File dovecot22.changes of Package dovecot22

Thu Sep 11 11:40:28 UTC 2014 -

- also track the config files from the sieve support in the %ghost

Thu Sep 11 11:09:41 UTC 2014 -

- for the mysql subpackage use the really provided symbol and not
  just part of the package name.

Wed Sep 10 15:45:52 UTC 2014 -

- fix typo in conflicts: s/otherprovider/otherproviders/

Wed Sep 10 10:51:45 UTC 2014 -

- while technically not needed, adding back conflicts on

Tue Sep  9 10:18:05 UTC 2014 -

- add all dovecot-*.configfiles as sources

Mon Sep  8 23:42:19 UTC 2014 -

- dont ghost the whole /etc/dovecot. on older rpms the directory is
  not created in that case. we only ghost /etc/dovecot/* and have a
  %dir entry for /etc/dovecot.

Mon Sep  8 22:24:22 UTC 2014 -

- dont try to delete systemd files when not building with systemd.

Mon Sep  8 20:14:32 UTC 2014 -

- also add dovecot config files for the other 2.x branches

Mon Sep  8 14:35:56 UTC 2014 -

- finally found a way to preserve the configuration even over
  version updates.
  - have the same ghosting loop in this package as in the
    unversioned package
  - that way the config files are owned by oth and upgrading to a
    newer version of dovecot e.g. 2.3 would also not kill the
    config anymore as before.

Fri Sep  5 19:04:10 UTC 2014 -

- added back the old style conflicts to make upgrading easier
- moved copying of the config to the unversioned package

Fri Sep  5 18:23:46 UTC 2014 -

- move the copy part to %postun for handling the upgrading more

Fri Sep  5 17:36:38 UTC 2014 -

- we really need the %posttrans for reinstalling the same package

Fri Sep  5 17:03:33 UTC 2014 -

- no longer obsolete older packages. module packages require
  their base package with version. the main package has a conflicts
  on other providers of dovecot-implementation.

Fri Sep  5 16:15:14 UTC 2014 -

- guard the new %pre/%post snippets against missing dovecot package

Fri Sep  5 16:06:18 UTC 2014 -

- fix
  dovecot should be shut down before exchanging files.

Fri Sep  5 11:02:25 UTC 2014 -

- remove all the init script related scripts from this package.
  that we we can break the build cycle more easily.
- copy the example config in post.

Fri Sep  5 10:45:17 UTC 2014 -

- split out all the things we can share with other versioned
  dovecot packages.

Thu Sep  4 15:45:02 UTC 2014 -

- no longer obsolete/provide dovecot
- provide dovecot-implementation

Tue Jul 29 16:00:28 UTC 2014 -

- use xz-devel to fix build on SLE 11 SP3

Tue Jul 29 14:28:04 UTC 2014 -

- only build clucene for sle 11 or newer

Tue Jul 29 14:21:20 UTC 2014 -

- don't package /var/run on systemd systems

Tue Jul 29 14:06:35 UTC 2014 -

- only lzma support on sle 11 or newer

Tue Jul 29 13:44:20 UTC 2014 -

- moved all the conditionals in the spec file to bcond_with
- added new conditinal for lz4
- enabled lzma support
- fixed systemd support:
  - added tmpfiles.d config for dovecot
  - only install the old init script on non systemd systems.
  - updated %pre*/%post scriptlets to the previous change
- added dovecot-rpmlintrc to sources list

Tue Jul 29 11:50:16 UTC 2014 -

- bnc#889030 - Package 'dovecot22' contains 'SuSE' spelling in a filename and/or SPEC file
- Enhance Readme.SUSE with informations about using dovecot with 
  postfix on SLE12 

