| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| split-protocols.patch | split-protocols Set default protocols value as empty and enable each protocol in its own configuration file |
Marco Nenciarini <mnencia@debian.org> | invalid | 2011-03-05 | ||
| fix-mail_plugin_dir-default.patch | fix mail_plugin_dir default Fix mail_plugin_dir default value in conf.d/10-mail.conf |
Marco Nenciarini <mnencia@debian.org> | no | upstream | 2011-09-16 | |
| ssl-cert-location.patch | SSL cert location Move dovecots generated X.509 certificate out of /etc/ssl where it doesn't belong. Turn off ssl by default. |
"Jaldhar H. Vyas" <jaldhar@debian.org> | no | upstream | 2014-11-30 | |
| tcpwrapper.patch | Add TCP wrapper support Configuration file for TCP wrapper support. |
Joerg Dorchain <joerg@dorchain.net> | no | upstream | 2012-08-26 | |
| default-mail_location.patch | default location for user mailboxes Set a default for the case where a user has no mail so auto- detection of mailboxes doesn't work. See also: chgrp-error.patch |
"Jaldhar H. Vyas" <jaldhar@debian.org> | no | upstream | 2017-09-20 | |
| exampledir.patch | wrong pointer to exampledir The file /etc/dovecot/README sends the user to a directory /usr/share/doc/dovecot/example-config/, but the real path should be /usr/share/doc/dovecot-core/example-config/ |
"Jaldhar H. Vyas" <jaldhar@debian.org> | no | upstream | 2013-02-04 | |
| mboxlocking.patch | policy 22.6 compliant mbox write locking For NFS safety, prefer fcntl to dotlocks. Dovecots default is the other way around. |
"Jaldhar H. Vyas" <jaldhar@debian.org> | no | upstream | 2013-08-22 | |
| dovecot_name.patch | Update Dovecot name to include Distribution in login greeting message This patch was found at: https://blueprints.launchpad.net/ubuntu/+spec/servercloud-s-server-app-banner-updates and originally provided by Ubuntu for their 2.1.7 package. The original author is Yolanda Robla <yolanda.robla@canonical.com>. I updated it for Debian's 2.2.5 package. |
"Jaldhar H. Vyas" <jaldhar@debian.org> | no | 2020-05-23 | ||
| ssl-dh-params-location.patch | Set DH params location This is mandatory for SSL support in 2.3 |
Apollon Oikonomopoulos <apoikos@debian.org> | not-needed | 2018-03-24 | ||
| skip-rfc-subdir.patch | Don't try to build doc/rfc subdir components | Noah Meyerhans <noahm@debian.org> | invalid | 2020-05-21 | ||
| Correct-misspellings.patch | Correct misspellings Found by Lintian |
=?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com> | no | 2020-05-31 | ||
| fix-compiler-warnings.patch | fix compiler warnings: * passing null to format argument * -Wstringop-truncation |
=?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com> | no | 2020-05-31 | ||
| systemd-sd-notify-support.patch | [PATCH 1/2] systemd integration: notify service manager when ready With Type=simple or Type=forking, systemd does not really know when the service is ready to accept connections and might start depending services too early. Use Type=notify to explicitly tell the service manager when the service is ready. For a real problem caused by assuming readiness too early, please see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=951722 For the meaning of the service type and details of the readiness protocol, see also the following links: https://www.freedesktop.org/software/systemd/man/systemd.service.html#Type= https://www.freedesktop.org/software/systemd/man/sd_notify.html As discussed in the last link, more elaborate state notifications are possible. This patch only implements the most basic part. Original patch prepared by Michael Biebl, with slight modification. |
Nis Martensen <nis.martensen@web.de> | no | debian | 2020-06-11 | |
| test-backtrace.patch | Updates the symbol to check for in the backtrace unit tests Updates the symbol to check for in the backtrace unit tests to something that appears in all the traces on the platforms we support. |
