-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Thu, 01 Mar 2018 19:12:05 +0200 Source: dovecot Binary: dovecot-core dovecot-dev dovecot-imapd dovecot-pop3d dovecot-lmtpd dovecot-managesieved dovecot-pgsql dovecot-mysql dovecot-sqlite dovecot-ldap dovecot-gssapi dovecot-sieve dovecot-solr dovecot-lucene dovecot-dbg Architecture: source amd64 Version: 1:2.2.13-12~deb8u4 Distribution: jessie-security Urgency: high Maintainer: Dovecot Maintainers <jaldhar-dovecot@debian.org> Changed-By: Apollon Oikonomopoulos <apoikos@debian.org> Description: dovecot-core - secure POP3/IMAP server - core files dovecot-dbg - secure POP3/IMAP server - debug symbols dovecot-dev - secure POP3/IMAP server - header files dovecot-gssapi - secure POP3/IMAP server - GSSAPI support dovecot-imapd - secure POP3/IMAP server - IMAP daemon dovecot-ldap - secure POP3/IMAP server - LDAP support dovecot-lmtpd - secure POP3/IMAP server - LMTP server dovecot-lucene - secure POP3/IMAP server - Lucene support dovecot-managesieved - secure POP3/IMAP server - ManageSieve server dovecot-mysql - secure POP3/IMAP server - MySQL support dovecot-pgsql - secure POP3/IMAP server - PostgreSQL support dovecot-pop3d - secure POP3/IMAP server - POP3 daemon dovecot-sieve - secure POP3/IMAP server - Sieve filters support dovecot-solr - secure POP3/IMAP server - Solr support dovecot-sqlite - secure POP3/IMAP server - SQLite support Closes: 888432 891819 891820 Changes: dovecot (1:2.2.13-12~deb8u4) jessie-security; urgency=high . * [eb6eab8] Fix CVE-2017-14461: rfc822_parse_domain information leak (Closes: #891819) * [df2ccf9] Fix CVE-2017-15130: TLS SNI config lookups are inefficient and can be used for DoS (Closes: #891820) + Use dh-autoreconf, as src/Makefile.in needs to be regenerated. Also disable dovecot_name.patch, since it changes dovecot's banner in conjunction with dh_autoreconf. * [292742f] Fix CVE-2017-15132: memory leak on aborted SASL auth (Closes: #888432) * [3e2ccd1] Add myself to Uploaders Checksums-Sha1: 672ac1c717a4b282ddf7a257da44d4449e6b178a 3335 dovecot_2.2.13-12~deb8u4.dsc ee8efc77cb9d502dc416ae4fba242adc5f01c163 4613824 dovecot_2.2.13.orig.tar.gz 3b2c547fbb71013f208d4af025ba7b247f538977 746136 dovecot_2.2.13-12~deb8u4.debian.tar.xz 48e4c8d80e2210b20aed9d4860d74507449cfd69 2659458 dovecot-core_2.2.13-12~deb8u4_amd64.deb 9149f367fcca0d2dd588ca171000a0863a4cd7da 750702 dovecot-dev_2.2.13-12~deb8u4_amd64.deb f26879470c738195253c70069f5b5c60010a1723 646064 dovecot-imapd_2.2.13-12~deb8u4_amd64.deb 7a7d63c3c1e072cffeec5979f9fe0a02093d1b7d 550854 dovecot-pop3d_2.2.13-12~deb8u4_amd64.deb f98d39a658a309811545fbf0b950e1407017f67e 542652 dovecot-lmtpd_2.2.13-12~deb8u4_amd64.deb 36e1dcc76139c5d05e4213e61ee412b4472a3c53 