![[BACK]](/icons/back.gif){kind=icon}
Up to [cvs.NetBSD.org] / pkgsrc / mail / dovecot2
Request diff between arbitrary revisions
Keyword substitution: kv
Default branch: MAIN
*: bump for openssl 3
Quell most of the pkglint warnings.
Update to 2.3.16. From the changelog:
* Any unexpected exit() will now result in a core dump. This can
especially help notice problems when a Lua script causes exit(0).
* auth-worker process is now restarted when the number of auth
requests reaches service auth-worker { service_count }. The default
is still unlimited.
+ Event improvements: Added data_stack_grow event and http-client
category. See https://doc.dovecot.org/admin_manual/list_of_events/
+ oauth2: Support RFC 7628 openid-configuration element. This allows
clients to support OAUTH2 for any server, not just a few hardcoded
servers like they do now. See openid_configuration_url setting in
dovecot-oauth2.conf.ext.
+ mysql: Single statements are no longer enclosed with BEGIN/COMMIT.
+ dovecot-sysreport --core supports multiple core files now and does
not require specifying the binary path.
+ imapc: When imap_acl plugin is loaded and imapc_features=acl is used,
IMAP ACL commands are proxied to the remote server. See
https://doc.dovecot.org/configuration_manual/mail_location/imapc/
+ dict-sql now supports the "UPSERT" syntax for SQLite and PostgreSQL.
+ imap: If IMAP client disconnects during a COPY command, the copying
is aborted, and changes are reverted. This may help to avoid many
email duplicates if client disconnects during COPY and retries it
after reconnecting.
- master process was using 100% CPU if service attempted to create more
processes due to process_min_avail, but process_limit was already
reached. v2.3.15 regression.
- Using attachment detection flags wrongly logged unnecessary "Failed
to add attachment keywords" errors. v2.3.13 regression.
- IMAP QRESYNC: Expunging UID 1 mail resulted in broken VANISHED
response, which could have confused IMAP clients. v2.3.13 regression.
- imap: STORE didn't send untagged replies for \Seen changes for
(shared) mailboxes using INDEXPVT. v2.3.10 regression.
- rawlog_dir setting would not log input that was pipelined after
authentication command.
- Fixed potential infinite looping with autoexpunging.
- Log event exporter: Truncate long fields to 1000 bytes
- LAYOUT=index: ACL inheritance didn't work when creating mailboxes
- Event filters: Unquoted '?' wildcard caused a crash at startup
- fs-metawrap: Fix to handling zero sized files
- imap-hibernate: Fixed potential crash at deinit.
- acl: dovecot-acl-list files were written for acl_ignore_namespaces
- program-client (used by Sieve extprograms, director_flush_socket)
may have missed status response from UNIX and network sockets,
resulting in unexpected failures.
mail/dovecot: update to 2.3.15
Security release.
v2.3.15 2021-06-21 Aki Tuomi <aki.tuomi@open-xchange.com>
* CVE-2021-29157: Dovecot does not correctly escape kid and azp fields in
JWT tokens. This may be used to supply attacker controlled keys to
validate tokens, if attacker has local access.
* CVE-2021-33515: On-path attacker could have injected plaintext commands
before STARTTLS negotiation that would be executed after STARTTLS
finished with the client.
* Disconnection log messages are now more standardized across services.
They also always now start with "Disconnected" prefix.
* Dovecot now depends on libsystemd for systemd integration.
* Removed support for Lua 5.2. Use version 5.1 or 5.3 instead.
* config: Some settings are now marked as "hidden". It's discouraged to
change these settings. They will no longer be visible in doveconf
output, except if they have been changed or if doveconf -s parameter
is used. See https://doc.dovecot.org/settings/advanced/ for details.
* imap-compress: Compression level is now algorithm specific.
See https://doc.dovecot.org/settings/plugin/compress-plugin/
* indexer-worker: Convert "Indexed" info logs to an event named
"indexer_worker_indexing_finished". See
https://doc.dovecot.org/admin_manual/list_of_events/#indexer-worker-indexing-finished
+ Add TSLv1.3 support to min_protocols.
+ Allow configuring ssl_cipher_suites. (for TLSv1.3+)
+ acl: Add acl_ignore_namespace setting which allows to entirely ignore
ACLs for the listed namespaces.
+ imap: Support official RFC8970 preview/snippet syntax. Old methods of
retrieving preview information via IMAP commands ("SNIPPET and PREVIEW
with explicit algorithm selection") have been deprecated.
+ imapc: Support INDEXPVT for imapc storage to enable private
message flags for cluster wide shared mailboxes.
+ lib-storage: Add new events: mail_opened, mail_expunge_requested,
mail_expunged, mail_cache_lookup_finished. See
https://doc.dovecot.org/admin_manual/list_of_events/#mail
+ zlib, imap-compression, fs-compress: Support compression levels that
the algorithm supports. Before, we would allow hardcoded value between
1 to 9 and would default to 6. Now we allow using per-algorithm value
range and default to whatever default the algorithm specifies.
- *-login: Commands pipelined together with and just after the authenticate
command cause these commands to be executed twice. This applies to all
protocols that involve user login, which currently comprises of imap,
pop3, submisision and managesieve.
- *-login: Processes are supposed to disconnect the oldest non-logged in
connection when process_limit was reached. This didn't actually happen
with the default "high-security mode" (with service_count=1) where each
connection is handled by a separate process.
- *-login: When login process reaches client/process limits, oldest
client connections are disconnected. If one of these was still doing
anvil lookup, this caused a crash. This could happen only if the login
process limits were very low or if the server was overloaded.
- Fixed building with link time optimizations (-flto).
- auth: Userdb iteration with passwd driver does not always return all
users with some nss drivers.
- dsync: Shared INBOX not synced when "mail_shared_explicit_inbox" was
disabled. If a user has a shared mailbox which is another user's INBOX,
dsync didn't include the mailbox in syncing unless explicit naming is
enabled with "mail_shared_explicit_inbox" set to "yes".
- dsync: Shared namespaces were not synced with "-n" flag.
- dsync: Syncing shared INBOX failed if mail_attribute_dict was not set.
If a user has a shared mailbox that is another user's INBOX, dsync
failed to export the mailbox if mail attributes are disabled.
- fts-solr, fts-tika: Using both Solr FTS and Tika may have caused HTTP
requests to assert-crash: Panic: file http-client-request.c: line 1232
(http_client_request_send_more): assertion failed: (req->payload_input != NULL)
- fts-tika: 5xx errors returned by Tika server as indexing failures.
However, Tika can return 5xx for some attachments every time.
So the 5xx error should be retried once, but treated as success if it
happens on the retry as well. v2.3 regression.
- fts-tika: v2.3.11 regression: Indexing messages with fts-tika may have
resulted in Panic: file message-parser.c: line 802 (message_parser_deinit_from_parts):
assertion failed: (ctx->nested_parts_count == 0 || i_stream_have_bytes_left(ctx->input))
- imap: SETMETADATA could not be used to unset metadata values.
Instead NIL was handled as a "NIL" string. v2.3.14 regression.
- imap: IMAP BINARY FETCH crashes at least on empty base64 body:
Panic: file index-mail-binary.c: line 358 (blocks_count_lines):
assertion failed: (block_count == 0 || block_idx+1 == block_count)
- imap: If IMAP client using the NOTIFY command was disconnected while
sending FETCH notifications to the client, imap could crash with
Panic: Trying to close mailbox INBOX with open transactions.
- imap: Using IMAP COMPRESS extension can cause IMAP connection to hang
when IMAP commands are >8 kB long.
- imapc: If remote server sent BYE but didn't immediately disconnect, it
could cause infinite busy-loop.
- lib-index: Corrupted cache record size in dovecot.index.cache file
could have caused a crash (segfault) when accessing it.
- lib-oauth2: JWT token time validation now works correctly with
32-bit systems.
- lib-ssl-iostream: Checking hostnames against an SSL certificate was
case-sensitive.
- lib-storage: Corrupted mime.parts in dovecot.index.cache may have
resulted in Panic: file imap-bodystructure.c: line 206 (part_write_body):
assertion failed: (text == ((part->flags & MESSAGE_PART_FLAG_TEXT) != 0))
- lib-storage: Index rebuilding (e.g. via doveadm force-resync) didn't
preserve the "hdr-pop3-uidl" header. Because of this, the next pop3
session could have accessed all of the emails' metadata to read their
POP3 UIDL (opening dbox files).
- listescape: When using the listescape plugin and a shared namespace
the plugin didn't work properly anymore resulting in errors like:
"Invalid mailbox name: Name must not have '/' character."
- lmtp: Connection crashes if connection gets disconnected due to
multiple bad commands and the last bad command is BDAT.
- lmtp: The Dovecot-specific LMTP parameter XRCPTFORWARD was blindly
forwarded by LMTP proxy without checking that the backend has support.
This caused a command parameter error from the backend if it was
running an older Dovecot release. This could only occur in more complex
setups where the message was proxied twice; when the proxy generated
the XRCPTFORWARD parameter itself the problem did not occur, so this
only happened when it was forwarded.
- lmtp: The LMTP proxy crashes with a panic when the remote server
replies with an error while the mail is still being forwarded through
a DATA/BDAT command.
- lmtp: Username may have been missing from lmtp log line prefixes when
it was performing autoexpunging.
- master: Dovecot would incorrectly fail with haproxy 2.0.14 service
checks.
