Page MenuHomeFreeBSD

Update mail/postfixadmin to 3.0.2 (security fix)
ClosedPublic

Authored by krion on Feb 10 2017, 11:56 AM.
Tags
None
Referenced Files
Unknown Object (File)
Fri, Oct 4, 7:30 AM
Unknown Object (File)
Mon, Sep 16, 9:45 AM
Unknown Object (File)
Aug 28 2024, 3:46 PM
Unknown Object (File)
Aug 17 2024, 5:19 PM
Unknown Object (File)
Aug 10 2024, 1:17 AM
Unknown Object (File)
Aug 3 2024, 6:32 PM
Unknown Object (File)
Jul 31 2024, 5:06 PM
Unknown Object (File)
Jul 29 2024, 9:31 AM
Subscribers
None

Details

Summary

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=216932

Maintainer approved.

The most important reason for the release was a SECURITY FIX: don't allow to
delete protected aliases (CVE-2017-5930, PR#23). Thanks to Janfred @github for
the report and the pull request!

Besides that, the following non-security bugs were fixed:

  • fix VacationHandler for PostgreSQL
  • AliasHandler: restrict mailbox subquery to allowed and specified domains to improve performance on setups with lots of mailboxes
  • allow switching between dovecot: password schemes while still accepting passwords hashed using the previous dovecot: scheme
  • FetchmailHandler: use a valid date as default for 'date'
  • fix date formatting in non-english languages when using PostgreSQL
  • various small fixes

Diff Detail

Repository
rP FreeBSD ports repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

krion retitled this revision from to Update mail/postfixadmin to 3.0.2 (security fix).
krion updated this object.
krion edited the test plan for this revision. (Show Details)
krion added reviewers: mat, fjoe.
mat edited edge metadata.
This revision is now accepted and ready to land.Feb 10 2017, 5:19 PM
This revision was automatically updated to reflect the committed changes.