Noah Meyerhans <noahm@debian.org> | no | 2020-06-12 | ||
| doveadm-director.1-drop-acute-accent.patch | doveadm-director.1: drop acute accent Found by Lintian: This manual page uses the \' groff sequence. Usually, the intent to generate an apostrophe, but that sequence actually renders as a an acute accent. For an apostrophe or a single closing quote, use plain '. For single opening quote, i.e. a straight downward line ' like the one used in shell commands, use \(aq. |
=?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com> | no | 2020-08-14 | ||
| Fix-32bit-sign-comparisons.patch | Fix 32bit sign comparisons In file included from test-lib.h:5, from test-time-util.c:3: test-time-util.c: In function 'test_str_to_timeval': test-time-util.c:387:29: warning: comparison of integer expressions of different signedness: '__time_t' {aka 'long int'} and 'unsigned int' [-Wsign-compare] 387 | test_assert_idx(tv.tv_sec == tests[i].tv_sec, i); | ^~ ../../src/lib-test/test-common.h:26:9: note: in definition of macro 'test_assert_idx' 26 | if (!(code)) test_assert_failed_idx(#code, __FILE__, __LINE__, i); \ | ^~~~ test-time-util.c:388:30: warning: comparison of integer expressions of different signedness: '__suseconds_t' {aka 'long int'} and 'unsigned int' [-Wsign-compare] 388 | test_assert_idx(tv.tv_usec == tests[i].tv_usec, i); | ^~ ../../src/lib-test/test-common.h:26:9: note: in definition of macro 'test_assert_idx' 26 | if (!(code)) test_assert_failed_idx(#code, __FILE__, __LINE__, i); \ | ^~~~ test-message-header-decode.c: In function 'check_encode_decode_result': test-message-header-decode.c:125:23: warning: comparison of integer expressions of different signedness: 'int' and 'unsigned int' [-Wsign-compare] 125 | (poutend - pout) >= rep_char_len && | ^~ ../../src/lib-test/test-common.h:26:9: note: in definition of macro 'test_assert_idx' 26 | if (!(code)) test_assert_failed_idx(#code, __FILE__, __LINE__, i); \ | ^~~~ login-proxy.c: In function 'login_proxy_connect': login-proxy.c:319:58: warning: comparison of integer expressions of different signedness: '__time_t' {aka 'long int'} and 'unsigned int' [-Wsign-compare] 319 | rec->last_failure.tv_sec - rec->last_success.tv_sec > | ^ |
=?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com> | no | 2021-01-04 | ||
| Fix-32-bit-test-case.patch | Fix 32-bit test case Force difference of microseconds to be computed in long long |
=?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com> | no | 2021-01-04 | ||
| Improve-cross-compile-support.patch | Improve cross-compile support The check for the signedness of size_t really doesn't have to be run as that is a compile time property. Beyond that, dovecot uses mysql_config. I've looked into that and mysql_config is unfixably broken during cross builds. It will not be fixed. Instead, please use pkg-config. My patch implements that with a fallback to mysql_config to avoid breaking other users. Last but not least, src/lib-lua/Makefile.am adds $(LUA_LIBS) to libdovecot_lua_la_DEPENDENCIES. As it happens, LUA_LIBS contains a -L flag and when that flag shows up in a dependency, make gives up. I have no clue why one would add LUA_LIBS to DEPENDENCIES as it already is being correctly added to LIBADD. My patch suggests to quite simply drop that. |
Helmut Grohne <helmut@subdivi.de> | no | 2021-01-05 | ||
| CVE-2021-29157.patch | fix incorrectly escapes kid and azp fields in JWT tokens | no | https://launchpadlibrarian.net/544092180/dovecot_1%3A2.3.13+dfsg1-1ubuntu1_1%3A2.3.13+dfsg1-1ubuntu1.1.diff.gz | |||
| CVE-2021-33515.patch | commit 321c339756f9b2b98fb7326359d1333adebb5295 lib-smtp: smtp-server-connection - Fix STARTTLS command injection vulnerability. The input handler kept reading more commands even though the input was locked by the STARTTLS command, thereby causing it to read the command pipelined beyond STARTTLS. This causes a STARTTLS command injection vulerability. |