569726 dovecot-managesieved_2.2.13-12~deb8u4_amd64.deb 93f4822b431eb2855aac1b9c67e3f9cf1f83b401 534078 dovecot-pgsql_2.2.13-12~deb8u4_amd64.deb 32ab8eb4c44023a4a7d4c2e9cbf1581cc0ea6d02 531716 dovecot-mysql_2.2.13-12~deb8u4_amd64.deb 8435022186ad05c316397eea9eba5d42d76010e0 529862 dovecot-sqlite_2.2.13-12~deb8u4_amd64.deb 46c75882c19f20dec299d47fc29c70db7d2c6249 545246 dovecot-ldap_2.2.13-12~deb8u4_amd64.deb 19b78c3b921f4c7af784f3116ab8ac04939df88a 531106 dovecot-gssapi_2.2.13-12~deb8u4_amd64.deb 217038f0ed1d8e80c486df330f089b5ac9c58bde 765088 dovecot-sieve_2.2.13-12~deb8u4_amd64.deb 37f3db9eda64c8f96906b6e85b241bbab6d572a9 542112 dovecot-solr_2.2.13-12~deb8u4_amd64.deb 6344508c4b6ababe59f8f4e8a5e2a1a0b11780f6 549200 dovecot-lucene_2.2.13-12~deb8u4_amd64.deb d7855578205ee3e91e96cf5e27e19b0a78b468bc 6647346 dovecot-dbg_2.2.13-12~deb8u4_amd64.deb Checksums-Sha256: 6ef74b76d29e5ed81290aa861bf67642a10e35fa033a4c621b959ec947e89240 3335 dovecot_2.2.13-12~deb8u4.dsc 133cf3d2aa81733f6688ec986c91dbe07602fad81e856ba3d8046ffca85d9dce 4613824 dovecot_2.2.13.orig.tar.gz 2789570bae0cb0a090679ca7d1ea5943d77fa35629b644c7c36bf5f5aca8133a 746136 dovecot_2.2.13-12~deb8u4.debian.tar.xz 507072b9f7395ac367858f6e77dc1a0d70f7513f9e55426a944da24d2e776ecc 2659458 dovecot-core_2.2.13-12~deb8u4_amd64.deb e3396d64afb413a05c8886361e088b058e08f206f21c6a254482dafbc56be3b7 750702 dovecot-dev_2.2.13-12~deb8u4_amd64.deb 328e4785178827606b9ca55cb6f37ce24e5131fece87b50270fb95e1280b3ad4 646064 dovecot-imapd_2.2.13-12~deb8u4_amd64.deb 702eafb22a5df8314bb409c8ce3db4432f05ec2f10a4c35907d069d207608970 550854 dovecot-pop3d_2.2.13-12~deb8u4_amd64.deb 58cad6c318f600c57ad46483cb288c33c45de634d0e3c4e10af0bf30bd5d1a9d 542652 dovecot-lmtpd_2.2.13-12~deb8u4_amd64.deb 1b9d3b21735f0757f92d40c0ee99be584d64f1975821274fd3cc8e35ef3a11e5 569726 dovecot-managesieved_2.2.13-12~deb8u4_amd64.deb e3bc14c86a8599a565de74810da486e6a7871b63abe60fb6ec5a15e7aa0c48f4 534078 dovecot-pgsql_2.2.13-12~deb8u4_amd64.deb a31681f391cf0a1ac26a34a362ddb996dbfd6f68075b27b7a6f978b3484f975a 531716 dovecot-mysql_2.2.13-12~deb8u4_amd64.deb ab1c9b14ca2e1b0dbcc5b39482851677892c35a2a352006304ffb30b00eb0a7e 529862 dovecot-sqlite_2.2.13-12~deb8u4_amd64.deb 4bef583d21a134969753733cd968e1cdcabfbb40266f925d648ee1699ea17778 545246 dovecot-ldap_2.2.13-12~deb8u4_amd64.deb 39b8dd10e9b49f2c37b973e817c5f1a0c0b0363fc0397fb817f09b25ddaabc14 531106 dovecot-gssapi_2.2.13-12~deb8u4_amd64.deb 06356a5e03e97b037cc31b010a807fd047b8bea4d5c44c70e6dc8e14ec70642a 765088 dovecot-sieve_2.2.13-12~deb8u4_amd64.deb 8821ce62cb94cc8b2e51f16cd1ceae9cd2f6840697ecc0e9a36237ca11890dc2 542112 dovecot-solr_2.2.13-12~deb8u4_amd64.deb cae36dbe7b9a83af0ef6933bf29df26c7cd51863639c4cadb50ea7c992473b1c 