Overview

File _patchinfo of Package patchinfo.5071

<patchinfo incident="5071">
  <issue id="1045662" tracker="bnc">ssl_iostream_generate_params(2048) failed: DH_generate_parameters(bits=512, gen=2) failed</issue>
  <category>recommended</category>
  <rating>moderate</rating>
  <packager>darix</packager>
  <description>This update provides Dovecot version 2.2.31, which brings many fixes and enhancements:

- Do not generate dhparams smaller than 2048 in FIPS mode. (bsc#1045662)
- Removed "(Dovecot)" from added Received headers. Some installations want to hide it, and there's
  not really any good reason for anyone to have it.
- Add ssl_alt_cert and ssl_alt_key settings to add support for having both RSA and ECDSA certificates.
- Strip trailing whitespace from headers when matching mails in dsync/imapc and pop3-migration plugin.
- Add acl_globals_only setting to disable looking up per-mailbox dovecot-acl files.
- Parse invalid message addresses better. This mainly affects the generated IMAP ENVELOPE replies.
- Fix potential corruption of dovecot.index.cache that could lead to deleting wrong mail's cache.
- Fix crash in mail-crypt-acl plugin.
- Fix welcome plugin.
- Various fixes to handling mailbox listing. Especially related to handling non-existent autocreated
  or autosubscribed mailboxes and ACLs.
- Global ACL file was parsed as if it was local ACL file.
- Only the first forward_* field was working, and only if the first passdb lookup succeeded.
- Using mail_sort_max_read_count sometimes caused "Broken sort-* indexes, resetting" errors.
- Using mail_sort_max_read_count may have caused very high CPU usage.
- Message address parsing could have crashed on invalid input.
- imapc_features=fetch-headers wasn't always working correctly and caused the full header to be fetched.
- Various bug fixes related to connection failure handling in imapc.
- Unnecessary FETCH RFC822.SIZE sent to server when expunging mails if quota=imapc.
- Add support for "ns" parameter to quota=count.
- Fix incremental syncing for mails that don't have Date or Message-ID headers.
- Fix hang when client sends pipelined SEARCH + EXPUNGE/CLOSE/LOGOUT.
- Token validation in oauth2 didn't accept empty server responses.
- Adjusts Pigeonhole to several changes in the Dovecot API, making it depend on Dovecot v2.2.31.
- Fixed bug in handling of implicit keep in some cases. Implicit side-effects, such as assigned
  flags, were not always applied correctly.
- Fixed segmentation fault that could occur when the global script location was left unconfigured.
</description>
  <summary>Recommended update for dovecot22</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places