Mon May 12 09:48:45 UTC 2014 -

- Update to 2.2.13:
  - Security release:
      Fixes CVE-2014-3430 (bnc#877255, rh#1096402).
  * Fixed a DoS attack against imap/pop3-login processes. If SSL/TLS
    handshake was started but wasn't finished, the login process
    attempted to eventually forcibly disconnect the client, but failed
    to do it correctly. This could have left the connections hanging
    arond for a long time. (Affected Dovecot v1.1+)
  + mdbox: Added mdbox_purge_preserve_alt setting to keep the file
    within alt storage during purge. (Should become enforced in v2.3.0?)
  + fts: Added support for parsing attachments via Apache Tika. Enable
    with: plugin { fts_tika = http://tikahost:9998/tika/ }
  + virtual plugin: Delay opening backend mailboxes until it's necessary.
    This requires mailbox_list_index=yes to work. (Currently IMAP IDLE
    command still causes all backend mailboxes to be opened.)
  + mail_never_cache_fields=* means now to disable all caching. This may
    be a useful optimization as doveadm/dsync parameter for some admin
    tasks which shouldn't really update the cache file.
  + IMAP: Return SPECIAL-USE flags always for LSUB command.
  - pop3 server was still crashing in v2.2.12 with some settings
  - maildir: Various fixes and improvements to handling compressed mails,
    especially when they have broken/missing S=sizes in filenames.
  - fts-lucene, fts-solr: Fixed crash on search when the index contained
    duplicate entries.
  - Many fixes and performance improvements to dsync and replication
  - director was somewhat broken when there were exactly two directors
    in the ring. It caused errors about "weak users" getting stuck.
  - mail_attachment_dir: Attachments with the last base64-encoded line
    longer than the rest wasn't handled correctly.
  - IMAP: SEARCH/SORT PARTIAL was handled completely wrong in v2.2.11+
  - acl: Global ACL file handling was broken when multiple entries
    matched the mailbox name. (Only the first entry was used.)

Thu Feb 13 21:53:06 UTC 2014 -

- Update to 2.2.12:
  - POP3 server code changes rarely, so I haven't spent time adding
    automated testing for it. So of course now that it changed in
    v2.1.11 there was a bug that caused it to crash most of the
    time (except for the test case I was using while developing
    it). This release fixes it, no other changes.

Wed Feb 12 23:17:20 UTC 2014 -

- Add conflicts to the spec file 

Wed Feb 12 21:07:23 UTC 2014 -

- Update to 2.2.11:
  + acl plugin: Added an alternative global ACL file that can contain
    mailbox patterns. See for details.
  + imap proxy: Added proxy_nopipelining passdb setting to work around
    other IMAP servers' bugs (MS Exchange 2013 especially).
  + Added %{auth_user}, %{auth_username} and %{auth_domain} variables.
    See for details.
  + Added support for LZ4 compression.
  + stats: Track also wall clock time for commands.
  + pop3_migration plugin improvements to try harder to match the UIDLs
  - imap: SEARCH/SORT PARTIAL reponses may have been too large.
  - doveadm backup: Fixed assert-crash when syncing mailbox deletion.

Fri Dec 20 11:00:39 UTC 2013 -

- Update to 2.2.10:
  + auth: passdb/userdb dict rewrite to support much more complex
    setups. See doc/example-config/dovecot-dict-auth.conf.ext.
    The old settings will continue to work.
  + auth: Added userdb result_success/failure/tempfail and skip
    settings, similar to passdb's. See
  + imap: Implemented SETQUOTA command for admin user when quota_set is
    configured. See
  + quota: Support "*" and "?" wildcards in mailbox names in quota_rules
  + mysql: Added ssl_verify_server_cert=no|yes parameter. This currently
    defaults to "no" to make sure nothing breaks, but likely will become
    "yes" in Dovecot v2.3.
  + ldap: Added blocking=yes setting to use auth worker processes for
    ldap lookups. This is a workaround for now to be able to use multiple
    simultaneous LDAP connections.
  + pop3c+dsync performance improvements
  - quota-status: quota_grace was ignored
  - ldap: Fixed memory leak with auth_bind=yes and without
  - imap: Don't send HIGHESTMODSEQ anymore on SELECT/EXAMINE when
    CONDSTORE/QRESYNC has never before been enabled for the mailbox.
  - imap: Fixes to handling mailboxes without permanent modseqs.
    (When [NOMODSEQ] is returned by SELECT, mainly with in-memory
  - imap: Various fixes to METADATA support.
  - stats plugin: Processes that only temporarily dropped privileges
    (e.g. indexer-worker) may have been logging errors about not being
    able to open /proc/self/io. 

