gentoo resync : 03.02.2018

1 files changed, 37 insertions, 0 deletions

diff --git a/net-mail/dovecot/files/dovecot-2.2.33.2-CVE-2017-15132-fixup.patch b/net-mail/dovecot/files/dovecot-2.2.33.2-CVE-2017-15132-fixup.patch
new file mode 100644
index 000000000000..c30acf1fd6eb
--- /dev/null
+++ b/net-mail/dovecot/files/dovecot-2.2.33.2-CVE-2017-15132-fixup.patch
@@ -0,0 +1,37 @@
+Upstream: https://github.com/dovecot/core/commit/a9b135760aea6d1790d447d351c56b78889dac22
+
+Link: http://seclists.org/oss-sec/2018/q1/119
+
+--- a/src/lib-auth/auth-client-request.c
++++ b/src/lib-auth/auth-client-request.c
+@@ -186,6 +186,8 @@ void auth_client_request_abort(struct auth_client_request **_request)
+ 
+ 	auth_client_send_cancel(request->conn->client, request->id);
+ 	call_callback(request, AUTH_REQUEST_STATUS_ABORT, NULL, NULL);
++	/* remove the request */
++	auth_server_connection_remove_request(request->conn, request->id);
+ 	pool_unref(&request->pool);
+ }
+ 
+--- a/src/lib-auth/auth-server-connection.c
++++ b/src/lib-auth/auth-server-connection.c
+@@ -483,3 +483,10 @@ auth_server_connection_add_request(struct auth_server_connection *conn,
+ 	hash_table_insert(conn->requests, POINTER_CAST(id), request);
+ 	return id;
+ }
++
++void auth_server_connection_remove_request(struct auth_server_connection *conn,
++					   unsigned int id)
++{
++	i_assert(conn->handshake_received);
++	hash_table_remove(conn->requests, POINTER_CAST(id));
++}
+--- a/src/lib-auth/auth-server-connection.h
++++ b/src/lib-auth/auth-server-connection.h
+@@ -40,4 +40,6 @@ void auth_server_connection_disconnect(struct auth_server_connection *conn,
+ unsigned int
+ auth_server_connection_add_request(struct auth_server_connection *conn,
+ 				   struct auth_client_request *request);
++void auth_server_connection_remove_request(struct auth_server_connection *conn,
++					   unsigned int id);
+ #endif