diff options
| author |   Thomas Deutschmann <whissi@gentoo.org> | 2018-01-25 16:19:25 +0100 |
|---|---|---|
| committer | Thomas Deutschmann <whissi@gentoo.org> | 2018-01-25 16:19:40 +0100 |
| commit | 77ef1e767f97fa8377c4e2467082bacbb303d333 (patch) | |
| tree | f34b7c79905292aa01357c15e0d0dcc7f46c7084 /net-mail/dovecot/files | |
| parent | dev-php/pecl-apcu: Drop old revision (diff) | |
| download | gentoo-77ef1e767f97fa8377c4e2467082bacbb303d333.tar.gz gentoo-77ef1e767f97fa8377c4e2467082bacbb303d333.tar.bz2 gentoo-77ef1e767f97fa8377c4e2467082bacbb303d333.zip | |
net-mail/dovecot: bump, fixes CVE-2017-15132
Bug: https://bugs.gentoo.org/644214
Package-Manager: Portage-2.3.20, Repoman-2.3.6
Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
Diffstat (limited to 'net-mail/dovecot/files')
| -rw-r--r-- | net-mail/dovecot/files/dovecot-2.2.33.2-CVE-2017-15132.patch | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/net-mail/dovecot/files/dovecot-2.2.33.2-CVE-2017-15132.patch b/net-mail/dovecot/files/dovecot-2.2.33.2-CVE-2017-15132.patch new file mode 100644 index 000000000000..3f87e71b559a --- /dev/null +++ b/net-mail/dovecot/files/dovecot-2.2.33.2-CVE-2017-15132.patch @@ -0,0 +1,14 @@ +CVE-2017-15132: dovecot: auth client leaks memory if SASL authentication is aborted. + +https://github.com/dovecot/core/commit/1a29ed2f96da1be22fa5a4d96c7583aa81b8b060 + +--- a/src/lib-auth/auth-client-request.c ++++ b/src/lib-auth/auth-client-request.c +@@ -186,6 +186,7 @@ void auth_client_request_abort(struct auth_client_request **_request) + + auth_client_send_cancel(request->conn->client, request->id); + call_callback(request, AUTH_REQUEST_STATUS_ABORT, NULL, NULL); ++ pool_unref(&request->pool); + } + + unsigned int auth_client_request_get_id(struct auth_client_request *request) |