The difference between my patch and the last one Eygene submitted is that I removed POP3 from OPTIONS and refactored the Makefile to get rid of any vestiges of pop3 support being optional. When committing, remember that files/patch-src-auth-mech-gssapi.c is no longer needed and should be deleted. Thanks to Sahil, Eygene and all who chipped in to this update. -- Yarema
Responsible Changed From-To: itetcu->wxs I'll take it.
wxs 2009-12-10 15:30:08 UTC FreeBSD ports repository Modified files: mail/dovecot Makefile distinfo pkg-plist Removed files: mail/dovecot/files patch-src-auth-mech-gssapi.c Log: - Update to 1.2.8 PR: ports/139386 Submitted by: Sahil Tandon <sahil@tandon.net> Approved by: Yarema <yds@CoolRat.org> (maintainer) Revision Changes Path 1.111 +3 -18 ports/mail/dovecot/Makefile 1.73 +6 -6 ports/mail/dovecot/distinfo 1.2 +0 -13 ports/mail/dovecot/files/patch-src-auth-mech-gssapi.c (dead) 1.31 +4 -3 ports/mail/dovecot/pkg-plist _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
State Changed From-To: feedback->closed Committed. Thanks!
Yarema, good day. Tue, Dec 08, 2009 at 04:50:23PM -0500, Yarema wrote: > Please commit the following patch. The difference between my patch and > the last one Eygene submitted is that I removed POP3 from OPTIONS and > refactored the Makefile to get rid of any vestiges of pop3 support being > optional. When committing, remember that > files/patch-src-auth-mech-gssapi.c is no longer needed and should be > deleted. Thanks to Sahil, Eygene and all who chipped in to this update. Do I understand correctly that you decided to drop the patch for the rc.d script that checks for the CVE remains? The one at http://codelabs.ru/fbsd/patches/dovecot/cve-2009-3897/dovecot-check-for-CVE-2009-3897-rc.d-script.diff -- Eygene _ ___ _.--. # \`.|\..----...-'` `-._.-'_.-'` # Remember that it is hard / ' ` , __.--' # to read the on-line manual )/' _/ \ `-_, / # while single-stepping the kernel. `-'" `"\_ ,_.-;_.-\_ ', fsc/as # _.-'_./ {_.' ; / # -- FreeBSD Developers handbook {_.-``-' {_/ #
On 12/15/2009 6:39 AM, Eygene Ryabinkin wrote: > Yarema, good day. > > Tue, Dec 08, 2009 at 04:50:23PM -0500, Yarema wrote: >> Please commit the following patch. The difference between my patch and >> the last one Eygene submitted is that I removed POP3 from OPTIONS and >> refactored the Makefile to get rid of any vestiges of pop3 support being >> optional. When committing, remember that >> files/patch-src-auth-mech-gssapi.c is no longer needed and should be >> deleted. Thanks to Sahil, Eygene and all who chipped in to this update. > > Do I understand correctly that you decided to drop the patch for the > rc.d script that checks for the CVE remains? The one at > http://codelabs.ru/fbsd/patches/dovecot/cve-2009-3897/dovecot-check-for-CVE-2009-3897-rc.d-script.diff My apologies. I simply overlooked that patch.. There's another 1.2.8 PR for me to look at.. I'll see about getting it all in together. -- Yarema