Mon Nov 25 02:50:00 UTC 2013 -

- Update to 2.2.9:
  + Full text search indexing can now be done automatically after
    saving/copying mails by setting plugin { fts_autoindex=yes }
  + replicator: Added replication_dsync_parameters setting to pass
    "doveadm sync" parameters (for controlling what to replicate).
  + Added mail-filter plugin
  + Added liblzma/xz support (zlib_save=xz)
  - v2.2.8's improved cache file handling exposed several old bugs
    related to fetching mail headers.
  - v2.2.7's iostream handling changes were causing some connections
    to be disconnected before flushing their output (e.g. POP3 logout
    message wasn't being sent)

Wed Nov 20 10:47:01 UTC 2013 -

- Update to 2.2.8:
  + Mail cache lookups work for the mail being saved. This improves
    performance by avoiding the need to parse the mail multiple times
    when using some plugins (e.g. mail_log).
  + Mail cache works for recently cached data also with in-memory
  + imapc: Many performance improvements, especially when working with
    dsync. Also added imapc_feature=fetch-headers which allows using
    FETCH BODY.PEEK[HEADER.FIELDS (..)] to avoid reading the entire
  + mail_location = ..:FULLDIRNAME=dbox-Mails is the same as
    :DIRNAME=dbox-Mails, but it will also be used for
    :INDEX and :CONTROL directories. (It should have worked this way
    from the beginning, but can't be changed anymore without breaking
    existing installations).
  - Fixed infinite loop in message parsing if message ends with
    "--boundary" and CR (without LF). Messages saved via SMTP/LMTP can't
    trigger this, because messages must end with an "LF.". A user could
    trigger this for him/herself though.
  - lmtp: Client was sometimes disconnected before all the output was
    sent to it.
  - imap_zlib plugin caused crashes during client disconnection in
  - replicator: Database wasn't being exported to disk every 15 minutes
    as it should have. Instead it was being imported, causing "doveadm
    replicator remove" commands to not work very well.

Tue Nov  5 03:12:46 UTC 2013 -

- Update to 2.2.7:
  * Some usage of passdb checkpassword could have been exploitable by
    local users. You may need to modify your setup to keep it working.
  + auth: Added ability to truncate values logged by
    auth_verbose_passwords (see 10-logging.conf comment)
  + mdbox: Added "mdbox_deleted" storage, which can be used to access
    messages with refcount=0. For example: doveadm import
    mdbox_deleted:~/mdbox "" mailbox inbox subject oops
  + ssl-params: Added ssl_dh_parameters_length setting.
  - master process was doing a hostname.domain lookup for each created
    process, which may have caused a lot of unnecessary DNS lookups.
  - dsync: Syncing over 100 messages at once caused problems in some
    situations, causing messages to get new UIDs.
  - fts-solr: Different Solr hosts for different users didn't work. 

Wed Oct  9 15:14:07 UTC 2013 -

- Update to 2.2.6:
  * acl: If public/shared namespace has a shared subscriptions file for
    all users, don't list subscription entries that are not visible to
    the user accessing it.
  + doveadm: Added "auth lookup" command for doing passdb lookup.
  + login_log_format_elements: Added %{orig_user}, %{orig_username}
    and %{orig_domain} expanding to the username exactly as sent by
    the client (before any changes auth process made).
  + Added ssl_prefer_server_ciphers setting.
  + auth_verbose_passwords: Log the password also for unknown users.
  + Linux: Added optional support for SO_REUSEPORT with
    inet_listener { reuse_port=yes }
  - director: v2.2.5 changes caused "SYNC lost" errors
  - dsync: Many fixes and error handling improvements
  - doveadm -A: Don't waste CPU by doing a separate config lookup
    for each user
  - Long-running ssl-params process no longer prevents Dovecot restart
  - mbox: Fixed mailbox_list_index=yes to work correctly 
- Update Pigeonhole to 0.4.2:
  * Incompatible change in Sieve doveadm plugin: the root attribute for
    Sieve scripts is changed. Make sure that you update both sides of a
    dsync setup simultaneously when Sieve is involved, otherwise
    synchronization will likely fail.
  + Added support for sending Sieve vacation replies with an actual
    sender, rather than the default <> sender. Check the updated
    doc/extensions/vacation.txt for more information.
  - Fixed a binary code read problem in the `set' command of the Sieve
    variables extension. Using the set command with a modifier and an
    empty string value would cause code corruption problems while running
    the script.
  - Various fixes for doveadm-sieve plugin, mostly crashes. These include
    a fix for the `Invalid value for default sieve attribute' problem.
  - Various fixes for compiler and static analyzer warnings, e.g. as
    reported by CLang and on 32 bit systems.
  - Fixed the implementation of the new :options flag for the Sieve
    include extension.
  - Fixed potential segfault bug at deinitialization of the lda-sieve
  - Fixed messed up hex output for sieve-dump tool.

