diff --git a/SOURCES/dovecot-2.3.8-a668d767.patch b/SOURCES/dovecot-2.3.8-a668d767.patch new file mode 100644 index 0000000..71aba2a --- /dev/null +++ b/SOURCES/dovecot-2.3.8-a668d767.patch @@ -0,0 +1,73 @@ +diff --git a/src/lib-mail/message-parser.c b/src/lib-mail/message-parser.c +index 011dea9050..8baf622e59 100644 +--- a/src/lib-mail/message-parser.c ++++ b/src/lib-mail/message-parser.c +@@ -138,6 +138,7 @@ message_part_append(struct message_parser_ctx *ctx) + struct message_part *parent = ctx->part; + struct message_part *part; + ++ i_assert(!ctx->preparsed); + i_assert(parent != NULL); + i_assert((parent->flags & (MESSAGE_PART_FLAG_MULTIPART | + MESSAGE_PART_FLAG_MESSAGE_RFC822)) != 0); +@@ -171,12 +172,14 @@ static void message_part_finish(struct message_parser_ctx *ctx) + { + struct message_part **const *parent_next_partp; + +- i_assert(ctx->nested_parts_count > 0); +- ctx->nested_parts_count--; ++ if (!ctx->preparsed) { ++ i_assert(ctx->nested_parts_count > 0); ++ ctx->nested_parts_count--; + +- parent_next_partp = array_back(&ctx->next_part_stack); +- array_pop_back(&ctx->next_part_stack); +- ctx->next_part = *parent_next_partp; ++ parent_next_partp = array_back(&ctx->next_part_stack); ++ array_pop_back(&ctx->next_part_stack); ++ ctx->next_part = *parent_next_partp; ++ } + + message_size_add(&ctx->part->parent->body_size, &ctx->part->body_size); + message_size_add(&ctx->part->parent->body_size, &ctx->part->header_size); +diff --git a/src/lib-mail/test-message-parser.c b/src/lib-mail/test-message-parser.c +index 13984f939e..a00f0d6200 100644 +--- a/src/lib-mail/test-message-parser.c ++++ b/src/lib-mail/test-message-parser.c +@@ -178,9 +178,10 @@ static void test_message_parser_small_blocks(void) + static void test_message_parser_stop_early(void) + { + struct message_parser_ctx *parser; +- struct istream *input; ++ struct istream *input, *input2; + struct message_part *parts; + struct message_block block; ++ const char *error; + unsigned int i; + pool_t pool; + int ret; +@@ -198,6 +199,24 @@ static void test_message_parser_stop_early(void) + &block)) > 0) ; + test_assert(ret == 0); + message_parser_deinit(&parser, &parts); ++ ++ /* test preparsed - first re-parse everything with a stream ++ that sees EOF at this position */ ++ input2 = i_stream_create_from_data(test_msg, i); ++ parser = message_parser_init(pool, input2, &set_empty); ++ while ((ret = message_parser_parse_next_block(parser, ++ &block)) > 0) ; ++ test_assert(ret == -1); ++ message_parser_deinit(&parser, &parts); ++ ++ /* now parse from the parts */ ++ i_stream_seek(input2, 0); ++ parser = message_parser_init_from_parts(parts, input2, &set_empty); ++ while ((ret = message_parser_parse_next_block(parser, ++ &block)) > 0) ; ++ test_assert(ret == -1); ++ test_assert(message_parser_deinit_from_parts(&parser, &parts, &error) == 0); ++ i_stream_unref(&input2); + } + + i_stream_unref(&input); diff --git a/SOURCES/dovecot-2.3.8-blockcount.patch b/SOURCES/dovecot-2.3.8-blockcount.patch new file mode 100644 index 0000000..fb0a9b0 --- /dev/null +++ b/SOURCES/dovecot-2.3.8-blockcount.patch @@ -0,0 +1,20 @@ +diff -up dovecot-2.3.8/src/lib-storage/index/index-mail-binary.c.blockcount dovecot-2.3.8/src/lib-storage/index/index-mail-binary.c +--- dovecot-2.3.8/src/lib-storage/index/index-mail-binary.c.blockcount 