Bug 139386 - [UPDATE] mail/dovecot: update to 1.2.6
Summary: [UPDATE] mail/dovecot: update to 1.2.6
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Only Me
Assignee: Wesley Shields
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2009-10-07 05:10 UTC by Sahil Tandon
Modified: 2009-12-15 18:00 UTC (History)
0 users

See Also:


Attachments
file.diff (2.86 KB, patch)
2009-10-07 05:10 UTC, Sahil Tandon
no flags Details | Diff
dovecot.diff (3.32 KB, patch)
2009-11-21 17:56 UTC, Sahil Tandon
no flags Details | Diff
patch-dovecot.txt (1.80 KB, patch)
2009-11-25 14:39 UTC, Olli Hauer
no flags Details | Diff
dovecot.diff (2.86 KB, patch)
2009-11-25 22:33 UTC, Sahil Tandon
no flags Details | Diff
dovecot.diff (3.70 KB, patch)
2009-12-08 21:50 UTC, Yarema
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Sahil Tandon 2009-10-07 05:10:01 UTC
- update to 1.2.6
- remove files/patch-src-auth-mech-gssapi.c which is now implemented upstream

Builds and installs on 7.2-RELEASE tinderbox, but I have not performed any runtime testing.

Fix: diff attached.

Patch attached with submission follows:
Comment 1 Edwin Groothuis freebsd_committer 2009-10-07 05:10:12 UTC
Responsible Changed
From-To: freebsd-ports-bugs->itetcu

itetcu@ wants his PRs (via the GNATS Auto Assign Tool)
Comment 2 Edwin Groothuis freebsd_committer 2009-10-07 05:10:14 UTC
Maintainer of mail/dovecot,

Please note that PR ports/139386 has just been submitted.

If it contains a patch for an upgrade, an enhancement or a bug fix
you agree on, reply to this email stating that you approve the patch
and a committer will take care of it.

The full text of the PR can be found at:
    http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/139386

-- 
Edwin Groothuis via the GNATS Auto Assign Tool
edwin@FreeBSD.org
Comment 3 Edwin Groothuis freebsd_committer 2009-10-07 05:10:16 UTC
State Changed
From-To: open->feedback

Awaiting maintainers feedback (via the GNATS Auto Assign Tool)
Comment 4 Yarema 2009-10-22 20:03:37 UTC
Approved.

-- 
Yarema
Comment 5 Pav Lucistnik freebsd_committer 2009-11-18 13:39:38 UTC
State Changed
From-To: feedback->open

Maintainer approved
Comment 6 Martin Wilke freebsd_committer 2009-11-20 16:03:32 UTC
State Changed
From-To: open->feedback


fails to build on 6.X 

http://32bit.miwibox.org/index.php?action=describe_port&id=1279 
http://64bit.miwibox.org/index.php?action=describe_port&id=1293
Comment 7 Sahil Tandon 2009-11-21 17:56:55 UTC
This breaks on 6.X because Dovecot expects a newer version of OpenSSL
that is unavailable on 6.X.  This issue was fixed upstream and the
revised patch for 1.2.8 *should* compile on 6.X but I have not tested it
-- miwi@ would you mind re-running it on your 6.X tinderbuild?
Otherwise I will be able to test it tomorrow once I've built 6.X.  

Also, this update to 1.2.8 addresses a security issue[1].  A new
managesieve explicitly for 1.2.8 is yet to be released, but the 1.2.7
patch applies without hunks so I have included it here; hopefully Yarema
(the maintainer) is OK with that.

Finally, only compile/build testing performed; no run time testing.

[1] http://www.dovecot.org/list/dovecot-news/2009-November/000143.html

-- 
Sahil Tandon <sahil@tandon.net>
Comment 8 Yarema 2009-11-21 18:24:17 UTC
Sahil,

No problem.  So long as the currently available managesieve patch works. 
  We can get the port updated with the new patch once it becomes available.

Thanks much far all your efforts in this cause.. :) Most appreciated.

-- 
Yarema
Comment 9 Olli Hauer 2009-11-25 14:39:03 UTC
 > Also, this update to 1.2.8 addresses a security issue[1]. A new
 > managesieve explicitly for 1.2.8 is yet to be released, but the 1.2.7
 > patch applies without hunks so I have included it here; hopefully Yarema
 > (the maintainer) is OK with that.

The patch dovecot-1.2.8-managesieve-0.11.9 is now released.

A build on 6.4/7.2/8.0 was done successful.

--
olli hauer
Comment 10 pluknet 2009-11-25 17:54:41 UTC
Please, don't forget to bump dovecot-antispam (see Makefile for an explanation).

-- 
wbr,
pluknet
Comment 11 Sahil Tandon 2009-11-25 22:33:11 UTC
A revised CVS diff is attached and ports/140878 has been filed to bump
mail/dovecot-antispam.

-- 
Sahil Tandon <sahil@tandon.net>
Comment 12 Eygene Ryabinkin 2009-11-26 13:37:42 UTC
Gentlemen, good day.

I fixed a bit the pkg-plist for the dovecot 1.2.8 -- for this version
POP3 support is compiled unconditionally, so the builds with
WITHOUT_POP3 will have broken plist with the patches mentioned earlier
in this PR.

I had also created VuXML entry for the CVE-2009-3897 that was the
reason why 1.2.8 was rolled out.  And I had made a small patch that
will check for the remains from the CVE-2009-3897 during the startup
of the dovecot daemon via rc.d script.

