| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| 0001-Disable-runpath-checking.patch | Disable runpath checking @DPATCH@ |
Debian Cyrus Team <pkg-cyrus-imapd-debian-devel@lists.alioth.debian.org> | no | 2020-02-10 | ||
| 0002-Shutdown-and-close-sockets-cleanly.patch | Shutdown and close sockets cleanly Cleanly shutdown and close sockets, this is supposed to allow for better TCP teardown on the remote end, and reduces CLOSE_WAIT time. . This patch was written 8 years ago, it is possible that nowadays nothing will benefit from a shutdown() right before close(). The commit log from eight years ago mentions that SHUT_RD should be upgraded to SHUT_RDWR where possible, but only after verification that this is not going to cause problems (e.g. by discarding data still on flight to the remote). . Also, it is possible that new daemons and utils in Cyrus 2.2 and 2.3 may need similar patches. |
Henrique de Moraes Holschuh <hmh@debian.org> | yes | 2020-02-10 | ||
| 0003-Fix-syslog-prefix.patch | Fix syslog prefix Make sure all programs log (to syslog) with "cyrus/<program>" as the log prefix. |
Sven Mueller <debian@incase.de> | yes | 2020-02-10 | ||
| 0005-Updates-calling-of-the-perl-interpreter-to-what-we-e.patch | Updates calling of the perl interpreter to what we expect in Debian More precisely: Call /usr/bin/perl directly instead of using some shell magic to locate perl and run it. . NOTE: only some script use the "-w" or even the "-T" flag for perl. This should be the default actually. |
Sven Mueller <debian@incase.de> | not-needed | 2020-02-10 | ||
| 0006-Fix-paths-on-Debian-in-tools-rehash.patch | Fix paths on Debian in tools/rehash | Sven Mueller <debian@incase.de> | not-needed | 2020-02-10 | ||
| 0009-Normalize-the-authentication-ID.patch | Normalize the authentication ID By normalize, it is intended that; 1) Authentication IDs all can be lowercased for more accurate comparison without being volatile to, say, user error, and 2) Any leading or trailing blank space can be stripped |
"Jeroen van Meeuwen (Kolab Systems)" <vanmeeuwen@kolabsys.com> | yes | 2020-02-10 | ||
| 0011-Fix-extra-libpci-in-SNMP_LIBS.patch | Fix extra libpci in SNMP_LIBS | not-needed | 2020-02-10 | |||
| 0012-Use-UnicodeData.txt-from-system.patch | Use UnicodeData.txt from system | Ondrej Sury <ondrej@debian.org> | not-needed | 2020-02-10 | ||
| 0018-increase-test-timeout.patch | increase test timeout | Xavier Guimard <yadd@debian.org> | not-needed | debian upstream | 2020-05-20 | |
| CVE-2021-32056.patch | annotate: don't allow everyone to write shared server entries | Bron Gondwana <brong@fastmail.fm> | not-needed | upstream | upstream, https://github.com/cyrusimap/cyrus-imapd/commit/621f9e41 | 2021-05-10 |
| CVE-2021-33582.patch | Fixed CVE-2021-33582 Certain user inputs are used as hash table keys during processing. A poorly chosen string hashing algorithm meant that the user could control which bucket their data was stored in, allowing a malicious user to direct many inputs to a single bucket. Each subsequent insertion to the same bucket requires a strcmp of every other entry in it. At tens of thousands of entries, each new insertion could keep the CPU busy in a strcmp loop for minutes. . The string hashing algorithm has been replaced with a better one, and now also uses a random seed per hash table, so malicious inputs cannot be precomputed. . Discovered by Matthew Horsfall, Fastmail |
ellie timoney <ellie@fastmail.com> | not-needed | upstream | upstream, https://github.com/cyrusimap/cyrus-imapd/compare/cyrus-imapd-3.2.7...cyrus-imapd-3.2.8 | 2021-09-01 |
| prepare-3.6-upgrade.patch | reconstruct mailboxes to prepare ctl_cyrusdb -r and reconstruct now ensure the "uniqueid" field is present in and synchronised between mailboxes.db and cyrus.header. https://github.com/cyrusimap/cyrus-imapd/commit/93b01dd83 https://github.com/cyrusimap/cyrus-imapd/commit/0f59f9f36 https://github.com/cyrusimap/cyrus-imapd/commit/0ee7d128a https://github.com/cyrusimap/cyrus-imapd/commit/2918ce8f0 https://github.com/cyrusimap/cyrus-imapd/commit/a330b471f https://github.com/cyrusimap/cyrus-imapd/commit/df58b26cb |
ellie timoney <ellie@fastmail.com> | not-needed | upstream | upstream, https://github.com/cyrusimap/cyrus-imapd/commit/360e5d153 | 2022-06-27 |