./mail/dovecot2-sqlite, Secure IMAP and POP3 server (SQLite plugin)

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 2.3.21.1nb3, Package name: dovecot-sqlite-2.3.21.1nb3, Maintainer: adam

Dovecot is an open source IMAP and POP3 server for Linux/UNIX-like systems,
written with security primarily in mind. This package contains the SQLite
backend plugins.


Required to run:
[shells/bash] [mail/dovecot2] [archivers/lz4] [archivers/zstd]


Package options: kqueue, pam, ssl, tcpwrappers

Master sites:

Filesize: 7658.246 KB

Version history: (Expand)


CVS history: (Expand)


   2025-04-17 23:53:13 by Thomas Klausner | Files touched by this commit (2449)
Log message:
*: recursive bump for icu 77 and libxml2 2.14
   2024-11-14 23:22:33 by Thomas Klausner | Files touched by this commit (2428)
Log message:
*: recursive bump for icu 76 shlib major version bump
   2024-11-01 13:55:19 by Thomas Klausner | Files touched by this commit (2425)
Log message:
*: revbump for icu downgrade
   2024-11-01 01:54:33 by Thomas Klausner | Files touched by this commit (2426)
Log message:
*: recursive bump for icu 76.1 shlib bump
   2024-08-19 11:29:57 by Adam Ciarcinski | Files touched by this commit (5) | Package updated
Log message:
dovecot2: updated to 2.3.21.1

v2.3.21.1

- CVE-2024-23184: A large number of address headers in email resulted
  in excessive CPU usage.
- CVE-2024-23185: Abnormally large email headers are now truncated or
  discarded, with a limit of 10MB on a single header and 50MB for all
  the headers of all the parts of an email.
- oauth2: Dovecot would send client_id and client_secret as POST parameters
  to introspection server. These need to be optionally in Basic auth
  instead as required by OIDC specification.
- oauth2: JWT key type check was too strict.
- oauth2: JWT token audience was not validated against client_id as
  required by OIDC specification.
- oauth2: XOAUTH2 and OAUTHBEARER mechanisms were not giving out
  protocol specific error message on all errors. This broke OIDC discovery.
- oauth2: JWT aud validation was not performed if aud was missing
  from token, but was configured on Dovecot.
   2024-05-29 18:35:19 by Adam Ciarcinski | Files touched by this commit (1928) | Package updated
Log message:
revbump after icu and protobuf updates
   2023-11-08 14:21:43 by Thomas Klausner | Files touched by this commit (2376)
Log message:
*: recursive bump for icu 74.1
   2023-04-19 10:12:01 by Adam Ciarcinski | Files touched by this commit (2358) | Package updated
Log message:
revbump after textproc/icu update