mirror of
https://github.com/NixOS/nixpkgs.git
synced 2024-11-30 10:53:11 +00:00
dovecot: 2.3.11.3 -> 2.3.13
This fixes CVE_2020-24386, CVE-2020-25725 and a bunch of regular bugs [1]. * CVE-2020-24386: Specially crafted command can cause IMAP hibernate to allow logged in user to access other people's emails and filesystem information. * CVE-2020-25275: Mail delivery / parsing crashed when the 10 000th MIME part was message/rfc822 (or if parent was multipart/digest). This happened due to earlier MIME parsing changes for CVE-2020-12100. [1] https://raw.githubusercontent.com/dovecot/core/2.3.13/NEWS
This commit is contained in:
parent
4445bb7284
commit
58c7d3ff17
@ -10,7 +10,7 @@
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "dovecot";
|
||||
version = "2.3.11.3";
|
||||
version = "2.3.13";
|
||||
|
||||
nativeBuildInputs = [ perl pkgconfig ];
|
||||
buildInputs =
|
||||
@ -22,7 +22,7 @@ stdenv.mkDerivation rec {
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://dovecot.org/releases/2.3/${pname}-${version}.tar.gz";
|
||||
sha256 = "1p5gp8jbavcsaara5mfn5cbrnlxssajnchczbgmmfzr7228fmnfk";
|
||||
sha256 = "1i7ijss79a23v7b6lycfzaa8r5rh01k0h0b9h0j4a6n11sw7by53";
|
||||
};
|
||||
|
||||
enableParallelBuilding = true;
|
||||
|
Loading…
Reference in New Issue
Block a user