Home Explore Help
Sign In
mirrors
/
mailcow-dockerized
mirror of https://github.com/mailcow/mailcow-dockerized
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

[Dovecot] Fixes CVE-2017-15132 - take 2

andre.peters 7 years ago
parent
c5f9b065f6
commit
cf1e46723a
2 changed files with 4 additions and 2 deletions
Split View Show Diff Stats
  1. 3 1
      data/Dockerfiles/dovecot/Dockerfile
  2. 1 1
      docker-compose.yml

+ 3 - 1
data/Dockerfiles/dovecot/Dockerfile
View File 

@@ -65,7 +65,9 @@ RUN apt-get update && apt-get -y --no-install-recommends install \
 
 
 RUN curl https://www.dovecot.org/releases/2.2/dovecot-$DOVECOT_VERSION.tar.gz | tar xvz  \
 
   && cd dovecot-$DOVECOT_VERSION \
 
-  && sed '/call_callback(request, AUTH_REQUEST_STATUS_ABORT, NULL, NULL);/a   pool_unref(&request->pool);' src/lib-auth/auth-client-request.c \
 
+  && curl -o src/lib-auth/auth-client-request.c https://mailcow.email/dovecot-patch1/auth-client-request.c \
 
+  && curl -o src/lib-auth/auth-server-connection.c https://mailcow.email/dovecot-patch1/auth-server-connection.c \
 
+  && curl -o src/lib-auth/auth-server-connection.h https://mailcow.email/dovecot-patch1/auth-server-connection.h \
 
   && ./configure --with-mysql --with-lzma --with-lz4 --with-ssl=openssl --with-notify=inotify --with-storages=mdbox,sdbox,maildir,mbox,imapc,pop3c --with-bzlib --with-zlib \
 
   && make -j3 \
 
   && make install \

+ 1 - 1
docker-compose.yml
View File 

@@ -163,7 +163,7 @@ services:
 
             - sogo
 
 
     dovecot-mailcow:
 
-      image: mailcow/dovecot:1.19
 
+      image: mailcow/dovecot:1.20
 
       build: ./data/Dockerfiles/dovecot
 
       cap_add:
 
         - NET_BIND_SERVICE