- master: Systemd service: Dovecot announces readiness for accepting
connections earlier than it should. The following environment variables
are now imported automatically and can be omitted from
import_environment setting: NOTIFY_SOCKET LISTEN_FDS LISTEN_PID.
- master: service { process_min_avail } was launching processes too
slowly when master was forking a lot of processes.
- util: Make the health-check.sh example script POSIX shell compatible.
Pullup ticket #6391 - requested by taca
mail/dovecot2: security fix
Revisions pulled up:
- mail/dovecot2-gssapi/Makefile 1.7
- mail/dovecot2-sqlite/Makefile 1.25
- mail/dovecot2/Makefile 1.106
- mail/dovecot2/Makefile.common 1.42
- mail/dovecot2/PLIST 1.71
- mail/dovecot2/buildlink3.mk 1.36
- mail/dovecot2/distinfo 1.107
- mail/dovecot2/patches/patch-src_auth_mech-gssapi.c deleted
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Jan 4 14:57:19 UTC 2021
Modified Files:
pkgsrc/mail/dovecot2: Makefile Makefile.common PLIST buildlink3.mk
distinfo
pkgsrc/mail/dovecot2-gssapi: Makefile
pkgsrc/mail/dovecot2-sqlite: Makefile
Removed Files:
pkgsrc/mail/dovecot2/patches: patch-src_auth_mech-gssapi.c
Log Message:
mail/dovecot2: update to 2.3.13
Update mail/dovecot2 pacakge to 2.3.13, including security fixes.
v2.3.13 2021-01-04 Aki Tuomi <aki.tuomi@open-xchange.com>
* CVE-2020-24386: Specially crafted command can cause IMAP hibernate to
allow logged in user to access other people's emails and filesystem
information.
* Metric filter and global event filter variable syntax changed to a
SQL-like format. See https://doc.dovecot.org/configuration_manual/event_filter/
* auth: Added new aliases for %{variables}. Usage of the old ones is
possible, but discouraged.
* auth: Removed RPA auth mechanism, SKEY auth mechanism, NTLM auth
mechanism and related password schemes.
* auth: Removed passdb-sia, passdb-vpopmail and userdb-vpopmail.
* auth: Removed postfix postmap socket
+ auth: Added new fields for auth server events. These fields are now
also available for all auth events. See
https://doc.dovecot.org/admin_manual/list_of_events/#authentication-server
for details.
+ imap-hibernate: Added imap_client_hibernated, imap_client_unhibernated
and imap_client_unhibernate_retried events. See
https://doc.dovecot.org/admin_manual/list_of_events/ for details.
+ lib-index: Added new mail_index_recreated event. See
https://doc.dovecot.org/admin_manual/list_of_events/#mail-index-recreated
+ lib-sql: Support TLS options for cassandra driver. This requires
cpp-driver v2.15 (or later) to work reliably.
+ lib-storage: Missing $HasAttachment / $HasNoAttachment flags are now
added to existing mails if mail_attachment_detection_option=add-flags
and it can be done inexpensively.
+ login proxy: Added login_proxy_max_reconnects setting (default 3) to
control how many reconnections are attempted.
+ login proxy: imap/pop3/submission/managesieve proxying now supports
reconnection retrying on more than just connect() failure. Any error
except a non-temporary authentication failure will result in reconnect
attempts.
- auth: Lua passdb/userdb leaks stack elements per call, eventually
causing the stack to become too deep and crashing the auth or
auth-worker process.
- auth: SASL authentication PLAIN mechanism could be used to trigger
read buffer overflow. However, this doesn't seem to be exploitable in
any way.
- auth: v2.3.11 regression: GSSAPI authentication fails because dovecot
disallows NUL bytes for it.
- dict: Process used too much CPU when iterating keys, because each key
used a separate write() syscall.
- doveadm-server: Crash could occur if logging was done outside command
handling. For example http-client could have done debug logging
afterwards, resulting in either segfault or
Panic: file http-client.c: line 642 (http_client_context_close):
assertion failed: (cctx->clients_list == NULL).
- doveadm-server: v2.3.11 regression: Trying to connect to doveadm server
process via starttls assert-crashed if there were no ssl=yes listeners:
Panic: file master-service-ssl.c: line 22 (master_service_ssl_init):
assertion failed: (service->ssl_ctx_initialized).
- fts-solr: HTTP requests may have assert-crashed:
Panic: file http-client-request.c: line 1232 (http_client_request_send_more):
assertion failed: (req->payload_input != NULL)
- imap: IMAP NOTIFY could crash with a segmentation fault due to a bad
configuration that causes errors. Sending the error responses to the
client can cause the segmentation fault. This can for example happen
when several namespaces use the same mail storage location.
- imap: IMAP NOTIFY used on a shared namespace that doesn't actually
exist (e.g. public namespace for a nonexistent user) can crash with a panic:
Panic: Leaked view for index /tmp/home/asdf/mdbox/dovecot.list.index: Opened in (null):0
- imap: IMAP session can crash with QRESYNC extension if many changes
are done before asking for expunged mails since last sync.
- imap: Process might hang indefinitely if client disconnects after
sending some long-running commands pipelined, for example FETCH+LOGOUT.
- lib-compress: Mitigate crashes when configuring a not compiled in
compression. Errors with compression configuration now distinguish
between not supported and unknown.
- lib-compression: Using xz/lzma compression in v2.3.11 could have
written truncated output in some situations. This would result in
"Broken pipe" read errors when trying to read it back.
- lib-compression: zstd compression could have crashed in some situations:
Panic: file ostream.c: line 287 (o_stream_sendv_int): assertion failed: (!stream->blocking)
- lib-dict: dict client could have crashed in some rare situations when
iterating keys.
- lib-http: Fix several assert-crashes in HTTP client.
- lib-index: v2.3.11 regression: When mails were expunged at the same
time as lots of new content was being saved to the cache (e.g. cache
file was lost and is being re-filled) a deadlock could occur with
dovecot.index.cache / dovecot.index.log.
- lib-index: v2.3.11 regression: dovecot.index.cache file was being
purged (rewritten) too often when it had a field that hadn't been
accessed for over 1 month, but less than 2 months. Every cache file
change caused a purging in this situation.
- lib-mail: MIME parts were not returned correctly by Dovecot MIME parser.
Regression caused by fixing CVE-2020-12100.
- lib-mail: When max nested MIME parts were reached, IMAP BODYSTRUCTURE
was written in a way that may have caused confusion for both IMAP
clients and Dovecot itself when parsing it. The truncated part is now
written out using application/octet-stream MIME type.
- lib-mail: v2.3.11 regression: Mail delivery / parsing crashed when the
10000th MIME part was message/rfc822 (or if parent was multipart/digest):
Panic: file message-parser.c: line 167 (message_part_append):
assertion failed: (ctx->total_parts_count <= ctx->max_total_mime_parts).
- lib-oauth2: Dovecot incorrectly required oauth2 server introspection
reply to contain username with invalid token.
- lib-ssl-iostream, lib-dcrypt: Fix building with OpenSSL that has
deprecated APIs disabled.
- lib-storage: When mail's size is different from the cached one (in
dovecot.index.cache or Maildir S=size in the filename), this is
handled by logging "Cached message size smaller/larger than expected"
error. However, in some situations this also ended up crashing with:
Panic: file istream.c: line 315 (i_stream_read_memarea):
assertion failed: (old_size <= _stream->pos - _stream->skip).
- lib-storage: v2.3 regression: Copying/moving mails was taking much more
memory than before. This was mainly visible when copying/moving
thousands of mails in a single transaction.
- lib-storage: v2.3.11 regression: Searching messages assert-crashed
(without FTS): Panic: file message-parser.c: line 174 (message_part_finish):
assertion failed: (ctx->nested_parts_count > 0).
- lib: Dovecot v2.3 moved signal handlers around in ioloops,
causing more CPU usage than in v2.2.
- lib: Fixed JSON parsing: '\' escape sequence may have wrongly resulted
in error if it happened to be at read boundary. Any NUL characters and
'\u0000' will now result in parsing error instead of silently
truncating the data.
- lmtp, submission: Server may hang if SSL client connection disconnects
during the delivery. If this happened repeated, it could have ended
up reaching process_limit and preventing any further lmtp/submission
deliveries.
- lmtp: Proxy does not always properly log TLS connection problems as
errors; in some cases, only a debug message is logged if enabled.
- lmtp: The LMTP service can hang when commands are pipelined. This can
particularly occur when one command in the middle of the pipeline fails.
One example of this occurs for proxied LMTP transactions in which the
final DATA or BDAT command is pipelined after a failing RCPT command.
- login-proxy: The login_source_ips setting has no effect, and therefore
the proxy source IPs are not cycled through as they should be.
- master: Process was using 100% CPU in some situations when a broken
service was being throttled.
- pop3-login: POP3 login would fail with "Input buffer full" if the
initial response for SASL was too long.
- stats: Crash would occur when generating openmetrics data for metrics
using aggregating functions.
mail/dovecot2: update to 2.3.13
Update mail/dovecot2 pacakge to 2.3.13, including security fixes.
v2.3.13 2021-01-04 Aki Tuomi <aki.tuomi@open-xchange.com>
* CVE-2020-24386: Specially crafted command can cause IMAP hibernate to
allow logged in user to access other people's emails and filesystem
information.
* Metric filter and global event filter variable syntax changed to a
SQL-like format. See https://doc.dovecot.org/configuration_manual/event_filter/
* auth: Added new aliases for %{variables}. Usage of the old ones is
possible, but discouraged.
