mirror of
git://slackware.nl/current.git
synced 2024-12-29 10:25:00 +01:00
5edf138e9c
patches/packages/dovecot-2.3.21.1-x86_64-1_slack15.0.txz: Upgraded.
This update fixes security issues:
A large number of address headers in email resulted in excessive CPU usage.
Abnormally large email headers are now truncated or discarded, with a limit
of 10MB on a single header and 50MB for all the headers of all the parts of
an email.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2024-23184
https://www.cve.org/CVERecord?id=CVE-2024-23185
(* Security fix *)
40 lines
1.2 KiB
Diff
40 lines
1.2 KiB
Diff
--- ./doc/example-config/conf.d/auth-system.conf.ext.orig 2017-12-22 07:53:36.000000000 -0600
|
|
+++ ./doc/example-config/conf.d/auth-system.conf.ext 2018-01-31 17:05:06.840878097 -0600
|
|
@@ -7,12 +7,12 @@
|
|
# PAM is typically used with either userdb passwd or userdb static.
|
|
# REMEMBER: You'll need /etc/pam.d/dovecot file created for PAM
|
|
# authentication to actually work. <doc/wiki/PasswordDatabase.PAM.txt>
|
|
-passdb {
|
|
- driver = pam
|
|
+#passdb {
|
|
+ #driver = pam
|
|
# [session=yes] [setcred=yes] [failure_show_msg=yes] [max_requests=<n>]
|
|
# [cache_key=<key>] [<service name>]
|
|
#args = dovecot
|
|
-}
|
|
+#}
|
|
|
|
# System users (NSS, /etc/passwd, or similar).
|
|
# In many systems nowadays this uses Name Service Switch, which is
|
|
@@ -24,13 +24,17 @@
|
|
#}
|
|
|
|
# Shadow passwords for system users (NSS, /etc/shadow or similar).
|
|
-# Deprecated by PAM nowadays.
|
|
+# This is the default on Slackware systems.
|
|
# <doc/wiki/PasswordDatabase.Shadow.txt>
|
|
-#passdb {
|
|
- #driver = shadow
|
|
+passdb {
|
|
+ driver = shadow
|
|
# [blocking=no]
|
|
#args =
|
|
-#}
|
|
+}
|
|
+# Auth worker to authenticate shadow passwords on Slackware:
|
|
+service auth-worker {
|
|
+ group = shadow
|
|
+}
|
|
|
|
# PAM-like authentication for OpenBSD.
|
|
# <doc/wiki/PasswordDatabase.BSDAuth.txt>
|