summaryrefslogtreecommitdiffstats
path: root/meta-networking
diff options
context:
space:
mode:
authorAnkur Tyagi <ankur.tyagi85@gmail.com>2025-12-24 13:19:27 +0530
committerAnuj Mittal <anuj.mittal@oss.qualcomm.com>2025-12-30 07:08:12 +0530
commit50906d9169dc8055acd279706357d13c8f38c102 (patch)
treec220cec95bcd0a88738f50654c427b29278edb6b /meta-networking
parent19d7eedf67ea1b8fe27790366d98a7e888cb839a (diff)
downloadmeta-openembedded-50906d9169dc8055acd279706357d13c8f38c102.tar.gz
dovecot: upgrade 2.3.21 -> 2.3.21.1
Release Notes: - CVE-2024-23184: A large number of address headers in email resulted in excessive CPU usage. - CVE-2024-23185: Abnormally large email headers are now truncated or discarded, with a limit of 10MB on a single header and 50MB for all the headers of all the parts of an email. - oauth2: Dovecot would send client_id and client_secret as POST parameters to introspection server. These need to be optionally in Basic auth instead as required by OIDC specification. - oauth2: JWT key type check was too strict. - oauth2: JWT token audience was not validated against client_id as required by OIDC specification. - oauth2: XOAUTH2 and OAUTHBEARER mechanisms were not giving out protocol specific error message on all errors. This broke OIDC discovery. - oauth2: JWT aud validation was not performed if aud was missing from token, but was configured on Dovecot. Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
Diffstat (limited to 'meta-networking')
-rw-r--r--meta-networking/recipes-support/dovecot/dovecot_2.3.21.1.bb (renamed from meta-networking/recipes-support/dovecot/dovecot_2.3.21.bb)2
1 files changed, 1 insertions, 1 deletions
diff --git a/meta-networking/recipes-support/dovecot/dovecot_2.3.21.bb b/meta-networking/recipes-support/dovecot/dovecot_2.3.21.1.bb
index c626f26457..48e1e8a832 100644
--- a/meta-networking/recipes-support/dovecot/dovecot_2.3.21.bb
+++ b/meta-networking/recipes-support/dovecot/dovecot_2.3.21.1.bb
@@ -13,7 +13,7 @@ SRC_URI = "http://dovecot.org/releases/2.3/dovecot-${PV}.tar.gz \
13 file://0001-m4-Check-for-libunwind-instead-of-libunwind-generic.patch \ 13 file://0001-m4-Check-for-libunwind-instead-of-libunwind-generic.patch \
14 file://0001-auth-Fix-handling-passdbs-with-identical-driver-args.patch \ 14 file://0001-auth-Fix-handling-passdbs-with-identical-driver-args.patch \
15 " 15 "
16SRC_URI[sha256sum] = "05b11093a71c237c2ef309ad587510721cc93bbee6828251549fc1586c36502d" 16SRC_URI[sha256sum] = "2d90a178c4297611088bf7daae5492a3bc3d5ab6328c3a032eb425d2c249097e"
17 17
18DEPENDS = "openssl xz zlib bzip2 libcap icu libtirpc bison-native" 18DEPENDS = "openssl xz zlib bzip2 libcap icu libtirpc bison-native"
19CFLAGS += "-I${STAGING_INCDIR}/tirpc" 19CFLAGS += "-I${STAGING_INCDIR}/tirpc"