* auth: Removed RPA auth mechanism, SKEY auth mechanism, NTLM auth
mechanism and related password schemes.
* auth: Removed passdb-sia, passdb-vpopmail and userdb-vpopmail.
* auth: Removed postfix postmap socket
+ auth: Added new fields for auth server events. These fields are now
also available for all auth events. See
https://doc.dovecot.org/admin_manual/list_of_events/#authentication-server
for details.
+ imap-hibernate: Added imap_client_hibernated, imap_client_unhibernated
and imap_client_unhibernate_retried events. See
https://doc.dovecot.org/admin_manual/list_of_events/ for details.
+ lib-index: Added new mail_index_recreated event. See
https://doc.dovecot.org/admin_manual/list_of_events/#mail-index-recreated
+ lib-sql: Support TLS options for cassandra driver. This requires
cpp-driver v2.15 (or later) to work reliably.
+ lib-storage: Missing $HasAttachment / $HasNoAttachment flags are now
added to existing mails if mail_attachment_detection_option=add-flags
and it can be done inexpensively.
+ login proxy: Added login_proxy_max_reconnects setting (default 3) to
control how many reconnections are attempted.
+ login proxy: imap/pop3/submission/managesieve proxying now supports
reconnection retrying on more than just connect() failure. Any error
except a non-temporary authentication failure will result in reconnect
attempts.
- auth: Lua passdb/userdb leaks stack elements per call, eventually
causing the stack to become too deep and crashing the auth or
auth-worker process.
- auth: SASL authentication PLAIN mechanism could be used to trigger
read buffer overflow. However, this doesn't seem to be exploitable in
any way.
- auth: v2.3.11 regression: GSSAPI authentication fails because dovecot
disallows NUL bytes for it.
- dict: Process used too much CPU when iterating keys, because each key
used a separate write() syscall.
- doveadm-server: Crash could occur if logging was done outside command
handling. For example http-client could have done debug logging
afterwards, resulting in either segfault or
Panic: file http-client.c: line 642 (http_client_context_close):
assertion failed: (cctx->clients_list == NULL).
- doveadm-server: v2.3.11 regression: Trying to connect to doveadm server
process via starttls assert-crashed if there were no ssl=yes listeners:
Panic: file master-service-ssl.c: line 22 (master_service_ssl_init):
assertion failed: (service->ssl_ctx_initialized).
- fts-solr: HTTP requests may have assert-crashed:
Panic: file http-client-request.c: line 1232 (http_client_request_send_more):
assertion failed: (req->payload_input != NULL)
- imap: IMAP NOTIFY could crash with a segmentation fault due to a bad
configuration that causes errors. Sending the error responses to the
client can cause the segmentation fault. This can for example happen
when several namespaces use the same mail storage location.
- imap: IMAP NOTIFY used on a shared namespace that doesn't actually
exist (e.g. public namespace for a nonexistent user) can crash with a panic:
Panic: Leaked view for index /tmp/home/asdf/mdbox/dovecot.list.index: Opened in (null):0
- imap: IMAP session can crash with QRESYNC extension if many changes
are done before asking for expunged mails since last sync.
- imap: Process might hang indefinitely if client disconnects after
sending some long-running commands pipelined, for example FETCH+LOGOUT.
- lib-compress: Mitigate crashes when configuring a not compiled in
compression. Errors with compression configuration now distinguish
between not supported and unknown.
- lib-compression: Using xz/lzma compression in v2.3.11 could have
written truncated output in some situations. This would result in
"Broken pipe" read errors when trying to read it back.
- lib-compression: zstd compression could have crashed in some situations:
Panic: file ostream.c: line 287 (o_stream_sendv_int): assertion failed: (!stream->blocking)
- lib-dict: dict client could have crashed in some rare situations when
iterating keys.
- lib-http: Fix several assert-crashes in HTTP client.
- lib-index: v2.3.11 regression: When mails were expunged at the same
time as lots of new content was being saved to the cache (e.g. cache
file was lost and is being re-filled) a deadlock could occur with
dovecot.index.cache / dovecot.index.log.
- lib-index: v2.3.11 regression: dovecot.index.cache file was being
purged (rewritten) too often when it had a field that hadn't been
accessed for over 1 month, but less than 2 months. Every cache file
change caused a purging in this situation.
- lib-mail: MIME parts were not returned correctly by Dovecot MIME parser.
Regression caused by fixing CVE-2020-12100.
- lib-mail: When max nested MIME parts were reached, IMAP BODYSTRUCTURE
was written in a way that may have caused confusion for both IMAP
clients and Dovecot itself when parsing it. The truncated part is now
written out using application/octet-stream MIME type.
- lib-mail: v2.3.11 regression: Mail delivery / parsing crashed when the
10000th MIME part was message/rfc822 (or if parent was multipart/digest):
Panic: file message-parser.c: line 167 (message_part_append):
assertion failed: (ctx->total_parts_count <= ctx->max_total_mime_parts).
- lib-oauth2: Dovecot incorrectly required oauth2 server introspection
reply to contain username with invalid token.
- lib-ssl-iostream, lib-dcrypt: Fix building with OpenSSL that has
deprecated APIs disabled.
- lib-storage: When mail's size is different from the cached one (in
dovecot.index.cache or Maildir S=size in the filename), this is
handled by logging "Cached message size smaller/larger than expected"
error. However, in some situations this also ended up crashing with:
Panic: file istream.c: line 315 (i_stream_read_memarea):
assertion failed: (old_size <= _stream->pos - _stream->skip).
- lib-storage: v2.3 regression: Copying/moving mails was taking much more
memory than before. This was mainly visible when copying/moving
thousands of mails in a single transaction.
- lib-storage: v2.3.11 regression: Searching messages assert-crashed
(without FTS): Panic: file message-parser.c: line 174 (message_part_finish):
assertion failed: (ctx->nested_parts_count > 0).
- lib: Dovecot v2.3 moved signal handlers around in ioloops,
causing more CPU usage than in v2.2.
- lib: Fixed JSON parsing: '\' escape sequence may have wrongly resulted
in error if it happened to be at read boundary. Any NUL characters and
'\u0000' will now result in parsing error instead of silently
truncating the data.
- lmtp, submission: Server may hang if SSL client connection disconnects
during the delivery. If this happened repeated, it could have ended
up reaching process_limit and preventing any further lmtp/submission
deliveries.
- lmtp: Proxy does not always properly log TLS connection problems as
errors; in some cases, only a debug message is logged if enabled.
- lmtp: The LMTP service can hang when commands are pipelined. This can
particularly occur when one command in the middle of the pipeline fails.
One example of this occurs for proxied LMTP transactions in which the
final DATA or BDAT command is pipelined after a failing RCPT command.
- login-proxy: The login_source_ips setting has no effect, and therefore
the proxy source IPs are not cycled through as they should be.
- master: Process was using 100% CPU in some situations when a broken
service was being throttled.
- pop3-login: POP3 login would fail with "Input buffer full" if the
initial response for SASL was too long.
- stats: Crash would occur when generating openmetrics data for metrics
using aggregating functions.
Revbump for openpam cppflags change months ago, belatedly.
Pullup ticket #6303 - requested by taca
mail/dovecot2: security fix
Revisions pulled up:
- mail/dovecot2-sqlite/Makefile 1.23
- mail/dovecot2/Makefile.common 1.41
- mail/dovecot2/PLIST 1.70
- mail/dovecot2/buildlink3.mk 1.34
- mail/dovecot2/distinfo 1.105
---
Module Name: pkgsrc
Committed By: taca
Date: Wed Aug 12 15:54:38 UTC 2020
Modified Files:
pkgsrc/mail/dovecot2: Makefile.common PLIST buildlink3.mk distinfo
pkgsrc/mail/dovecot2-sqlite: Makefile
Log Message:
mail/dovocot2: update to 2.3.11.3
Update dovecot2 and related packages to 2.3.11.3.
v2.3.11.3 2020-07-29 Aki Tuomi <aki.tuomi@open-xchange.com>
- pop3-login: Login didn't handle commands in multiple IP packets properly.
This mainly affected large XCLIENT commands or a large SASL initial
response parameter in the AUTH command.
- pop3: pop3_deleted_flag setting was broken, causing:
Panic: file seq-range-array.c: line 472 (seq_range_array_invert):
assertion failed: (range[count-1].seq2 <= max_seq)
v2.3.11.2 2020-07-13 Aki Tuomi <aki.tuomi@open-xchange.com>
- auth: Lua passdb/userdb leaks stack elements per call, eventually
causing the stack to become too deep and crashing the auth or
auth-worker process.
- lib-mail: v2.3.11 regression: MIME parts not returned correctly by
Dovecot MIME parser.
- pop3-login: Login would fail with "Input buffer full" if the initial
response for SASL was too long.
v2.3.11 2020-06-17 Aki Tuomi <aki.tuomi@open-xchange.com>
* CVE-2020-12100: Parsing mails with a large number of MIME parts could
have resulted in excessive CPU usage or a crash due to running out of
stack memory.
* CVE-2020-12673: Dovecot's NTLM implementation does not correctly check
message buffer size, which leads to reading past allocation which can
lead to crash.
* CVE-2020-12674: Dovecot's RPA mechanism implementation accepts
zero-length message, which leads to assert-crash later on.
* Events: Fix inconsistency in events. See event documentation in
https://doc.dovecot.org.
