kumquat-buildroot/package/dovecot/dovecot.hash
Peter Korsgaard 5fcaff911d package/dovecot: security bump to version 2.3.5.2
Fixes the following security issue:

* CVE-2019-10691: Trying to login with 8bit username containing
  invalid UTF8 input causes auth process to crash if auth policy is
  enabled. This could be used rather easily to cause a DoS. Similar
  crash also happens during mail delivery when using invalid UTF8 in
  From or Subject header when OX push notification driver is used.

https://dovecot.org/pipermail/dovecot-news/2019-April/000406.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 89c7e417ed)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-04-26 15:06:22 +02:00

6 lines
392 B
Plaintext

# Locally computed after checking signature
sha256 ba14e41aefd81a868a35b83bcb54194116106424d37690519b50ea83c0f31bf2 dovecot-2.3.5.2.tar.gz
sha256 a363b132e494f662d98c820d1481297e6ae72f194c2c91b6c39e1518b86240a8 COPYING
sha256 dc626520dcd53a22f727af3ee42c770e56c97a64fe3adb063799d8ab032fe551 COPYING.LGPL
sha256 52b8c95fabb19575281874b661ef7968ea47e8f5d74ba0dd40ce512e52b3fc97 COPYING.MIT