The links are:
  http://codelabs.ru/fbsd/patches/dovecot/cve-2009-3897/vuln.xml
  http://codelabs.ru/fbsd/patches/dovecot/cve-2009-3897/dovecot-update-to-1.2.8.diff
  http://codelabs.ru/fbsd/patches/dovecot/cve-2009-3897/dovecot-check-for-CVE-2009-3897-rc.d-script.diff

The patch for update also includes the version bump for the dovecot-antispam.

Updated port passes Tinderbox builds on 7.x, 8.x and 9.x; it also works
on my servers (IMAP only, no POP3).
-- 
Eygene
 _                ___       _.--.   #
 \`.|\..----...-'`   `-._.-'_.-'`   #  Remember that it is hard
 /  ' `         ,       __.--'      #  to read the on-line manual
 )/' _/     \   `-_,   /            #  while single-stepping the kernel.
 `-'" `"\_  ,_.-;_.-\_ ',  fsc/as   #
     _.-'_./   {_.'   ; /           #    -- FreeBSD Developers handbook
    {_.-``-'         {_/            #
Comment 13 Yarema 2009-12-08 21:50:23 UTC
Please commit the following patch.  The difference between my patch and 
the last one Eygene submitted is that I removed POP3 from OPTIONS and 
refactored the Makefile to get rid of any vestiges of pop3 support being 
optional.  When committing, remember that 
files/patch-src-auth-mech-gssapi.c is no longer needed and should be 
deleted.  Thanks to Sahil, Eygene and all who chipped in to this update.

-- 
Yarema
Comment 14 Wesley Shields freebsd_committer 2009-12-09 18:10:46 UTC
Responsible Changed
From-To: itetcu->wxs

I'll take it.
Comment 15 dfilter service freebsd_committer 2009-12-10 15:30:22 UTC
wxs         2009-12-10 15:30:08 UTC

  FreeBSD ports repository

  Modified files:
    mail/dovecot         Makefile distinfo pkg-plist 
  Removed files:
    mail/dovecot/files   patch-src-auth-mech-gssapi.c 
  Log:
  - Update to 1.2.8
  
  PR:             ports/139386
  Submitted by:   Sahil Tandon <sahil@tandon.net>
  Approved by:    Yarema <yds@CoolRat.org> (maintainer)
  
  Revision  Changes    Path
  1.111     +3 -18     ports/mail/dovecot/Makefile
  1.73      +6 -6      ports/mail/dovecot/distinfo
  1.2       +0 -13     ports/mail/dovecot/files/patch-src-auth-mech-gssapi.c (dead)
  1.31      +4 -3      ports/mail/dovecot/pkg-plist
_______________________________________________
cvs-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/cvs-all
To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
Comment 16 Wesley Shields freebsd_committer 2009-12-10 15:32:19 UTC
State Changed
From-To: feedback->closed

Committed. Thanks!
Comment 17 Eygene Ryabinkin 2009-12-15 11:39:19 UTC
Yarema, good day.

Tue, Dec 08, 2009 at 04:50:23PM -0500, Yarema wrote:
> Please commit the following patch.  The difference between my patch and 
> the last one Eygene submitted is that I removed POP3 from OPTIONS and 
> refactored the Makefile to get rid of any vestiges of pop3 support being 
> optional.  When committing, remember that 
> files/patch-src-auth-mech-gssapi.c is no longer needed and should be 
> deleted.  Thanks to Sahil, Eygene and all who chipped in to this update.

Do I understand correctly that you decided to drop the patch for the
rc.d script that checks for the CVE remains?  The one at
  http://codelabs.ru/fbsd/patches/dovecot/cve-2009-3897/dovecot-check-for-CVE-2009-3897-rc.d-script.diff
-- 
Eygene
 _                ___       _.--.   #
 \`.|\..----...-'`   `-._.-'_.-'`   #  Remember that it is hard
 /  ' `         ,       __.--'      #  to read the on-line manual
 )/' _/     \   `-_,   /            #  while single-stepping the kernel.
 `-'" `"\_  ,_.-;_.-\_ ',  fsc/as   #
     _.-'_./   {_.'   ; /           #    -- FreeBSD Developers handbook
    {_.-``-'         {_/            #
Comment 18 Yarema 2009-12-15 17:50:27 UTC
On 12/15/2009 6:39 AM, Eygene Ryabinkin wrote:
> Yarema, good day.
>
> Tue, Dec 08, 2009 at 04:50:23PM -0500, Yarema wrote:
>> Please commit the following patch.  The difference between my patch and
>> the last one Eygene submitted is that I removed POP3 from OPTIONS and
>> refactored the Makefile to get rid of any vestiges of pop3 support being
>> optional.  When committing, remember that
>> files/patch-src-auth-mech-gssapi.c is no longer needed and should be
>> deleted.  Thanks to Sahil, Eygene and all who chipped in to this update.
>
> Do I understand correctly that you decided to drop the patch for the
> rc.d script that checks for the CVE remains?  The one at
>    http://codelabs.ru/fbsd/patches/dovecot/cve-2009-3897/dovecot-check-for-CVE-2009-3897-rc.d-script.diff

My apologies.  I simply overlooked that patch..  There's another 1.2.8 
PR for me to look at..  I'll see about getting it all in together.

-- 
Yarema