Hello,Here are some diffs to update dovecot and pigeonhole to solve the following CVE
CVE-2021-33515: SMTP Submission service STARTTLS injection CVE-2021-29157: oauth2 JWT local validation path traversal CVE-2020-28200: Sieve excessive resource usage Best Regards
Index: Makefile
===================================================================
RCS file: /cvs/ports/mail/dovecot/Makefile,v
retrieving revision 1.297
diff -u -p -r1.297 Makefile
--- Makefile 8 Mar 2021 17:56:18 -0000 1.297
+++ Makefile 22 Jun 2021 08:52:06 -0000
@@ -9,9 +9,8 @@ COMMENT-postgresql= PostgreSQL authentic
# if backporting an update to stable, ensure all ports depending on
# this are bumped and that -current is same/newer version than -stable
V_MAJOR= 2.3
-V_DOVECOT= 2.3.14
+V_DOVECOT= 2.3.15
EPOCH= 0
-REVISION-server= 0
DISTNAME= dovecot-${V_DOVECOT}
PKGNAME= dovecot-${V_DOVECOT}
Index: distinfo
===================================================================
RCS file: /cvs/ports/mail/dovecot/distinfo,v
retrieving revision 1.156
diff -u -p -r1.156 distinfo
--- distinfo 8 Mar 2021 13:08:27 -0000 1.156
+++ distinfo 22 Jun 2021 08:52:06 -0000
@@ -1,2 +1,2 @@
-SHA256 (dovecot-2.3.14.tar.gz) = yLPX868eVYo/8PlwMJ1AE6TTzhNvjAKlOjsF80W5o0o=
-SIZE (dovecot-2.3.14.tar.gz) = 7483769
+SHA256 (dovecot-2.3.15.tar.gz) = IbvdXUWVepkTPei35xgT7Lc9lHbInfxjR56RArNVNZA=
+SIZE (dovecot-2.3.15.tar.gz) = 7608561
Index: pkg/PLIST-server
===================================================================
RCS file: /cvs/ports/mail/dovecot/pkg/PLIST-server,v
retrieving revision 1.82
diff -u -p -r1.82 PLIST-server
--- pkg/PLIST-server 8 Mar 2021 17:56:18 -0000 1.82
+++ pkg/PLIST-server 22 Jun 2021 08:52:06 -0000
@@ -80,6 +80,7 @@ include/dovecot/config-parser.h
include/dovecot/config-request.h
include/dovecot/config.h
include/dovecot/connection.h
+include/dovecot/cpu-limit.h
include/dovecot/crc32.h
include/dovecot/data-stack.h
include/dovecot/db-checkpassword.h
Index: Makefile
===================================================================
RCS file: /cvs/ports/mail/dovecot-pigeonhole/Makefile,v
retrieving revision 1.76
diff -u -p -r1.76 Makefile
--- Makefile 8 Mar 2021 13:08:49 -0000 1.76
+++ Makefile 22 Jun 2021 08:52:25 -0000
@@ -2,7 +2,7 @@
COMMENT= Sieve mail filtering for Dovecot
-V_SIEVE= 0.5.14
+V_SIEVE= 0.5.15
V_DOVECOT= 2.3
DISTNAME= dovecot-${V_DOVECOT}-pigeonhole-${V_SIEVE}
Index: distinfo
===================================================================
RCS file: /cvs/ports/mail/dovecot-pigeonhole/distinfo,v
retrieving revision 1.44
diff -u -p -r1.44 distinfo
--- distinfo 8 Mar 2021 13:08:49 -0000 1.44
+++ distinfo 22 Jun 2021 08:52:25 -0000
@@ -1,2 +1,2 @@
-SHA256 (dovecot-2.3-pigeonhole-0.5.14.tar.gz) = aMoPeKPKprCQpGn0XDlcRM8W2o/LM0V1WxykNsn/stI=
-SIZE (dovecot-2.3-pigeonhole-0.5.14.tar.gz) = 1910607
+SHA256 (dovecot-2.3-pigeonhole-0.5.15.tar.gz) = 4UmPUM73TDUaV0dMxCOwCGJ6satgckuFkoPq1tAFUNA=
+SIZE (dovecot-2.3-pigeonhole-0.5.15.tar.gz) = 1935601
smime.p7s
Description: S/MIME Cryptographic Signature
