Revisions of dovecot23
buildservice-autocommit
accepted
request 832820
from
Factory Maintainer (factory-maintainer)
(revision 80)
baserev update by copy to link target
Marcus Rueckert (darix)
committed
(revision 79)
- libsodium is not strictly required, it is only required for the argon password scheme. This is now no longer supported on sle12
buildservice-autocommit
accepted
request 826276
from
Marcus Rueckert (darix)
(revision 78)
baserev update by copy to link target
Marcus Rueckert (darix)
committed
(revision 77)
add bugnumbers
Marcus Rueckert (darix)
accepted
request 826219
from
Arjen de Korte (adkorte)
(revision 76)
- update to 2.3.11.3 and pigeonhole to 0.5.11 Dovecot 2.3.11.3 - pop3-login: Login didn't handle commands in multiple IP packets properly. This mainly affected large XCLIENT commands or a large SASL initial response parameter in the AUTH command. - pop3: pop3_deleted_flag setting was broken, causing: Panic: file seq-range-array.c: line 472 (seq_range_array_invert): assertion failed: (range[count-1].seq2 <= max_seq) Dovecot 2.3.11.2 - auth: Lua passdb/userdb leaks stack elements per call, eventually causing the stack to become too deep and crashing the auth or auth-worker process. - lib-mail: v2.3.11 regression: MIME parts not returned correctly by Dovecot MIME parser. - pop3-login: Login would fail with "Input buffer full" if the initial response for SASL was too long. Dovecot 2.3.11 * CVE-2020-12100: Parsing mails with a large number of MIME parts could have resulted in excessive CPU usage or a crash due to running out of stack memory. * CVE-2020-12673: Dovecot's NTLM implementation does not correctly check message buffer size, which leads to reading past allocation which can lead to crash. * CVE-2020-10967: lmtp/submission: Issuing the RCPT command with an address that has the empty quoted string as local-part causes the lmtp service to crash. * CVE-2020-12674: Dovecot's RPA mechanism implementation accepts zero-length message, which leads to assert-crash later on. * Events: Fix inconsistency in events. See event documentation in https://doc.dovecot.org.
buildservice-autocommit
accepted
request 809014
from
Factory Maintainer (factory-maintainer)
(revision 75)
baserev update by copy to link target
buildservice-autocommit
accepted
request 807017
from
Marcus Rueckert (darix)
(revision 74)
baserev update by copy to link target
Marcus Rueckert (darix)
committed
(revision 73)
- update tls 1.3 patch to allow building with tls 1.0
Marcus Rueckert (darix)
committed
(revision 72)
- add bugnumbers
Marcus Rueckert (darix)
accepted
request 806987
from
Michael Ströder (stroeder)
(revision 71)
update to 2.3.10.1 with security fixes
buildservice-autocommit
accepted
request 800837
from
Factory Maintainer (factory-maintainer)
(revision 70)
baserev update by copy to link target
Marcus Rueckert (darix)
committed
(revision 69)
Allow setting TLSv1.3 as minimum TLS version
buildservice-autocommit
accepted
request 785090
from
Dirk Mueller (dirkmueller)
(revision 68)
baserev update by copy to link target
Dirk Mueller (dirkmueller)
accepted
request 784360
from
Arjen de Korte (adkorte)
(revision 67)
- update to 2.3.10 and pigeonhole to 0.5.10 Dovecot 2.3.10 * Disable retpoline migitations by default. These can cause severe performance regressions, so they should be only enabled when applicable. * IMAP MOVE now commits transactions in batches of 1000 mails. This helps especially with lazy_expunge when moving a lot of mails. It mainly avoids situations where multiple IMAP sessions are running the same MOVE command and duplicating the mails in the lazy_expunge folder. With this change there can still be some duplication, but the MOVE always progresses forward. Also if the MOVE fails at some point, the changes up to the last 1000 mails are still committed instead of rolled back. Note that the COPY command behavior hasn't changed, because it is required by IMAP standard to be an atomic operation. * IMAP EXPUNGE and CLOSE now expunges mails in batches of 1000 mails. This helps especially with lazy_expunge when expunging a lot of mails (e.g. millions) to make sure that the progress always moves forward even if the process is killed. * Autoexpunging now expunges mails in batches of 1000 mails. This helps especially with lazy_expunge when expunging a lot of mails (e.g. millions) to make sure that the progress always moves forward even if the process is killed. + Add tool for generating sysreport called dovecot-sysreport. This generates a bundle of information usually needed for support requests. + Add support for the new IMAP \Important SPECIAL-USE flag (RFC 8457). + Add metric { group_by } setting. This allows automatically creating new metrics based on the fields you want to group statistics by. NOTE: This feature is considered experimental and syntax is subject to change in future release. + auth: Support SCRAM-SHA-256 authentication mechanism. + imap: Support the new IMAP STATUS=SIZE extension. + Use TCP_QUICKACK to reduce latency for some TCP connections. + quota-status: Made the service more robust against erroneous use with Postfix ACL policies other than smtpd_recipient_restrictions. + Add "revision" field support to imap_id_send setting. Using "revision *" will send in