* imap_command_finished event's cmd_name field now contains "unknown"
for unknown commands. A new "cmd_input_name" field contains the
command name exactly as it was sent.
* lib-index: Renamed mail_cache_compress_* settings to mail_cache_purge_*.
Note that these settings are mainly intended for testing and usually
shouldn't be changed.
* events: Renamed "index" event category to "mail-index".
* events: service:<name> category is now using the name from
configuration file.
* dns-client: service dns_client was renamed to dns-client.
* log: Prefixes generally use the service name from configuration file.
For example dict-async service will now use
"dict-async(pid): " log prefix instead of "dict(pid): "
* *-login: Changed logging done by proxying to use a consistent prefix
containing the IP address and port.
* *-login: Changed disconnection log messages to be slightly clearer.
+ dict: Add events for dictionaries.
+ lib-index: Finish logging with events.
+ oauth2: Support local validation of JWT tokens.
+ stats: Add support for dynamic histograms and grouping. See
https://doc.dovecot.org/configuration_manual/stats/.
+ imap: Implement RFC 8514: IMAP SAVEDATE
+ lib-index: If a long-running transaction (e.g. SORT/FETCH on a huge
folder) adds a lot of data to dovecot.index.cache file, commit those
changes periodically to make them visible to other concurrent sessions
as well.
+ stats: Add OpenMetrics exporter for statistics. See
https://doc.dovecot.org/configuration_manual/stats/openmetrics/.
+ stats: Support disabling stats-writer socket by setting
stats_writer_socket_path="".
- auth-worker: Process keeps slowly increasing its memory usage and
eventually dies with "out of memory" due to reaching vsz_limit.
- auth: Prevent potential timing attacks in authentication secret
comparisons: OAUTH2 JWT-token HMAC, imap-urlauth token, crypt() result.
- auth: Several auth-mechanisms allowed input to be truncated by NUL
which can potentially lead to unintentional issues or even successful
logins which should have failed.
- auth: When auth policy returned a delay, auth_request_finished event
had policy_result=ok field instead of policy_result=delayed.
- auth: auth process crash when auth_policy_server_url is set to an
invalid URL.
- dict-ldap: Crash occurs if var_expand template expansion fails.
- dict: If dict client disconnected while iteration was still running,
dict process could have started using 100% CPU, although it was still
handling clients.
- doveadm: Running doveadm commands via proxying may hang, especially
when doveadm is printing a lot of output.
- imap: "MOVE * destfolder" goes to a loop copying the last mail to the
destination until the imap process dies due to running out of memory.
- imap: Running "UID MOVE 1:* Trash" on an empty folder goes to infinite
loop.
- imap: SEARCH doesn't support $.
- lib-compress: Buffer over-read in zlib stream read.
- lib-dns: If DNS lookup times out, lib-dns can cause crash in calling
process.
- lib-index: Fixed several bugs in dovecot.index.cache handling that
could have caused cached data to be lost.
- lib-index: Writing to >=1 GB dovecot.index.cache files may cause
assert-crashes:
Panic: file mail-index-util.c: line 37 (mail_index_uint32_to_offset):
assertion failed: (offset < 0x40000000)
- lib-ssl-iostream: Fix buggy OpenSSL error handling without
assert-crashing. If there is no error available, log it as an error
instead of crashing:
Panic: file iostream-openssl.c: line 599 (openssl_iostream_handle_error):
assertion failed: (errno != 0)
- lib-ssl-iostream: ssl_key_password setting did not work.
- submission: A segfault crash may occur when the client or server
disconnects while a non-transaction command like NOOP or VRFY is still
being processed.
- virtual: Copying/moving mails with IMAP into a virtual folder assert-crashes:
Panic: file cmd-copy.c: line 152 (fetch_and_copy): assertion failed:
(copy_ctx->copy_count == seq_range_count(©_ctx->saved_uids))
mail/dovocot2: update to 2.3.11.3 Update dovecot2 and related packages to 2.3.11.3. v2.3.11.3 2020-07-29 Aki Tuomi <aki.tuomi@open-xchange.com> - pop3-login: Login didn't handle commands in multiple IP packets properly. This mainly affected large XCLIENT commands or a large SASL initial response parameter in the AUTH command. - pop3: pop3_deleted_flag setting was broken, causing: Panic: file seq-range-array.c: line 472 (seq_range_array_invert): assertion failed: (range[count-1].seq2 <= max_seq) v2.3.11.2 2020-07-13 Aki Tuomi <aki.tuomi@open-xchange.com> - auth: Lua passdb/userdb leaks stack elements per call, eventually causing the stack to become too deep and crashing the auth or auth-worker process. - lib-mail: v2.3.11 regression: MIME parts not returned correctly by Dovecot MIME parser. - pop3-login: Login would fail with "Input buffer full" if the initial response for SASL was too long. v2.3.11 2020-06-17 Aki Tuomi <aki.tuomi@open-xchange.com> * CVE-2020-12100: Parsing mails with a large number of MIME parts could have resulted in excessive CPU usage or a crash due to running out of stack memory. * CVE-2020-12673: Dovecot's NTLM implementation does not correctly check message buffer size, which leads to reading past allocation which can lead to crash. * CVE-2020-12674: Dovecot's RPA mechanism implementation accepts zero-length message, which leads to assert-crash later on. * Events: Fix inconsistency in events. See event documentation in https://doc.dovecot.org. * imap_command_finished event's cmd_name field now contains "unknown" for unknown commands. A new "cmd_input_name" field contains the command name exactly as it was sent. * lib-index: Renamed mail_cache_compress_* settings to mail_cache_purge_*. Note that these settings are mainly intended for testing and usually shouldn't be changed. * events: Renamed "index" event category to "mail-index". * events: service:<name> category is now using the name from configuration file. * dns-client: service dns_client was renamed to dns-client. * log: Prefixes generally use the service name from configuration file. For example dict-async service will now use "dict-async(pid): " log prefix instead of "dict(pid): " * *-login: Changed logging done by proxying to use a consistent prefix containing the IP address and port. * *-login: Changed disconnection log messages to be slightly clearer. + dict: Add events for dictionaries. + lib-index: Finish logging with events. + oauth2: Support local validation of JWT tokens. + stats: Add support for dynamic histograms and grouping. See https://doc.dovecot.org/configuration_manual/stats/. + imap: Implement RFC 8514: IMAP SAVEDATE + lib-index: If a long-running transaction (e.g. SORT/FETCH on a huge folder) adds a lot of data to dovecot.index.cache file, commit those changes periodically to make them visible to other concurrent sessions as well. + stats: Add OpenMetrics exporter for statistics. See https://doc.dovecot.org/configuration_manual/stats/openmetrics/. + stats: Support disabling stats-writer socket by setting stats_writer_socket_path="". - auth-worker: Process keeps slowly increasing its memory usage and eventually dies with "out of memory" due to reaching vsz_limit. - auth: Prevent potential timing attacks in authentication secret comparisons: OAUTH2 JWT-token HMAC, imap-urlauth token, crypt() result. - auth: Several auth-mechanisms allowed input to be truncated by NUL which can potentially lead to unintentional issues or even successful logins which should have failed. - auth: When auth policy returned a delay, auth_request_finished event had policy_result=ok field instead of policy_result=delayed. - auth: auth process crash when auth_policy_server_url is set to an invalid URL. - dict-ldap: Crash occurs if var_expand template expansion fails. - dict: If dict client disconnected while iteration was still running, dict process could have started using 100% CPU, although it was still handling clients. - doveadm: Running doveadm commands via proxying may hang, especially when doveadm is printing a lot of output. - imap: "MOVE * destfolder" goes to a loop copying the last mail to the destination until the imap process dies due to running out of memory. - imap: Running "UID MOVE 1:* Trash" on an empty folder goes to infinite loop. - imap: SEARCH doesn't support $. - lib-compress: Buffer over-read in zlib stream read. - lib-dns: If DNS lookup times out, lib-dns can cause crash in calling process. - lib-index: Fixed several bugs in dovecot.index.cache handling that could have caused cached data to be lost. - lib-index: Writing to >=1 GB dovecot.index.cache files may cause assert-crashes: Panic: file mail-index-util.c: line 37 (mail_index_uint32_to_offset): assertion failed: (offset < 0x40000000) - lib-ssl-iostream: Fix buggy OpenSSL error handling without assert-crashing. If there is no error available, log it as an error instead of crashing: Panic: file iostream-openssl.c: line 599 (openssl_iostream_handle_error): assertion failed: (errno != 0) - lib-ssl-iostream: ssl_key_password setting did not work. - submission: A segfault crash may occur when the client or server disconnects while a non-transaction command like NOOP or VRFY is still being processed. - virtual: Copying/moving mails with IMAP into a virtual folder assert-crashes: Panic: file cmd-copy.c: line 152 (fetch_and_copy): assertion failed: (copy_ctx->copy_count == seq_range_count(©_ctx->saved_uids))
Pullup ticket #6136 - requested by taca mail/dovecot2: security fix Revisions pulled up: - mail/dovecot2-ldap/Makefile 1.5-1.6 - mail/dovecot2-pigeonhole/Makefile 1.55 - mail/dovecot2/Makefile 1.102-1.103 - mail/dovecot2/Makefile.common 1.38 - mail/dovecot2/buildlink3.mk 1.33 - mail/dovecot2/distinfo 1.102 --- Module Name: pkgsrc Committed By: jperkin Date: Sat Jan 18 21:51:16 UTC 2020 Modified Files: pkgsrc/mail/dovecot2: Makefile buildlink3.mk pkgsrc/mail/dovecot2-ldap: Makefile pkgsrc/mail/dovecot2-pigeonhole: Makefile Log Message: *: Recursive revision bump for openssl 1.1.1. --- Module Name: pkgsrc Committed By: taca Date: Wed Feb 12 14:01:59 UTC 2020 Modified Files: pkgsrc/mail/dovecot2: Makefile Makefile.common distinfo pkgsrc/mail/dovecot2-ldap: Makefile Log Message: mail/dovecot2: update to 2.3.9.3 Update dovecot2 to 2.3.9.3, security release. v2.3.9.3 2019-02-12 Aki Tuomi <aki.tuomi@open-xchange.com> * CVE-2020-7046: Truncated UTF-8 can be used to DoS submission-login and lmtp processes. * CVE-2020-7957: Specially crafted mail can crash snippet generation.
