diff options
| author |   Thomas Deutschmann <whissi@gentoo.org> | 2018-02-01 02:18:17 +0100 |
|---|---|---|
| committer | Thomas Deutschmann <whissi@gentoo.org> | 2018-02-01 02:18:17 +0100 |
| commit | e3acd4d22b48eca30b27ce4694e4ae1de51fba40 (patch) | |
| tree | db16a31048aa031417892ca5d6fcd877ff9dcb52 /net-mail/dovecot/files | |
| parent | sys-apps/portage: apply EPREFIX to repos.conf pubring.gpg path (diff) | |
| download | gentoo-e3acd4d22b48eca30b27ce4694e4ae1de51fba40.tar.gz gentoo-e3acd4d22b48eca30b27ce4694e4ae1de51fba40.tar.bz2 gentoo-e3acd4d22b48eca30b27ce4694e4ae1de51fba40.zip | |
net-mail/dovecot: bump, fixup for problem caused by patch for CVE-2017-15132
Dovecot login process would crash after few minutes of idle after
consecutive aborted logins when patch for CVE-2017-15132 was applied.
Bug: https://bugs.gentoo.org/644214
Package-Manager: Portage-2.3.21, Repoman-2.3.6
Diffstat (limited to 'net-mail/dovecot/files')
| -rw-r--r-- | net-mail/dovecot/files/dovecot-2.2.33.2-CVE-2017-15132-fixup.patch | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/net-mail/dovecot/files/dovecot-2.2.33.2-CVE-2017-15132-fixup.patch b/net-mail/dovecot/files/dovecot-2.2.33.2-CVE-2017-15132-fixup.patch new file mode 100644 index 000000000000..c30acf1fd6eb --- /dev/null +++ b/net-mail/dovecot/files/dovecot-2.2.33.2-CVE-2017-15132-fixup.patch @@ -0,0 +1,37 @@ +Upstream: https://github.com/dovecot/core/commit/a9b135760aea6d1790d447d351c56b78889dac22 + +Link: http://seclists.org/oss-sec/2018/q1/119 + +--- a/src/lib-auth/auth-client-request.c ++++ b/src/lib-auth/auth-client-request.c +@@ -186,6 +186,8 @@ void auth_client_request_abort(struct auth_client_request **_request) + + auth_client_send_cancel(request->conn->client, request->id); + call_callback(request, AUTH_REQUEST_STATUS_ABORT, NULL, NULL); ++ /* remove the request */ ++ auth_server_connection_remove_request(request->conn, request->id); + pool_unref(&request->pool); + } + +--- a/src/lib-auth/auth-server-connection.c ++++ b/src/lib-auth/auth-server-connection.c +@@ -483,3 +483,10 @@ auth_server_connection_add_request(struct auth_server_connection *conn, + hash_table_insert(conn->requests, POINTER_CAST(id), request); + return id; + } ++ ++void auth_server_connection_remove_request(struct auth_server_connection *conn, ++ unsigned int id) ++{ ++ i_assert(conn->handshake_received); ++ hash_table_remove(conn->requests, POINTER_CAST(id)); ++} +--- a/src/lib-auth/auth-server-connection.h ++++ b/src/lib-auth/auth-server-connection.h +@@ -40,4 +40,6 @@ void auth_server_connection_disconnect(struct auth_server_connection *conn, + unsigned int + auth_server_connection_add_request(struct auth_server_connection *conn, + struct auth_client_request *request); ++void auth_server_connection_remove_request(struct auth_server_connection *conn, ++ unsigned int id); + #endif |