Stephan Bosch <stephan.bosch@open-xchange.com> | no | 2021-05-22 | ||
| auth-Fix-handling-passdbs-with-identical-driver-args-but-.patch | auth: Fix handling passdbs with identical driver/args but different mechanisms/username_filter The passdb was wrongly deduplicated in this situation, causing wrong mechanisms or username_filter setting to be used. This would be a rather unlikely configuration though. Fixed by moving mechanisms and username_filter from struct passdb_module to struct auth_passdb, which is where they should have been in the first place. |
Timo Sirainen <timo.sirainen@open-xchange.com> | no | 2022-05-09 | ||
| auth-Add-a-comment-about-updating-userdb_find.patch | auth: Add a comment about updating userdb_find() | Timo Sirainen <timo.sirainen@open-xchange.com> | no | 2022-05-16 | ||
| test-imap-client-hibernate-Shorten-TEMP_DIRNAME.patch | test-imap-client-hibernate: Shorten TEMP_DIRNAME. The Salsa CI pipeline tries to use `/builds/lts-team/packages/dovecot/debian/output/source_dir/src/imap/.test-imap-client-hibernate/imap-hibernate` which exceeds the maximum `sun_path` length (108 bytes on Linux). |
Guilhem Moulin <guilhem@debian.org> | not-needed | 2024-08-27 | ||
| CVE-2024-23184_1.patch | lib: test-llist - Fix dllist2 test name | Timo Sirainen <timo.sirainen@open-xchange.com> | no | debian | https://github.com/dovecot/core/commit/8e4c42dbb3c770fcdbc396f2abcf1bc228ec548d | 2024-02-09 |
| CVE-2024-23184_2.patch | lib: Add DLLIST2_JOIN() | Timo Sirainen <timo.sirainen@open-xchange.com> | no | debian | https://github.com/dovecot/core/commit/cee08202c759a3bdf185d998dcf888ebd1bc6e36 | 2024-02-09 |
| CVE-2024-23184_3.patch | lib-mail: test-imap-envelope - Use test_assert_idx() where possible | Timo Sirainen <timo.sirainen@open-xchange.com> | no | debian | https://github.com/dovecot/core/commit/0bae091859c905dc335f21eed01347e6b8338672 | 2024-01-30 |
| CVE-2024-23184_4.patch | lib-mail: Change message_address to be doubly linked list | Timo Sirainen <timo.sirainen@open-xchange.com> | no | debian | https://github.com/dovecot/core/commit/a1c9b0409454e45937bf7e9c3685f5e91d6a5a43 | 2024-02-04 |
| CVE-2024-23184_5.patch | lib-mail: Add message_address_parse_full() and struct message_address_list | Timo Sirainen <timo.sirainen@open-xchange.com> | no | debian | https://github.com/dovecot/core/commit/da61d20311da34f22944c6111a0b97ea2a1f8a47 | 2024-01-30 |
| CVE-2024-23184_6.patch | lib-mail, lib-imap: Optimize parsing large number of address headers Every header was appended to a linked list by walking through the whole list, causing excessive CPU usage when the list became large enough. Fixed by changing struct message_part_envelope to use struct message_address_list, which stores also linked list tail pointers. This allows quickly appending to the end of the linked list. |
Timo Sirainen <timo.sirainen@open-xchange.com> | no | debian | https://github.com/dovecot/core/commit/1481c04f02df7647f520df65d63df7626bf0ee32 | 2024-02-09 |
| lib-test-Add-test_assert_cmp-_idx.patch | lib-test: Add test_assert_cmp[_idx]() Similar to test_assert_strcmp() but for numbers: If the comparison fails, print the values and the used operator. |
Timo Sirainen <timo.sirainen@open-xchange.com> | no | 2021-02-17 | ||
| CVE-2024-23185_1.patch | lib-mail: message-header-parser - Limit header block to 10MB by default | Marco Bettini <marco.bettini@open-xchange.com> | no | debian | https://github.com/dovecot/core/commit/f020e139c519121d9630a966310ea8e100ee33b7 | 2024-04-12 |
| CVE-2024-23185_2.patch | lib-mail: message-parser - Limit headers total count to 50MB by default (including top headers and all mime-sections headers) |
Marco Bettini <marco.bettini@open-xchange.com> | no | debian | https://github.com/dovecot/core/commit/ce88c33abc37e408592eff70aeefa28f803effb9 | 2024-04-24 |