2020-12-02 11:34:10.229027593 +0100 ++++ dovecot-2.3.8/src/lib-storage/index/index-mail-binary.c 2020-12-02 11:36:47.328933276 +0100 +@@ -339,13 +339,14 @@ blocks_count_lines(struct binary_ctx *ct + i_stream_skip(full_input, skip); + cur_block_offset += skip; + +- if (cur_block->input->eof) { ++ if (i_stream_read_eof(cur_block->input)) { + /* go to the next block */ +- if (++block_idx == block_count) { ++ if (block_idx+1 == block_count) { + i_assert(i_stream_read_eof(full_input)); + ret = -1; + break; + } ++ block_idx++; + cur_block++; + cur_block_offset = 0; + } diff --git a/SPECS/dovecot.spec b/SPECS/dovecot.spec index ccc33ff..3a2a6b2 100644 --- a/SPECS/dovecot.spec +++ b/SPECS/dovecot.spec @@ -5,7 +5,7 @@ Name: dovecot Epoch: 1 Version: 2.3.8 %global prever %{nil} -Release: 4%{?dist} +Release: 6%{?dist} #dovecot itself is MIT, a few sources are PD, pigeonhole is LGPLv2 License: MIT and LGPLv2 Group: System Environment/Daemons @@ -55,6 +55,12 @@ Patch20: dovecot-2.3.8-CVE_2020_12673.patch Patch21: dovecot-2.3.8-CVE_2020_12674prereq.patch Patch22: dovecot-2.3.8-CVE_2020_12674.patch +# from upstream, for dovecot <= 2.3.11.3, rhbz#1894418 +Patch23: dovecot-2.3.8-blockcount.patch + +# from upstream, for dovecot < 2.3.11.3, rhbz#1888111 +Patch24: dovecot-2.3.8-a668d767.patch + Source15: prestartscript BuildRequires: openssl-devel, pam-devel, zlib-devel, bzip2-devel, libcap-devel @@ -69,6 +75,7 @@ BuildRequires: krb5-devel BuildRequires: quota-devel BuildRequires: xz-devel BuildRequires: lz4-devel +BuildRequires: multilib-rpm-config #BuildRequires: libsodium-devel #BuildRequires: libexttextcat-devel #BuildRequires: libstemmer-devel @@ -166,6 +173,8 @@ This package provides the development files for dovecot. %patch20 -p1 -b .CVE_2020_12673 %patch21 -p1 -b .CVE_2020_12674prereq %patch22 -p1 -b .CVE_2020_12674 +%patch23 -p1 -b .blockcount +%patch24 -p1 -b .a668d767 pushd dovecot-2*3-pigeonhole-%{pigeonholever} popd @@ -184,6 +193,7 @@ autoreconf -I . -fiv #required for aarch64 support %endif %configure \ INSTALL_DATA="install -c -p -m644" \ + --localstatedir=%{_rundir} \ --docdir=%{_docdir}/%{name} \ --disable-static \ --disable-rpath \ @@ -230,9 +240,11 @@ rm -rf $RPM_BUILD_ROOT make install DESTDIR=$RPM_BUILD_ROOT -#move doc dir back to build dir so doc macro in files section can use it +# move doc dir back to build dir so doc macro in files section can use it mv $RPM_BUILD_ROOT/%{_docdir}/%{name} %{_builddir}/%{name}-%{version}%{?prever}/docinstall +# fix multilib issues +%multilib_fix_c_header --file %{_includedir}/dovecot/config.h pushd dovecot-2*3-pigeonhole-%{pigeonholever} make install DESTDIR=$RPM_BUILD_ROOT @@ -525,6 +537,14 @@ make check %{_libdir}/%{name}/dict/libdriver_pgsql.so %changelog +* Wed Dec 02 2020 Michal Hlavinka - 1:2.3.8-6 +- fix mail storage block count parsing (#1894418) +- MIME parser crashed when boundaries were wrong (#1888111) +- change run directory from /var/run to /run (#1805947) + +* Mon Nov 02 2020 Michal Hlavinka - 1:2.3.8-5 +- multilib compatibility (#1853137) + * Fri Aug 07 2020 Michal Hlavinka - 1:2.3.8-4 - fix CVE-2020-12100 resource exhaustion via deeply nested MIME parts (#1866756) - fix CVE-2020-12673 out of bound reads in dovecot NTLM implementation (#1866761)