549200 dovecot-lucene_2.2.13-12~deb8u4_amd64.deb 07e411eea445a5c3757f06be0c41616b7c7f452bc59be35cc1bf573a658b5662 6647346 dovecot-dbg_2.2.13-12~deb8u4_amd64.deb Files: 42fe2b7b9c6afb169506c429f8d30cb8 3335 mail optional dovecot_2.2.13-12~deb8u4.dsc a3eb1c0b1822c4f2b0fe9247776baa71 4613824 mail optional dovecot_2.2.13.orig.tar.gz 68d3ec040cd0154bc2efdf2251ad5e33 746136 mail optional dovecot_2.2.13-12~deb8u4.debian.tar.xz 6eb1113ac92ef493a4e876fd7f7396c7 2659458 mail optional dovecot-core_2.2.13-12~deb8u4_amd64.deb 9ec8c8336433660d85729d61516e13a5 750702 mail optional dovecot-dev_2.2.13-12~deb8u4_amd64.deb c6e884f46c7d9c328dd3671833f6257d 646064 mail optional dovecot-imapd_2.2.13-12~deb8u4_amd64.deb cd7fae19b9c2849bf38ae9fd02308cac 550854 mail optional dovecot-pop3d_2.2.13-12~deb8u4_amd64.deb 61139aaaa6883a0a36c1ed8cc34d74f4 542652 mail optional dovecot-lmtpd_2.2.13-12~deb8u4_amd64.deb 4e43cff0f03d62dd31c9c0c6e3818dc2 569726 mail optional dovecot-managesieved_2.2.13-12~deb8u4_amd64.deb 7f7e4c71c170ec195830a70d3f475b38 534078 mail optional dovecot-pgsql_2.2.13-12~deb8u4_amd64.deb bbb0e89233db4744b5928f1a22fe164a 531716 mail optional dovecot-mysql_2.2.13-12~deb8u4_amd64.deb 159c3466a17ca79978063d2e0772500a 529862 mail optional dovecot-sqlite_2.2.13-12~deb8u4_amd64.deb 47f87696f83f0ad13ee3508d3da665b7 545246 mail optional dovecot-ldap_2.2.13-12~deb8u4_amd64.deb df92ab6ee72f337a088eb6a6e61471ed 531106 mail optional dovecot-gssapi_2.2.13-12~deb8u4_amd64.deb cf2943c4cdac08ee09e3810a5bd017e1 765088 mail optional dovecot-sieve_2.2.13-12~deb8u4_amd64.deb 03b601d9cb420b5ace126a763700c55a 542112 mail optional dovecot-solr_2.2.13-12~deb8u4_amd64.deb 207b8dabe95117caf8ce720f468c4a49 549200 mail optional dovecot-lucene_2.2.13-12~deb8u4_amd64.deb a943ad0db1a164a5246778071e99d151 6647346 debug extra dovecot-dbg_2.2.13-12~deb8u4_amd64.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEPgL9ZlYpWVIRC6uZ9RsYxyAkgiQFAlqYj0oACgkQ9RsYxyAk giTcYg//V7TZ7yPEko5s/vcGLsSlBue80r2Ymc0XvO8TeMCMoQ2FZHrWV67ExQ/V 5dkkQdKvkiQ22ylxuT3X5PpUZ6VGcx0wsMQMkzopyKAF9ETWXT2m9efljs9UUSTW Tp/dNchDrn8JyMLQ5/UlVmV3nMpTdI6tvNCl9k7AadmYRSZqFAbX1tc/BklYZTYb BefOKDU0bOkbhWBQ0nmQMRe5oqdaAEJE2/o99LUBXU4yDV74OhX/KWkeF1Yr3Doi +JIXO5Fs0UwIkZUZyGk5ubnF05vAvfAEnZ7Vp92+mgLCZ9GflAG3MCFlU1tKeC18 iYGXF0KWIb6TNGyb0ZZjNpWQCMGZB8MeApyUd+xrGtCDVi85/a4HH98qG7zQPSX3 tmAXs/vtJPsbQc0RopEHAlm2FYRgvbpR3kl0bPHmKqqjRbwOoVFvrfrBXA2Ij0zP aeWyGw0/URJ2w0+KomYcs2v+awn6frTssQG5Cv4wEmtiViER2TeqgpRHjR63f3GX /ZBOlSxT9yA6MNpj1zFbDWFD0qoE40eZJSMv2vo29v7mtZohHZQYh10+pqcopuhd aHSf5os4IOuMncsl/MrsHrQ2N3ZUNIwOLA/RRQQbDilc9PQUA1cadk/RwNvioQDM RJYUS+ZJIf4Y/V339eAhKorG81wyPlzpbpmrrIm0iZF6rUyOdlI= =Ac7/ -----END PGP SIGNATURE-----