Wed Aug 14 05:47:21 UTC 2013 -

- Update to 2.2.5:
  + SSL: Added support for ECDH/ECDHE cipher suites (by David Hicks)
  + Added some missing man pages (by Pascal Volk)
  + quota-status: Added quota_status_toolarge setting (by Ulrich Zehl)
  - director: Users near expiration could have been redirected to
    different servers at the same time.
  - pop3: Avoid assert-crash if client disconnects during LIST.
  - mdbox: Corrupted index header still wasn't automatically fixed.
  - dsync: Various fixes to work better with imapc and pop3c storages.
  - ldap: sasl_bind=yes caused crashes, because Dovecot's lib-sasl
    symbols conflicted with Cyrus SASL library.
  - imap: Various error handling fixes to CATENATE. (Found using
    Apple's stress test script.)

Wed Jul  3 21:25:06 UTC 2013 -

- Update Pigeonhole to 0.4.1:
  + Added support for handling temporary failures. These are passed back
    to LDA/LTMP to produce an appropriate response towards the MTA.
  - Sieve storage: Removed PATH_MAX limitation for active symlink. This
    caused problems for GNU/Hurd.
  - Fixed line endings in X-Sieve headers added by redirect command.
  - ManageSieve: Fixed '[' ']' stupidity for response codes (only
    happened before login).
  - Fixed setting name in example-config/conf.d/20-managesieve.conf.
  - Sieve extprograms plugin: Fixed interaction between pipe command and
    remote script service. The output from the script service was never
    read, causing a broken pipe error at the script service. Apparently,
    this was broken since the I/O handling for extprograms was last
  - Fixed assertion failure due to datastack problem in message header

Tue Jun 25 04:27:13 UTC 2013 -

- Update to 2.2.4:
  + doveadm: Added "flags" command to modify message flags.
  + doveadm: Added "deduplicate" command to expunge message duplicates.
  + dsync: Show the state in process title with verbose_proctitle=yes.
  - imap/pop3 proxy: Master user logins were broken in v2.2.3
  - sdbox/mdbox: A corrupted index header with wrong size was never
    automatically fixed in v2.2.3.
  - mbox: Fixed assert-crashes related to locking.

Mon Jun 17 02:13:21 UTC 2013 -

- Update to 2.2.3:
  This is a pretty important upgrade for v2.2 users, because of the IMAP
  ENVELOPE reply fix.
  * LDA/LMTP: If new mail delivery first fails with "temporary
    failure", tempfail the whole delivery instead of falling back to
    delivering the mail to INBOX. (Requires new Pigeonhole as well.)
  * doc/solr-schema.xml was updated to Solr v4.x format. Also the
    default analyzers were changed, hopefully for the better. Note that
    the schema can't be changed for existing Solr indexes without
    rebuilding everything.
  * Solr plugin does only soft commits from now on. You'll need a
    cronjob to send a hard commit command to it every few minutes.
  + Added %N modifier for variables as %H-like "new hash"
  + sdbox, mdbox: Support POP3 message order field (for migrations)
  + Added mailbox { driver } to specify a different mail storage
    format for the mailbox than generally used within the namespace.
  + Added initial lib-sasl library for client side SASL support.
    Currently supports only PLAIN, LOGIN and plugins. Used currently
    by IMAP and POP3 proxying when authenticating to the remote server.
  - IMAP: If subject contained only whitespace, Dovecot returned an
    ENVELOPE reply with a huge literal value, effectively causing the
    IMAP client to wait for more data forever.
  - IMAP: Various URLAUTH fixes.
  - imapc: Various bugfixes and improvements
  - pop3c: Various fixes to make it work in dsync (without imapc)
  - dsync: Fixes to syncing subscriptions. Fixes to syncing mailbox

Sat Jun 15 21:11:31 UTC 2013 -

- reenable sieve/pigeonhole extension
- conflict with otherproviders(dovecot) instead of explicit
  package names