*: Recursive revision bump for openssl 1.1.1.
Pullup ticket #6041 - requested by taca
mail/dovecot2: security fix
Revisions pulled up:
- mail/dovecot2/Makefile 1.98-1.100
- mail/dovecot2/Makefile.common 1.30-1.33
- mail/dovecot2/PLIST 1.66
- mail/dovecot2/buildlink3.mk 1.31-1.32
- mail/dovecot2/distinfo 1.93-1.97
- mail/dovecot2/options.mk 1.12
- mail/dovecot2/patches/patch-aa 1.7
- mail/dovecot2/patches/patch-src_lib_ostream-file.c deleted
---
Module Name: pkgsrc
Committed By: triaxx
Date: Wed Jul 3 05:51:54 UTC 2019
Modified Files:
pkgsrc/mail/dovecot2: options.mk
Log Message:
dovecot2: remove gnutls option that is currently broken
Fix PR pkg/54337
---
Module Name: pkgsrc
Committed By: triaxx
Date: Wed Jul 3 06:09:22 UTC 2019
Modified Files:
pkgsrc/mail/dovecot2: Makefile Makefile.common buildlink3.mk distinfo
pkgsrc/mail/dovecot2/patches: patch-aa
Log Message:
dovecot2: update blk3 to follow gnutls disabling
Do not bump revision since binary cannot be altered
pkgsrc changes:
---------------
* make blk3 conform to options.mk
* move BUILD_DEFS (pkglint WARN--)
* comment an explicit patch (pkglint ERROR--)
---
Module Name: pkgsrc
Committed By: taca
Date: Thu Jul 18 13:38:18 UTC 2019
Modified Files:
pkgsrc/mail/dovecot2: Makefile.common PLIST buildlink3.mk distinfo
Log Message:
mail/dovecot2:
Update dovecot2 to 2.3.7.
Changes
-------
* fts-solr: Removed break-imap-search parameter
+ Added more events for the new statistics, see
https://doc.dovecot.org/admin_manual/list_of_events/
+ mail-lua: Add IMAP metadata accessors, see
https://doc.dovecot.org/admin_manual/lua/
+ Add event exporters that allow exporting raw events to log files and
external systems, see
https://doc.dovecot.org/configuration_manual/event_export/
+ SNIPPET is now PREVIEW and size has been increased to 200 characters.
+ Add body option to fts_enforced. This triggers building FTS index only
on body search, and an error using FTS index fails the search rather
than reads through all the mails.
- Submission/LMTP: Fixed crash when domain argument is invalid in a
second EHLO/LHLO command.
- Copying/moving mails using Maildir format loses IMAP keywords in the
destination if the mail also has no system flags.
- mail_attachment_detection_options=3Dadd-flags-on-save caused email body
to be unnecessarily opened when FETCHing mail headers that were
already cached.
- mail attachment detection keywords not saved with maildir.
- dovecot.index.cache may have grown excessively large in some
situations. This happened especially when using autoexpunging with
lazy_expunge folders. Also with mdbox format in general the cache file
wasn't recreated as often as it should have.
- Autoexpunged mails weren't immediately deleted from the disk. Instead,
the deletion from disk happened the next time the folder was opened.
This could have caused unnecessary delays if the opening was done by
an interactive IMAP session.
- Dovecot's TCP connections sometimes add extra 40ms latency due to not
enabling TCP_NODELAY. HTTP and SMTP/LMTP connections weren't
affected, but everything else was. This delay wasn't always visible -
only in some situations with some message/packet sizes.
- imapc: Fix various crash conditions
- Dovecot builds were not always reproducible.
- login-proxy: With shutdown_clients=3Dno after config reload the
existing connections could no longer be listed or kicked with doveadm.
- "doveadm proxy kick" with -f parameter caused a crash in some
situations.
- Auth policy can cause segmentation fault crash during auth process
shutdown if all auth requests have not been finished.
- Fix various minor bugs leading into incorrect behaviour in mailbox
list index handling. These rarely caused noticeable problems.
- LDAP auth: Iteration accesses freed memory, possibly crashing
auth-worker
- local_name { .. } filter in dovecot.conf does not correctly support
multiple names and wildcards were matched incorrectly.
- replicator: dsync assert-crashes if it can't connect to remote TCP
server.
- config: Memory leak in config process when ssl_dh setting wasn't
set and there was no ssl-parameters.dat file.
This caused config process to die once in a while
with "out of memory".
---
Module Name: pkgsrc
Committed By: hauke
Date: Fri Jul 19 15:13:31 UTC 2019
Modified Files:
pkgsrc/mail/dovecot2: Makefile distinfo
Added Files:
pkgsrc/mail/dovecot2/patches: patch-src_lib_ostream-file.c
Log Message:
Silence Error: file_ostream.net_set_tcp_nodelay(, TRUE) failed
Patch from upstream -head via FreeBSD
<https://svnweb.freebsd.org/ports/head/mail/dovecot/files/patch-src_lib_ostream-file.c?view=markup&pathrev=506487>
<https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=239172>
---
Module Name: pkgsrc
Committed By: taca
Date: Tue Jul 23 15:11:24 UTC 2019
Modified Files:
pkgsrc/mail/dovecot2: Makefile Makefile.common distinfo
Removed Files:
pkgsrc/mail/dovecot2/patches: patch-src_lib_ostream-file.c
Log Message:
mail/dovecot2: update to 2.3.7.1
v2.3.7.1 2019-07-23 Timo Sirainen <timo.sirainen@open-xchange.com>
- Fix TCP_NODELAY errors being logged on non-Linux OSes
- lmtp proxy: Fix assert-crash when client uses BODY=8BITMIME
- Remove wrongly added checks in namespace prefix checking
---
Module Name: pkgsrc
Committed By: taca
Date: Thu Aug 29 01:05:20 UTC 2019
Modified Files:
pkgsrc/mail/dovecot2: Makefile.common distinfo
Log Message:
mail/dovecot2: update to 2.3.7.2
Update dovecot2 and related packages to 2.3.7.2.
Changes
-------
* CVE-2019-11500: IMAP protocol parser does not properly handle NUL byte
when scanning data in quoted strings, leading to out of bounds heap
memory writes. Found by Nick Roessler and Rafi Rubin.
mail/dovecot2:
Update dovecot2 to 2.3.7.
Changes
-------
* fts-solr: Removed break-imap-search parameter
+ Added more events for the new statistics, see
https://doc.dovecot.org/admin_manual/list_of_events/
+ mail-lua: Add IMAP metadata accessors, see
https://doc.dovecot.org/admin_manual/lua/
+ Add event exporters that allow exporting raw events to log files and
external systems, see
https://doc.dovecot.org/configuration_manual/event_export/
+ SNIPPET is now PREVIEW and size has been increased to 200 characters.
+ Add body option to fts_enforced. This triggers building FTS index only
on body search, and an error using FTS index fails the search rather
than reads through all the mails.
- Submission/LMTP: Fixed crash when domain argument is invalid in a
second EHLO/LHLO command.
- Copying/moving mails using Maildir format loses IMAP keywords in the
destination if the mail also has no system flags.
- mail_attachment_detection_options=add-flags-on-save caused email body
to be unnecessarily opened when FETCHing mail headers that were
already cached.
- mail attachment detection keywords not saved with maildir.
- dovecot.index.cache may have grown excessively large in some
situations. This happened especially when using autoexpunging with
lazy_expunge folders. Also with mdbox format in general the cache file
wasn't recreated as often as it should have.
- Autoexpunged mails weren't immediately deleted from the disk. Instead,
the deletion from disk happened the next time the folder was opened.
This could have caused unnecessary delays if the opening was done by
an interactive IMAP session.
- Dovecot's TCP connections sometimes add extra 40ms latency due to not
enabling TCP_NODELAY. HTTP and SMTP/LMTP connections weren't
affected, but everything else was. This delay wasn't always visible -
only in some situations with some message/packet sizes.
- imapc: Fix various crash conditions
- Dovecot builds were not always reproducible.
- login-proxy: With shutdown_clients=no after config reload the
existing connections could no longer be listed or kicked with doveadm.
- "doveadm proxy kick" with -f parameter caused a crash in some
situations.
- Auth policy can cause segmentation fault crash during auth process
shutdown if all auth requests have not been finished.
- Fix various minor bugs leading into incorrect behaviour in mailbox
list index handling. These rarely caused noticeable problems.
