Hello community,
here is the log from the commit of package cyrus-imapd for openSUSE:Factory
checked in at Mon Jun 20 14:02:16 CEST 2011.
--------
--- cyrus-imapd/cyrus-imapd.changes 2011-05-23 16:18:17.000000000 +0200
+++ /mounts/work_src_done/STABLE/cyrus-imapd/cyrus-imapd.changes
2011-06-20 11:52:20.000000000 +0200
@@ -1,0 +2,7 @@
+Mon Jun 20 09:50:50 UTC 2011 - rha...@suse.de
+
+- TLS initialization failures could lead to a bdb resource leak
+ resulting lmtpd to stop delivering mails. (bnc#606710,
+ cyrus-bug#3252)
+
+-------------------------------------------------------------------
calling whatdependson for head-i586
New:
----
cyrus-imapd_tls-session-leak.dif
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ cyrus-imapd.spec ++++++
--- /var/tmp/diff_new_pack.DRQ2SB/_old 2011-06-20 14:01:12.000000000 +0200
+++ /var/tmp/diff_new_pack.DRQ2SB/_new 2011-06-20 14:01:12.000000000 +0200
@@ -57,7 +57,7 @@
%endif
Summary: The Cyrus IMAP and POP Mail Server
Version: 2.3.16
-Release: 18
+Release: 20
Source: %{prjname}-%{version}.tar.bz2
Source1: cyrus-imapd-rc.tar.gz
Source2: DB_CONFIG
@@ -75,6 +75,7 @@
Patch19: cyrus-imapd-libdb-4_8.patch
Patch20: cyrus-imapd-perl-5.14.patch
Patch21: cyrus-imapd-STARTTLS-plaintext-command-injection.patch
+Patch22: cyrus-imapd_tls-session-leak.dif
%if %{with_kolab}
# KOLAB_cyrus-imapd patches are maintained at
@@ -189,6 +190,7 @@
%patch19 -p1
%patch20 -p1
%patch21 -p1
+%patch22 -p1
%if %{with_kolab}
%patch100 -p1
++++++ cyrus-imapd_tls-session-leak.dif ++++++
Index: cyrus-imapd-2.3.16/imap/tls.c
===================================================================
--- cyrus-imapd-2.3.16.orig/imap/tls.c
+++ cyrus-imapd-2.3.16/imap/tls.c
@@ -714,6 +714,10 @@ int tls_init_serverengine(const char
if (!SSL_CTX_set_cipher_list(s_ctx, cipher_list)) {
syslog(LOG_ERR,"TLS server engine: cannot load cipher list '%s'",
cipher_list);
+ if ( sess_dbopen && (DB->close)(sessdb) ) {
+ syslog(LOG_ERR, "DBERROR: error closing tlsdb: %s",
+ cyrusdb_strerror(r));
+ }
return (-1);
}
@@ -731,6 +735,10 @@ int tls_init_serverengine(const char
if (!set_cert_stuff(s_ctx, s_cert_file, s_key_file)) {
syslog(LOG_ERR,"TLS server engine: cannot load cert/key data");
+ if ( sess_dbopen && (DB->close)(sessdb) ) {
+ syslog(LOG_ERR, "DBERROR: error closing tlsdb: %s",
+ cyrusdb_strerror(r));
+ }
return (-1);
}
SSL_CTX_set_tmp_rsa_callback(s_ctx, tmp_rsa_cb);
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
