Commit Graph

63 Commits

Author SHA1 Message Date
Jonathan Ringer
9bb3fccb5b treewide: pkgs.pkgconfig -> pkgs.pkg-config, move pkgconfig to alias.nix
continuation of #109595

pkgconfig was aliased in 2018, however, it remained in
all-packages.nix due to its wide usage. This cleans
up the remaining references to pkgs.pkgsconfig and
moves the entry to aliases.nix.

python3Packages.pkgconfig remained unchanged because
it's the canonical name of the upstream package
on pypi.
2021-01-19 01:16:25 -08:00
Ben Siraphob
872973d7d1 pkgs/servers: stdenv.lib -> lib 2021-01-15 14:24:03 +07:00
Andreas Rammhold
4fee20e267
dovecot: add the dovecot NixOS test to passthru.tests
While we already had some test we might as well add the test for that
exact package to the tests attribute set. After all that should be what
(primarily) tests dovecot.
2021-01-04 17:45:28 +01:00
Andreas Rammhold
58c7d3ff17
dovecot: 2.3.11.3 -> 2.3.13
This fixes CVE_2020-24386, CVE-2020-25725 and a bunch of regular bugs
[1].

* CVE-2020-24386: Specially crafted command can cause IMAP hibernate to
	  allow logged in user to access other people's emails and filesystem
	  information.

* CVE-2020-25275: Mail delivery / parsing crashed when the 10 000th MIME part was
  message/rfc822 (or if parent was multipart/digest). This happened
  due to earlier MIME parsing changes for CVE-2020-12100.

[1] https://raw.githubusercontent.com/dovecot/core/2.3.13/NEWS
2021-01-04 17:37:32 +01:00
Rickard Nilsson
5d4cc0e25c Unmaintain a few packages 2020-09-24 21:12:32 +02:00
Robert Schütz
4f5b797ec3 dovecot: 2.3.10.1 -> 2.3.11.3 2020-08-13 09:54:32 +02:00
Martin Weinelt
6cf48856d2
dovecot: v2.3.10 → v2.3.10.1
Fixes: CVE-2020-10957, CVE-2020-10958, CVE-2020-10967
2020-05-18 18:40:40 +02:00
R. RyanTM
8d08f45368 dovecot: 2.3.9.3 -> 2.3.10 2020-03-12 00:00:26 +00:00
Franz Pletz
f9a34082e6
dovecot: 2.3.9.2 -> 2.3.9.3
Fixes CVE-2020-7046 & CVE-2020-7957:

  https://dovecot.org/pipermail/dovecot-news/2020-February/000429.html
2020-02-17 15:14:29 +01:00
Andreas Rammhold
cd394340d8
dovecot: 2.3.8 -> 2.3.9.2
Update to latest version & updated the patch file to match with the
lastest verison.

Fixes the following security issue:
  * CVE-2019-19722: Mails with group addresses in From or To fields
    caused crash in push notification drivers.
2019-12-15 20:11:01 +01:00
Robert Schütz
5f03f32fa6 dovecot: 2.3.7.2 -> 2.3.8
https://dovecot.org/pipermail/dovecot-news/2019-October/000419.html
2019-10-09 17:08:50 +02:00
Vladimír Čunát
22a216849b
Re-Revert "Merge branch 'staging-next'"
This reverts commit f8a8fc6c7c.
2019-09-22 09:38:09 +02:00
Vladimír Čunát
f8a8fc6c7c
Revert "Merge branch 'staging-next'"
This reverts commit 41af38f372, reversing
changes made to f0fec244ca.