- LDAP auth: Iteration accesses freed memory, possibly crashing
auth-worker
- local_name { .. } filter in dovecot.conf does not correctly support
multiple names and wildcards were matched incorrectly.
- replicator: dsync assert-crashes if it can't connect to remote TCP
server.
- config: Memory leak in config process when ssl_dh setting wasn't
set and there was no ssl-parameters.dat file.
This caused config process to die once in a while
with "out of memory".
dovecot2: update blk3 to follow gnutls disabling Do not bump revision since binary cannot be altered pkgsrc changes: --------------- * make blk3 conform to options.mk * move BUILD_DEFS (pkglint WARN--) * comment an explicit patch (pkglint ERROR--)
Bump version after pkg update.
dovecot2: updated to 2.3.4 2.3.4: * The default postmaster_address is now "postmaster@<user domain or server hostname>". If username contains the @domain part, that's used. If not, then the server's hostname is used. * "doveadm stats dump" now returns two decimals for the "avg" field. + Added push notification driver that uses a Lua script + Added new SQL, DNS and connection events. See https://wiki2.dovecot.org/Events + Added "doveadm mailbox cache purge" command. + Added events API support for Lua scripts + doveadm force-resync -f parameter performs "index fsck" while opening the index. This may be useful to fix some types of broken index files. This may become the default behavior in a later version. - director: Kicking a user crashes if login process is very slow - pop3_no_flag_updates=no: Don't expunge DELEted and RETRed messages unless QUIT is sent. - auth: Fix crypt() segfault with glibc-2.28+ - imap: Running UID FILTER script with errors assert-crashes - dsync, pop3-migration: POP3 UIDLs weren't added to dovecot.index.cache while mails were saved. - dict clients may have been using 100% CPU while waiting for dict server to finish commands. - doveadm user: Fixed user listing via HTTP API - All levels of Cassandra log messages were logged as Dovecot errors. - http/smtp client may have crashed after SSL handshake - Lua auth converted strings that looked like numbers into numbers.
dovecot2: update to 2.3.1
Changes:
* Submission server support improvements and bug fixes
- Lots of bug fixes to submission server
* API CHANGE: array_idx_modifiable will no longer allocate space
- Particularly affects how you should check MODULE_CONTEXT result, or use REQUIRE_MODULE_CONTEXT.
+ mail_attachment_detection_options setting controls when
$HasAttachment and $HasNoAttachment keywords are set for mails.
+ imap: Support fetching body snippets using FETCH (SNIPPET) or
(SNIPPET (LAZY=FUZZY))
+ fs-compress: Automatically detect whether input is compressed or not.
Prefix the compression algorithm with "maybe-" to enable the
detection, for example: "compress:maybe-gz:6:..."
+ Added settings to change dovecot.index* files' optimization behavior.
See https://wiki2.dovecot.org/IndexFiles#Settings
+ Auth cache can now utilize auth workers to do password hash
verification by setting auth_cache_verify_password_with_worker=yes.
+ Added charset_alias plugin. See
https://wiki2.dovecot.org/Plugins/CharsetAlias
+ imap_logout_format and pop3_logout_format settings now support all of the generic variables (e.g. %{rip}, %{session}, etc.)
Add p11-kit to gnutls/bl3.mk and bump dependencies.
Pullup ticket #5713 - requested by taca
mail/dovecot2-ldap: security update
mail/dovecot2-sqlite: security update
mail/dovecot2: security update
Revisions pulled up:
- mail/dovecot2-ldap/Makefile 1.2
- mail/dovecot2-sqlite/Makefile 1.10
- mail/dovecot2/Makefile.common 1.16-1.18
- mail/dovecot2/PLIST 1.58-1.59
- mail/dovecot2/buildlink3.mk 1.26
- mail/dovecot2/distinfo 1.80-1.82
- mail/dovecot2/patches/patch-ab 1.5
- mail/dovecot2/patches/patch-ae 1.2
- mail/dovecot2/patches/patch-src_old-stats_mail-stats.h 1.1
- mail/dovecot2/patches/patch-src_plugins_quota_quota-fs.c deleted
- mail/dovecot2/patches/patch-src_stats_mail-stats.h deleted
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: fhajny
Date: Tue Jan 2 15:52:44 UTC 2018
Modified Files:
pkgsrc/mail/dovecot2: Makefile.common PLIST distinfo
pkgsrc/mail/dovecot2-ldap: Makefile
pkgsrc/mail/dovecot2-sqlite: Makefile
pkgsrc/mail/dovecot2/patches: patch-ab patch-ae
patch-src_plugins_quota_quota-fs.c
Added Files:
pkgsrc/mail/dovecot2/patches: patch-src_old-stats_mail-stats.h
Removed Files:
pkgsrc/mail/dovecot2/patches: patch-src_stats_mail-stats.h
Log Message:
Update mail/dovecot2* to 2.3.0.
Some of the larger changes:
* Various setting changes, see https://wiki2.dovecot.org/Upgrading/2.3
* Logging rewrite started: Logging is now based on hierarchical events.
This makes it possible to do various things, like: 1) giving
consistent log prefixes, 2) enabling debug logging with finer
granularity, 3) provide logs in more machine readable formats
(e.g. json). Everything isn't finished yet, especially a lot of the
old logging code still needs to be translated to the new way.
* Statistics rewrite started: Stats are now based on (log) events.
It's possible to gather statistics about any event that is logged.
See http://wiki2.dovecot.org/Statistics for details
* ssl_dh setting replaces the old generated ssl-parameters.dat
* IMAP: When BINARY FETCH finds a broken mails, send [PARSE] error
instead of [UNKNOWNCTE]
* Linux: core dumping via PR_SET_DUMPABLE is no longer enabled by
default due to potential security reasons (found by cPanel Security
Team).
+ Added support for SMTP submission proxy server, which includes
support for BURL and CHUNKING extension.
+ LMTP rewrite. Supports now CHUNKING extension and mixing of
local/proxy recipients.
+ auth: Support libsodium to add support for ARGON2I and ARGON2ID
password schemes.
+ auth: Support BLF-CRYPT password scheme in all platforms
+ auth: Added LUA scripting support for passdb/userdb.
See https://wiki2.dovecot.org/AuthDatabase/Lua
- Input streams are more reliable now when there are errors or when
the maximum buffer size is reached. Previously in some situations
this could have caused Dovecot to try to read already freed memory.
- Output streams weren't previously handling failures when writing a
trailer at the end of the stream. This mainly affected encrypt and
zlib compress ostreams, which could have silently written truncated
files if the last write happened to fail (which shouldn't normally
have ever happened).
- virtual plugin: Fixed panic when fetching mails from virtual
mailboxes with IMAP BINARY extension.
- doveadm-server: Fix potential hangs with SSL connections
- doveadm proxy: Reading commands' output from v2.2.33+ servers could
have caused the output to be corrupted or caused a crash.
- Many other smaller fixes
To generate a diff of this commit:
cvs rdiff -u -r1.15 -r1.16 pkgsrc/mail/dovecot2/Makefile.common
cvs rdiff -u -r1.57 -r1.58 pkgsrc/mail/dovecot2/PLIST
cvs rdiff -u -r1.79 -r1.80 pkgsrc/mail/dovecot2/distinfo
cvs rdiff -u -r1.1 -r1.2 pkgsrc/mail/dovecot2-ldap/Makefile
cvs rdiff -u -r1.9 -r1.10 pkgsrc/mail/dovecot2-sqlite/Makefile
cvs rdiff -u -r1.4 -r1.5 pkgsrc/mail/dovecot2/patches/patch-ab
cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/mail/dovecot2/patches/patch-ae
cvs rdiff -u -r0 -r1.1 \
pkgsrc/mail/dovecot2/patches/patch-src_old-stats_mail-stats.h
cvs rdiff -u -r1.6 -r1.7 \
pkgsrc/mail/dovecot2/patches/patch-src_plugins_quota_quota-fs.c
cvs rdiff -u -r1.2 -r0 \
pkgsrc/mail/dovecot2/patches/patch-src_stats_mail-stats.h
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: maya
Date: Thu Jan 4 00:22:02 UTC 2018
Modified Files:
pkgsrc/mail/dovecot2: distinfo
Removed Files:
pkgsrc/mail/dovecot2/patches: patch-src_plugins_quota_quota-fs.c
Log Message:
dovecot2: remove now redundant patch.
Heads up by jzu, thanks.
To generate a diff of this commit:
cvs rdiff -u -r1.80 -r1.81 pkgsrc/mail/dovecot2/distinfo
cvs rdiff -u -r1.7 -r0 \
pkgsrc/mail/dovecot2/patches/patch-src_plugins_quota_quota-fs.c
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: fhajny
Date: Mon Jan 8 13:03:15 UTC 2018
Modified Files:
pkgsrc/mail/dovecot2: buildlink3.mk
Log Message:
mail/dovecot2: bump ABI dependency to 2.3.0 for dovecot2-pigeonhole.
To generate a diff of this commit:
cvs rdiff -u -r1.25 -r1.26 pkgsrc/mail/dovecot2/buildlink3.mk
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: jperkin
Date: Wed Jan 24 15:16:49 UTC 2018
Modified Files:
pkgsrc/mail/dovecot2: Makefile.common
Log Message:
dovecot2: Don't automatically add compiler security features.