IMAP ID command response the short commit hash of the Dovecot git source tree HEAD (same as in dovecot --version). + IMAP ENVELOPE includes now all addresses when there are multiple headers (From, To, Cc, etc.) The standard way of having multiple addresses is to just list them all in a single header. It's non-standard to have multiple headers. However, since MTAs allow these mails to pass through and different software may handle them in different ways, it's better from security point of view to show all the addresses. + Event filters now support using "field_name=" to match a field that doesn't exist or has an empty value. For example use "error=" to match only events that didn't fail. - acl: INBOX ACLs shouldn't apply for IMAP GETMETADATA/SETMETADATA commands. - cassandra: CASS_ERROR_SERVER_WRITE_FAILURE error should also be treated as "uncertain write failure". - dict-redis: Using quota_clone configured with dict-redis could have crashed when Redis responded slowly. - fts-solr: The XML response parser fails to parse large/chunked responses correctly. This leads to spurious parse errors, most notably: "Error: fts_solr: received invalid uid '0'". - imap-hibernate: Communication trouble with imap-master leads to segfault. - imap-hibernate: Unhibernation retrying wasn't working. - imap: Fixed auth lookup privilege problem when imap process was reused and user was being un-hibernated. - Fix potential crash when copying/moving mails within the same folder. This happened only when there were a lot of fields in dovecot.index.cache. - lib-index: Recreating dovecot.index.cache file could have crashed when merging bitmask fields. - lib-index: Using public/shared folders with INDEXPVT configured to use private \Seen flags, trying to search seen/unseen in an empty folder crashes with segfault. - lib-mail: Large base64-encoded mails weren't decoded properly. This could have affected searching/indexing mails and message snippet generation. - lib-mail: Message with only quoted text could have caused message snippet to ignore its 200 character limit and return the entire message. This was added also to dovecot.index.cache file, which increased disk space and memory usage unnecessarily. v2.3.9.2 regression (previous versions cached the quoted snippet as empty). In a large mail quoted text could have become wrongly added to the snippet, possibly mixed together with non-quoted text. - lib-smtp: client could have assert-crashed if STARTTLS handshake finished earlier than usually. - lib-ssl-iostream: remove -static flag for lib-ssl-iostream linking to prevent a compile issue. - lib-storage: Mailbox synchronization may have assert-crashed in some rare situations. - lib-storage: mdbox didn't preserve date.saved with dsync. - lib: Don't require EAI_{ADDRFAMILY,NODATA}, breaks FreeBSD - master: Some services could respawn unthrottled if they crash during startup. - push-notification: Do not send push_notification_finished event if nothing was done. This happens when mail transaction is started and ended with no changes. - quota-status: Addresses with special characters in the local part caused problems in the interaction between Postfix and Dovecot. Postfix sent its own internal representation in the recipient field, while Dovecot expected a valid RFC5321 mailbox address. - submission-login: SESSION was not correctly encoded field for the XCLIENT command. Particularly, a '+' character introduced by the session ID's Base64 encoding causes problems. - submission: Fix submission_max_mail_size to work correctly on 32-bit systems. - submission: Trusted connections crashed in second connection's EHLO if submission-login { service_count } is something else than 1 (which is the default). - submission: XCLIENT command was never used in the protocol exchange with the relay MTA when submission_backend_capabilities is configured, even when the relay MTA was properly configured to accept the XCLIENT command. Pigeonhole 0.5.10 * imap_sieve_filter: Change result action logging to include IMAP UID - vacation: Addresses were compared case-sensitively.
buildservice-autocommit
accepted
request 779422
from
Marcus Rueckert (darix)
(revision 66)
baserev update by copy to link target
Marcus Rueckert (darix)
accepted
request 779407
from
Dominique Leuenberger (dimstar)
(revision 65)
- Update dovecot-2.3.0-dont_use_etc_ssl_certs.patch: since we change CERTDIR to /etc/ssl/private, it is rather evil to then err out claiming /etc/ssl/certs would not exist. The error message should mention the directory it tested for.
buildservice-autocommit
accepted
request 774042
from
Marcus Rueckert (darix)
(revision 64)
baserev update by copy to link target
Marcus Rueckert (darix)
accepted
request 773697
from
Arjen de Korte (adkorte)
(revision 63)
- update to 2.3.9.3 * CVE-2020-7046: Truncated UTF-8 can be used to DoS submission-login and lmtp processes. * CVE-2020-7957: Specially crafted mail can crash snippet generation.
buildservice-autocommit
accepted
request 763048
from
Wolfgang Rosenauer (wrosenauer)
(revision 62)
baserev update by copy to link target
Wolfgang Rosenauer (wrosenauer)
accepted
request 758889
from
Peter Varkoly (varkoly)
(revision 61)
- Adapt package changes in mysql-devel
Displaying revisions 41 - 60 of 120