Let's delay this.  We have some serious regressions.
2019-09-21 20:05:09 +02:00
Izorkin
329a88efa7 treewide: replace mysql.connector-c to libmysqlclient 2019-09-09 15:55:34 +03:00
Daniel Frank
d7582c994d
dovecot: 2.3.7.1 -> 2.3.7.2 (CVE-2019-11500) 2019-08-28 15:01:36 +02:00
Robin Gloster
4e60b0efae
treewide: update globin's maintained drvs 2019-08-20 19:36:05 +02:00
Izorkin
e2173096b3 dovecot: 2.3.7 > 2.3.7.1 2019-07-25 15:32:50 +03:00
R. RyanTM
5eb574010e dovecot: 2.3.6 -> 2.3.7
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/dovecot/versions
2019-07-15 01:18:44 -07:00
Robert Schütz
427dfadfa9 dovecot: 2.3.5.2 -> 2.3.6
fixes CVE-2019-11494 and CVE-2019-11499
https://dovecot.org/pipermail/dovecot-news/2019-April/000408.html
2019-04-30 15:43:10 +02:00
Robert Schütz
041fc67610 dovecot: 2.3.5.1 -> 2.3.5.2
https://dovecot.org/pipermail/dovecot-news/2019-April/000407.html
fixes CVE-2019-10691
2019-04-18 16:53:36 +02:00
Robert Schütz
d3ca36bd64 dovecot: 2.3.5 -> 2.3.5.1
https://dovecot.org/list/dovecot-news/2019-March/000401.html
fixes CVE-2019-7524
2019-03-28 14:00:15 +01:00
R. RyanTM
2ba743d5b5 dovecot: 2.3.4.1 -> 2.3.5
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/dovecot/versions
2019-03-21 08:36:33 -07:00
Robert Schütz
d49ffaac8a dovecot: 2.3.4 -> 2.3.4.1
fixes CVE-2019-3814:
https://dovecot.org/list/dovecot-news/2019-February/000394.html
2019-02-06 15:54:11 +01:00
Jörg Thalheim
562d9d472c dovecot: fix cross-build 2018-12-11 18:13:21 +01:00
Robert Schütz
b6c96c6419 dovecot: 2.3.3 -> 2.3.4, dovecot_pigeonhole: 0.5.3 -> 0.5.4 2018-11-24 17:03:22 +01:00
Léo Gaspard
2986ce16a8
meta.tests: rename into passthru.tests
Nix currently rejects derivations in `meta` values. This works around
that limitation by using `passthru` instead.

Closes https://github.com/NixOS/nixpkgs/issues/50230
2018-11-11 23:11:46 +09:00
Peter Simons
4fc8527697 dovecot, opensmtpd: comment out invalid meta.tests attribute
See https://github.com/NixOS/nixpkgs/issues/50230 for details.
2018-11-11 14:02:20 +01:00
Matthew Bauer
51e8c7943c dovecot: remove install_name_tool
No longer needed now that libclucene has the right install name.
2018-11-07 13:02:50 -06:00
Léo Gaspard
02e1f00ffd
dovecot, opensmtpd: add link to test in meta.tests
Rationale
---------

Currently, tests are hard to discover. For instance, someone updating
`dovecot` might not notice that the interaction of `dovecot` with
`opensmtpd` is handled in the `opensmtpd.nix` test.

And even for someone updating `opensmtpd`, it requires manual work to go
check in `nixos/tests` whether there is actually a test, especially
given not so many packages in `nixpkgs` have tests and this is thus most
of the time useless.

Finally, for the reviewer, it is much easier to check that the “Tested
via one or more NixOS test(s)” has been checked if the file modified
already includes the list of relevant tests.

Implementation
--------------

Currently, this commit only adds the metadata in the package. Each
element of the `meta.tests` attribute is a derivation that, when it
builds successfully, means the test has passed (ie. following the same
convention as NixOS tests).

Future Work
-----------

In the future, the tools could be made aware of this `meta.tests`
attribute, and for instance a `--with-tests` could be added to
`nix-build` so that it also builds all the tests. Or a `--without-tests`
to build without all the tests. @Profpatsch described in his NixCon talk
such systems.

Another thing that would help in the future would be the possibility to
reasonably easily have cross-derivation nix tests without the whole
NixOS VM stack. @7c6f434c already proposed such a system.

This RFC currently handles none of these concerns. Only the addition of
`meta.tests` as metadata to be used by maintainers to remember to run
relevant tests.
2018-10-30 21:31:39 +09:00
R. RyanTM
5a6c4d39fb dovecot: 2.3.2.1 -> 2.3.3 (#47814)
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/dovecot/versions
2018-10-10 23:27:28 +02:00
Julien Moutinho
27f95f3f9c dovecot: allow sasl_bind=yes in the LDAP driver.
Dovecot has its own SASL implementation,
but needs Cyrus SASL's headers to bind to an LDAP server using SASL.

This is useful to avoid the need to manage a dnpass= in dovecot-ldap.conf
by using the Unix socket to authenticate.