To generate a diff of this commit:
cvs rdiff -u -r1.16 -r1.17 pkgsrc/mail/dovecot2/Makefile.common
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Thu Mar 1 11:13:14 UTC 2018
Modified Files:
pkgsrc/mail/dovecot2: Makefile.common PLIST distinfo
Log Message:
mail/dovecot2: update to 2.3.0.1
Small patch release to fix the worst bugs in v2.3.0. v2.3.1 is coming in about a month with a lot more changes.
* CVE-2017-15130: TLS SNI config lookups may lead to excessive
memory usage, causing imap-login/pop3-login VSZ limit to be reached
and the process restarted. This happens only if Dovecot config has
local_name { } or local { } configuration blocks and attacker uses
randomly generated SNI servernames.
* CVE-2017-14461: Parsing invalid email addresses may cause a crash or
leak memory contents to attacker. For example, these memory contents
might contain parts of an email from another user if the same imap
process is reused for multiple users. First discovered by Aleksandar
Nikolic of Cisco Talos. Independently also discovered by "flxflndy"
via HackerOne.
* CVE-2017-15132: Aborted SASL authentication leaks memory in login
process.
* Linux: Core dumping is no longer enabled by default via
PR_SET_DUMPABLE, because this may allow attackers to bypass
chroot/group restrictions. Found by cPanel Security Team. Nowadays
core dumps can be safely enabled by using "sysctl -w
fs.suid_dumpable=2". If the old behaviour is wanted, it can still be
enabled by setting:
import_environment=$import_environment PR_SET_DUMPABLE=1
- imap-login with SSL/TLS connections may end up in infinite loop
To generate a diff of this commit:
cvs rdiff -u -r1.17 -r1.18 pkgsrc/mail/dovecot2/Makefile.common
cvs rdiff -u -r1.58 -r1.59 pkgsrc/mail/dovecot2/PLIST
cvs rdiff -u -r1.81 -r1.82 pkgsrc/mail/dovecot2/distinfo
mail/dovecot2: bump ABI dependency to 2.3.0 for dovecot2-pigeonhole.
dovecot2: update to 2.2.33.1
v2.2.33.1:
- dovecot-lda was logging to stderr instead of to the log file.
v2.2.33:
* doveadm director commands wait for the changes to be visible in the
whole ring before they return. This is especially useful in testing.
* Environments listed in import_environment setting are now set or
preserved when executing standalone commands (e.g. doveadm)
+ doveadm proxy: Support proxying logs. Previously the logs were
visible only in the backend's logs.
+ Added %{if}, see https://wiki2.dovecot.org/Variables#Conditionals
+ Added a new notify_status plugin, which can be used to update dict
with current status of a mailbox when it changes. See
https://wiki2.dovecot.org/Plugins/NotifyStatus
+ Mailbox list index can be disabled for a namespace by appending
":LISTINDEX=" to location setting.
+ dsync/imapc: Added dsync_hashed_headers setting to specify which
headers are used to match emails.
+ pop3-migration: Add pop3_migration_ignore_extra_uidls=yes to ignore
mails that are visible in POP3 but not IMAP. This could happen if
new mails were delivered during the migration run.
+ pop3-migration: Further improvements to help with Zimbra
+ pop3-migration: Cache POP3 UIDLs in imapc's dovecot.index.cache
if indexes are enabled. These are used to optimize incremental syncs.
+ cassandra, dict-sql: Use prepared statements if protocol version>3.
+ auth: Added %{ldap_dn} variable for passdb/userdb ldap
- acl: The "create" (k) permission in global acl-file was sometimes
ignored, allowing users to create mailboxes when they shouldn't have.
- sdbox: Mails were always opened when expunging, unless
mail_attachment_fs was explicitly set to empty.
- lmtp/doveadm proxy: hostip passdb field was ignored, which caused
unnecessary DNS lookups if host field wasn't an IP
- lmtp proxy: Fix crash when receiving unexpected reply in RCPT TO
- quota_clone: Update also when quota is unlimited (broken in v2.2.31)
- mbox, zlib: Fix assert-crash when accessing compressed mbox
- doveadm director kick -f parameter didn't work
- doveadm director flush <host> resulted flushing all hosts, if <host>
wasn't an IP address.
- director: Various fixes to handling backend/director changes at
abnormal times, especially while ring was unsynced. These could have
resulted in crashes, non-optimal behavior or ignoring some of the
changes.
- director: Use less CPU in imap-login processes when moving/kicking
many users.
- lmtp: Session IDs were duplicated/confusing with multiple RCPT TOs
when lmtp_rcpt_check_quota=yes
- doveadm sync -1 fails when local mailboxes exist that do not exist
remotely. This commonly happened when lazy_expunge mailbox was
autocreated when incremental sync expunged mails.
- pop3: rawlog_dir setting didn't work
Changes 2.2.32:
There are various changes in this release that can be used to significantly reduce disk IO with:
1) NFS storage especially, but I guess also other remote filesystems and even some with local disks
2) When mail storage and INDEX storage are separated
* imapc: Info-level line is logged every time when successfully
connected to the remote server. This includes local/remote IP/port,
which can be useful for matching against external logs.
* config: Log a warning if plugin { key=no } is used explicitly.
v2.3 will support "no" properly in plugin settings, but for now
any value at all for a boolean plugin setting is treated as "yes",
even if it's written as explicit "no". This change will now warn
that it most likely won't work as intended.
+ Various optimizations to avoid accessing files/directories when it's
not necessary. Especially avoid accessing mail root directories when
INDEX directories point to a different filesystem.
+ mail_location can now include ITERINDEX parameter. This tells Dovecot
to perform mailbox listing from the INDEX path instead of from the
mail root path. It's mainly useful when the INDEX storage is on a
faster storage.
+ mail_location can now include VOLATILEDIR=<path> parameter. This
is used for creating lock files and in future potentially other
files that don't need to exist permanently. The path could point to
tmpfs for example. This is especially useful to avoid creating lock
files to NFS or other remote filesystems. For example:
mail_location=sdbox:~/sdbox:VOLATILEDIR=/tmp/volatile/%2.256Nu/%u
+ mail_location's LISTINDEX=<path> can now contain a full path.
This allows storing mailbox list index to a different storage
than the rest of the indexes, for example to tmpfs.
+ mail_location can now include NO-NOSELECT parameter. This
automatically deletes any \NoSelect mailboxes that have no children.
These mailboxes are sometimes confusing to users.
+ mail_location can now include BROKENCHAR=<char> parameter. This can
be useful with imapc to access mailbox names that aren't valid mUTF-7
charset from remote servers.
+ If mailbox_list_index_very_dirty_syncs=yes, the list index is no
longer refreshed against filesystem when listing mailboxes. This
allows the mailbox listing to be done entirely by only reading the
mailbox list index.
+ Added mailbox_list_index_include_inbox setting to control whether
INBOX's STATUS information should be cached in the mailbox list
index. The default is "no", but it may be useful to change it to
"yes", especially if LISTINDEX points to tmpfs.
+ userdb can return chdir=<path>, which override mail_home for the
chdir location. This can be useful to avoid accessing home directory
on login.
+ userdb can return postlogin=<socket> to specify per-user imap/pop3
postlogin socket path.
+ cassandra: Add support for result paging by adding page_size=<n>
parameter to the connect setting.
+ dsync/imapc, pop3-migration plugin: Strip also trailing tabs from
headers when matching mails. This helps with migrations from Zimbra.
+ imap_logout_format supports now %{appended} and %{autoexpunged}
+ virtual plugin: Optimize IDLE to use mailbox list index for finding
out when something has changed.
+ Added apparmor plugin. See https://wiki2.dovecot.org/Plugins/Apparmor
- virtual plugin: A lot of fixes. In many cases it was also working
very inefficiently or even incorrectly.
- imap: NOTIFY parameter parsing was incorrectly "fixed" in v2.2.31.
It was actually (mostly) working in previous versions, but broken
in v2.2.31.
- Modseq tracking didn't always work correctly. This could have caused
imap unhibernation to fail or IMAP QRESYNC/CONDSTORE extensions to
not work perfectly.
- mdbox: "Inconsistency in map index" wasn't fixed automatically
- dict-ldap: %variable values used in the LDAP filter weren't escaped.
- quota=count: quota_warning = -storage=.. was never executed (try 2).
v2.2.31 fixed it for -messages, but not for -storage.
- imapc: >= 32 kB mail bodies were supposed to be cached for subsequent
FETCHes, but weren't.
- quota-status service didn't support recipient_delimiter
- acl: Don't access dovecot-acl-list files with acl_globals_only=yes
- mail_location: If INDEX dir is set, mailbox deletion deletes its
childrens' indexes. For example if "box" is deleted, "box/child"
index directory was deleted as well (but mails were preserved).
- director: v2.2.31 caused rapid reconnection loops to directors
that were down.
Bumped BUILDLINK_ABI_DEPENDS
Changes 2.2.30:
* auth: Use timing safe comparisons for everything related to
passwords. It's unlikely that these could have been used for
practical attacks, especially because Dovecot delays and flushes all
failed authentications in 2 second intervals. Also it could have
worked only when passwords were stored in plaintext in the passdb.
* master process sends SIGQUIT to all running children at shutdown,
which instructs them to close all the socket listeners immediately.
This way restarting Dovecot should no longer fail due to some
processes keeping the listeners open for a long time.
+ auth: Add passdb { mechanisms=none } to match separate passdb lookup
+ auth: Add passdb { username_filter } to use passdb only if user
matches the filter. See https://wiki2.dovecot.org/PasswordDatabase
+ dsync: Add dsync_commit_msgs_interval setting. It attempts to commit
the transaction after saving this many new messages. Because of the
way dsync works, it may not always be possible if mails are copied
or UIDs need to change.