Mon May 20 02:45:13 UTC 2013 -

- Update to 2.2.2:
  + zlib: Keep the last mail cached uncompressed in a temp file. This
    fixes performance when doing small partial fetches from a large
  + acl: If plugin { acl_defaults_from_inbox = yes } is set, get the
    default ACLs for private and shared namespaces from the user's INBOX.
    (This probably will become default in v2.3.)
  + pop3: Added pop3_deleted_flag setting to switch POP3 deletions to
    only hide the messages from POP3, but still be visible via IMAP.
  - ACL plugin: Mailbox creation wasn't actually checking any ACLs
    and always succeeded (due to some v2.2 API changes). The created
    mailbox couldn't have been accessed though, so this couldn't have
    caused any data leak.
  - IMAP: Various URLAUTH fixes.
  - IMAP: Fixed a hang with invalid APPEND parameters.
  - IMAP LIST-EXTENDED: INBOX was never listed with \Subscribed flag.
  - mailbox_list_index=yes still caused crashes.
  - maildir: Fixed a crash after dovecot-keywords file was re-read.
  - maildir: If files had reappeared unexpectedly to a Maildir, they
    were ignored until index files were deleted.
  - Maildir: Fixed handling over 26 keywords in a mailbox.
  - Maildir++: Fixed mail_shared_explicit_inbox=no
  - namespace { prefix="" list=no } was listing mailboxes.
  - imap/pop3-login proxying: Fixed a crash if TCP connection succeeded,
    but the remote login timed out.
  - Case-insensitive search/sort didn't work correctly for all unicode
    characters, as specified by i;unicode-casemap comparator. If full
    text search indexes were used, they need to be rebuilt for old mails
    to be handled correctly. (This bug has existed always in Dovecot.)

Thu May  9 17:25:00 UTC 2013 -

- Update Pigeonhole to 0.4.0:
  + Added doveadm-sieve plugin that provides the possibility to sync
    Sieve scripts using doveadm sync along with the user's mailboxes.
  + Added the Sieve extprograms plugin to the main Pigeonhole package. It
    is still a plugin, but it is now included so that a separate compile
    is no longer necessary and distributors are likely to include it. The
    extprograms plugin provides Sieve language extensions that allows
    executing (administrator-controlled) external programs for message
    delivery, message filtering and string manipulation. Refer to
    doc/plugins/sieve_extprograms.txt for more information.
  + Added debug message showing Pigeonhole version at initialization.
    Makes it very clear that the plugin is properly loaded.
  + Finished implementation of the Sieve include extension. It should now
    fully conform to RFC 6609. The main addition is the new :optional tag
    which  makes the include command ignore missing included scripts
    without an error.
  + Finished implementation of the Sieve environment extension as much as
    possible. Environment items "location", "phase" and "domain" now also
    return a usable value.

Thu Apr 18 21:49:06 UTC 2013 -

- Update to 2.2.1:
  - mailbox_list_index=yes was broken.
  - LAYOUT=index didn't list subscriptions.
  - auth: Multiple master passdbs didn't work.
  - Message parsing (e.g. during search) crashed when multipart
    message didn't actually contain any parts.

Fri Apr 12 17:40:59 UTC 2013 -

- Update to 2.2.0:
  * When creating home directories, the permissions are copied from the
    parent directory if it has setgid-bit set. For full details, see
  * "doveadm auth" command was renamed to "doveadm auth test"
  * IMAP: ID command now advertises server name as Dovecot by default.
    It was already trivial to guess this from command replies.
  * dovecot.index.cache files can be safely accessed only by v2.1.11+.
    Older versions may think they're corrupted and delete them.
  * LDA/LMTP: If saving a mail brings user from under quota to over
    quota, allow it based on quota_grace setting (default: 10%
    above quota limit).
  * pop3_lock_session=yes now uses a POP3-only dovecot-pop3-session.lock
    file instead of actually locking the mailbox (and causing
    IMAP/LDA/LMTP to wait for the POP3 session to close).
  * mail_shared_explicit_inbox setting's default switched to "no".
  * ssl_client_ca_dir setting replaced imapc_ssl_ca_dir and
    pop3c_ssl_ca_dir settings.
  + Implemented IMAP MOVE and BINARY extensions
  + Implemented IMAP CATENATE, URLAUTH and URLAUTH=BINARY extensions
    (by Stephan Bosch).
  + Implemented IMAP NOTIFY extension. Requires mailbox_list_index=yes
    to be enabled.
  + Redesigned and rewritten dsync. The new design makes the syncing
    faster, more reliable and more featureful. The new dsync protocol
    isn't backwards compatible with old dsync versions (but is designed
    to be forwards compatible with future versions).
  + All mailbox formats now support per-user message flags for shared
    mailboxes by using a private index. It can be enabled by adding
    :INDEXPVT=<path> to mail location. This should be used instead of
    :INDEX also for Maildir/mbox to improve performance.
  + Improved mailbox list indexes. They should be usable now, although
    still disabled by default.
  + Added LAYOUT=index. The mailbox directories are created using their
    GUIDs in the filesystem, while the actual GUID <-> name mapping
    exists only in the index.
  + LMTP proxy: Implemented XCLIENT extension for passing remote IP
    address through proxy.