This is done with sasl_mech=EXTERNAL in dovecot-ldap.conf, and some olcAccess: with
 by dn="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" read
in the slapd's cn=config for the LDAP database queried by dovecot/auth (which runs as root).
2018-09-19 17:20:29 +02:00
Lluís Batlle i Rossell
66d7126255 Take me (viric) out of most maintenance
Since years I'm not maintaining anything of the list below other
than some updates when I needed them for some reason. Other people
is doing that maintenance on my behalf so I better take me out but
for very few packages. Finally!
2018-07-22 21:50:19 +02:00
volth
52f53c69ce pkgs/*: remove unreferenced function arguments 2018-07-21 02:48:04 +00:00
R. RyanTM
2d1d17032b dovecot: 2.3.2 -> 2.3.2.1 (#43351)
Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools. This update was made based on information from https://repology.org/metapackage/dovecot/versions.
2018-07-11 17:51:32 +02:00
Robert Schütz
21774be1bd dovecot: 2.3.1 -> 2.3.2, dovecot-pigeonhole: 0.5.1 -> 0.5.2 (#42779) 2018-06-30 13:41:39 +02:00
Silvan Mosberger
57bccb3cb8 treewide: http -> https sources (#42676)
* treewide: http -> https sources

This updates the source urls of all top-level packages from http to
https where possible.

* buildtorrent: fix url and tab -> spaces
2018-06-28 20:43:35 +02:00
Ryan Mulligan
a668ca4aac dovecot: 2.3.0.1 -> 2.3.1
Semi-automatic update generated by https://github.com/ryantm/nix-update tools.

This update was made based on information from https://repology.org/metapackage/dovecot/versions.

These checks were done:

- built on NixOS
- ran `/nix/store/c20ip7wyymd39l7zisx38ky3bxp1sybv-dovecot-2.3.1/bin/dovecot --help` got 0 exit code
- ran `/nix/store/c20ip7wyymd39l7zisx38ky3bxp1sybv-dovecot-2.3.1/bin/dovecot --version` and found version 2.3.1
- found 2.3.1 with grep in /nix/store/c20ip7wyymd39l7zisx38ky3bxp1sybv-dovecot-2.3.1
- directory tree listing: https://gist.github.com/6d90467ee7649d7efc0a48eeacfc42c8
2018-03-28 07:14:40 -07:00
Robert Schütz
515a6ad843 dovecot: 2.3.0 -> 2.3.0.1
Release notes: https://dovecot.org/list/dovecot-news/2018-February/000371.html

CVE-2017-15132 is patched in this release, so the patches were removed.
They were erroneously referencing CVE-2017-14132, but were indeed patches for CVE-2017-15132.
2018-03-03 12:08:25 +01:00
Andreas Rammhold
e27e026539
dovecot: fix CVE-2017-15132 2018-02-01 04:28:14 +01:00
Franz Pletz
646a2e9a6f
dovecot: 2.2.33.2 -> 2.3.0 2018-01-28 18:52:26 +01:00
Robin Gloster
6903ea6050 treewide: libmysql -> mysql.connector-c 2017-12-29 02:18:35 +01:00
Orivej Desh
0aa10a7fa6 dovecot: 2.2.32 -> 2.2.33.2 2017-12-17 02:59:38 +00:00
Teal Gaure
5f90e527a4 dovecot: 2.2.27 -> 2.2.32, dovecot_pigeonhole: 0.4.10 -> 0.4.20 2017-10-04 13:05:30 +02:00
Silvan Mosberger
f5fa5fa4d6 pkgs: refactor needless quoting of homepage meta attribute (#27809)
* pkgs: refactor needless quoting of homepage meta attribute

A lot of packages are needlessly quoting the homepage meta attribute
(about 1400, 22%), this commit refactors all of those instances.

* pkgs: Fixing some links that were wrongfully unquoted in the previous
commit

* Fixed some instances
2017-08-01 22:03:30 +02:00
Michael Raskin
35e3ea0966 dovecot: 2.2.25 -> 2.2.27 2016-12-28 15:04:51 +01:00
Periklis Tsirakidis
9772f0f9a1 dovecot: enable darwin build 2016-09-29 13:32:28 +02:00
Tuomas Tynkkynen
1bf5ded193 treewide: Lots of meta.hydraPlatforms -> meta.platforms
In all of these files, there is no meta.platforms but only
meta.hydraPlatforms, which doesn't seem to have any purpose except being
inconsistent.
2016-08-02 21:17:44 +03:00
Kranium Gikos Mendoza
65446c6377 dovecot: 2.2.24 -> 2.2.25 2016-07-03 21:43:55 +08:00
Peter Simons
8e462995ba Bring my stdenv.lib.maintainers user name in line with my github nick. 2016-05-16 22:49:55 +02:00
Franz Pletz
70ac1ec422 dovecot: 2.2.21 -> 2.2.24 2016-05-03 16:03:41 +02:00