Thu Apr 11 16:18:42 UTC 2013 -

- Update to 2.2.rc7:
  * checkpasword: AUTH_PASSWORD environment is no longer set.
  * Running dsync no longer triggers quota warnings.
  + dsync: Commit large transactions every 100 new messages, so if a
    large sync crashes it doesn't have to be restarted from the
  - replicator: doveadm commands and user list export may have skipped
    some users.
  - Various fixes to mailbox_list_index=yes

Sun Apr  7 23:57:16 UTC 2013 -

- Update to 2.2.rc6:
  * replicator: Don't create replicator-doveadm socket by default.
    This way doveadm replicator commands don't accidentally start an
    unconfigured replicator server.
  + replicator: Have remote dsync notify the remote replicator that
    a user was just synced. This way the replicators are kept roughly
    in sync.
  + Added ssl_client_ca_file to specify the CA certs as a file. This is
    needed (instead of ssl_client_ca_dir) in RedHat-based systems.
  + Added "doveadm fs" commands, mainly to debug lib-fs backends.
  - Mailbox list indexes weren't using proper file permissions based
    on the root directory.

Fri Apr  5 18:11:38 UTC 2013 -

- Update to 2.2.rc5:
  One more API change that required also a Pigeonhole modification.
  A few other random fixes. I'm planning on making v2.2.0 release
  on Monday.
  Please test before that. :)

Fri Apr  5 03:10:28 UTC 2013 -

- Update to rc4:
  A lot of small random fixes. Some last minute major cleanups/fixes to
  lib-http and lib-ssl-iostream error handling, which makes them much
  easier to debug if something goes wrong (so e.g. if https site has
  invalid certificate, the caller gets error message saying that,
  including the part of the cert that couldn't be validated).

  I don't have anything important left in my v2.2 TODO. It passes all my
  tests. So I'm hoping for v2.2.0 release any day now.

  + Added "doveadm replicator" commands
  - Larger changes to lib-http and lib-ssl-iostream error handling.
    The API caller can now get the exact error message as a string.
  - Various bugfixes to LDAP changes in rc3

Thu Mar 21 02:19:42 UTC 2013 -

- Update to 2.2.rc3:
  + dsync: Support syncing ACLs (and Sieve scripts with Pigeonhole)
  + ldap: Support subqueries and value pointers, see
  + postmaster_address setting: Expand %d to recipient's domain
  - Fixed a crash when decoding quoted-printable content.
  - dsync: Various bugfixes

Tue Feb 26 01:19:15 UTC 2013 -

- Update to 2.2.rc2:
  - A few fixes since beta2. Also added tcp and tcps (=tcp+ssl)
    targets for dsync, where the destination needs to be a
    doveadm-server listener.

Fri Feb 22 17:02:02 UTC 2013 -

- Update to 2.2.beta2:
  - A ton of fixes since beta1. Especially the new dsync and the
    replication server related to that should really work now. It
    also works correctly now for shared mailboxes with private
    \Seen flags. And the replication server uses incremental
    syncing after the initial full sync, so it should be pretty
    efficient also.

Wed Jan  9 10:52:25 UTC 2013 -

- Start packaging dovecot22 series using dovecot21 (at 2.1.13) spec
  file as base;
- Start dovecot22 with dovecot-2.2.beta1.