+ imapc: Support imapc_features=search without ESEARCH extension.
+ imapc: Add imapc_features=fetch-bodystructure to pass through remote
server's FETCH BODY and BODYSTRUCTURE.
+ imapc: Add quota=imapc backend to use GETQUOTA/GETQUOTAROOT on the
remote server.
+ passdb imap: Add allow_invalid_cert and ssl_ca_file parameters.
+ If dovecot.index.cache corruption is detected, reset only the one
corrupted mail instead of the whole file.
+ doveadm mailbox status: Add "firstsaved" field.
+ director_flush_socket: Add old host's up/down and vhost count as parameters
- More fixes to automatically fix corruption in dovecot.list.index
- dsync-server: Fix support for dsync_features=empty-header-workaround
- imapc: Various bugfixes, including infinite loops on some errors
- IMAP NOTIFY wasn't working for non-INBOX if IMAP client hadn't
enabled modseq tracking via CONDSTORE/QRESYNC.
- fts-lucene: Fix it to work again with mbox format
- Some internal error messages may have contained garbage in v2.2.29
- mail-crypt: Re-encrypt when copying/moving mails and per-mailbox keys
are used. Otherwise the copied mails can't be opened.
- vpopmail: Fix compiling
Changes 2.2.28:
* director: "doveadm director move" to same host now refreshes user's
timeout. This allows keeping user constantly in the same backend by
just periodically moving the user there.
* When new mailbox is created, use initially INBOX's
dovecot.index.cache caching decisions.
* Expunging mails writes GUID to dovecot.index.log now only if the
GUID is quickly available from index/cache.
* pop3c: Increase timeout for PASS command to 5 minutes.
* Mail access errors are no longer ignored when searching or sorting.
With IMAP the untagged SEARCH/SORT reply is still sent the same as
before, but NO reply is returned instead of OK.
+ Make dovecot.list.index's filename configurable. This is needed when
there are multiple namespaces pointing to the same mail root
(e.g. lazy_expunge namespace for mdbox).
+ Add size.virtual to dovecot.index when folder vsizes are accessed
(e.g. quota=count). This is mainly a workaround to avoid slow quota
recalculation performance when message sizes get lost from
dovecot.index.cache due to corruption or some other reason.
+ auth: Support OAUTHBEARER and XOAUTH2 mechanisms. Also support them
in lib-dsasl for client side.
+ auth: Support filtering by SASL mechanism: passdb { mechanisms }
+ Shrink the mail processes' memory usage by not storing settings
duplicated unnecessarily many times.
+ imap: Add imap_fetch_failure setting to control what happens when
FETCH fails for some mails (see example-config).
+ imap: Include info about last command in disconnection log line.
+ imap: Created new SEARCH=X-MIMEPART extension. It's currently not
advertised by default, since it's not fully implemented.
+ fts-solr: Add support for basic authentication.
+ Cassandra: Support automatically retrying failed queries if
execution_retry_interval and execution_retry_times are set.
+ doveadm: Added "mailbox path" command.
+ mail_log plugin: If plugin { mail_log_cached_only=yes }, log the
wanted fields only if it doesn't require opening the email.
+ mail_vsize_bg_after_count setting added (see example-config).
+ mail_sort_max_read_count setting added (see example-config).
+ pop3c: Added pop3c_features=no-pipelining setting to prevent using
PIPELINING extension even though it's advertised.
- Index files: day_first_uid wasn't updated correctly since v2.2.26.
This caused dovecot.index.cache to be non-optimal.
- imap: SEARCH/SORT may have assert-crashed in
client_check_command_hangs
- imap: FETCH X-MAILBOX may have assert-crashed in virtual mailboxes.
- imap: Running time in tagged command reply was often wrongly 0.
- search: Using NOT n:* or NOT UID n:* wasn't handled correctly
- director: doveadm director kick was broken
- director: Fix crash when using director_flush_socket
- director: Fix some bugs when moving users between backends
- imapc: Various error handling fixes and improvements
- master: doveadm process status output had a lot of duplicates.
- autoexpunge: If mailbox's rename timestamp is newer than mail's
save-timestamp, use it instead. This is useful when autoexpunging
e.g. Trash/* and an entire mailbox is deleted by renaming it under
Trash to prevent it from being autoexpunged too early.
- autoexpunge: Multiple processes may have been trying to expunge the
same mails simultaneously. This was problematic especially with
lazy_expunge plugin.
- auth: %{passdb:*} was empty in auth-worker processes
- auth-policy: hashed_password was always sent empty.
- dict-sql: Merge multiple UPDATEs to a single statement if possible.
- fts-solr: Escape {} chars when sending queries
- fts: fts_autoindex_exclude = \Special-use caused crashes
- doveadm-server: Fix leaks and other problems when process is reused
for multiple requests (service_count != 1)
- sdbox: Fix assert-crash on mailbox create race
- lda/lmtp: deliver_log_format values weren't entirely correct if Sieve
was used. especially %{storage_id} was broken.
- lmtp_user_concurrency_limit didn't work if userdb changed username
Changes 2.2.27:
* dovecot.list.index.log rotation sizes/times were changed so that
the .log file stays smaller and .log.2 is deleted sooner.
+ Added mail_crypt plugin that allows encryption of stored emails.
See http://wiki2.dovecot.org/Plugins/MailCrypt
+ stats: Global stats can be sent to Carbon server by setting
stats_carbon_server=ip:port
+ imap/pop3 proxy: If passdb returns proxy_not_trusted, don't send
ID/XCLIENT
+ Added generic hash modifier for %variables:
%{<hash algorithm>;rounds=<n>,truncate=<bits>,salt=s>:field}
Hash algorithm is any of the supported ones, e.g. md5, sha1, sha256.
Also "pkcs5" is supported using SHA256. For example: %{sha256:user}
or %{md5;truncate=32:user}.
+ Added support for SHA3-256 and SHA3-512 hashes.
+ config: Support DNS wildcards in local_name, e.g.
local_name *.example.com { .. } matches anything.example.com, but
not multiple.anything.example.com.
+ config: Support multiple names in local_name, e.g.
local_name "1.example.com 2.example.com" { .. }
- Fixed crash in auth process when auth-policy was configured and
authentication was aborted/failed without a username set.
- director: If two users had different tags but the same hash,
the users may have been redirected to the wrong tag's hosts.
- Index files may have been thought incorrectly lost, causing
"Missing middle file seq=.." to be logged and index rebuild.
This happened more easily with IMAP hibernation enabled.
- Various fixes to restoring state correctly in un-hibernation.
- dovecot.index files were commonly 4 bytes per email too large. This
is because 3 bytes per email were being wasted that could have been
used for IMAP keywords.
- Various fixes to handle dovecot.list.index corruption better.
- lib-fts: Fixed assert-crash in address tokenizer with specific input.
- Fixed assert-crash in HTML to text parsing with specific input
(e.g. for FTS indexing or snippet generation)
- doveadm sync -1: Fixed handling mailbox GUID conflicts.
- sdbox, mdbox: Perform full index rebuild if corruption is detected
inside lib-index, which runs index fsck.
- quota: Don't skip quota checks when moving mails between different
quota roots.
- search: Multiple sequence sets or UID sets in search parameters
weren't handled correctly. They were incorrectly merged together.
Bump BUILDLINK_ABI_DEPENDS since older dovecot2-pigeonhole dose not work with 2.2.26.0.
Recursive PKGREVISION bump for gnutls shlib major bump.
Most importantly this fixes startup failure with kqueue. https://github.com/dovecot/core/commit/ffd8dc932516bc55bf01d91355540daab365e5e9?diff=unified Fix for PR 51314.
Changes 2.2.23: This is a bugfix-only release with various important fixes on top of v2.2.22. - Various fixes to doveadm. Especially running commands via doveadm-server was broken. - director: Fixed user weakness getting stuck in some situations - director: Fixed a situation where directors keep re-sending different states to each others and never becoming synced. - director: Fixed assert-crash related to a slow "user killed" reply - Fixed assert-crash related to istream-concat, which could have been triggered at least by a Sieve script.
Bump PKGREVISION for security/openssl ABI bump.
Changes 2.2.21: - doveadm mailbox list (and some others) were broken in v2.2.20 - director: Fixed making backend changes when running with only a single director server. - virtual plugin: Fixed crash when trying to open nonexistent autocreated backend mailbox.
Changes 2.2.19:
* pop3_deleted_flag has been broken since v2.2.10. Using it would
cause buffer overflows, which could be exploitable. However, this
bug would have become visible quite soon after users had deleted
some POP3 mails, because the pop3 processes would have started
crashing all the time even in normal use.
* "doveadm director flush" command has a changed meaning now:
It safely moves users to their wanted backends, instead of simply
forgetting the mapping entirely and leaving the existing connections
untouched. Use -F parameter to get the original unsafe behavior.
+ Added imap-hibernate processes (see imap_hibernate_timeout setting).
IDLEing IMAP connections can be hibernated, which saves memory.
+ Optimized tracking mailboxes' vsizes (= sum of all messages' sizes).
If mailbox_list_index=yes, it's also stored in there. This makes it
very efficient to look up vsizes for all mailboxes.
+ Added a quota "count" backend, which uses the mailbox vsizes to get
the current quota usage. It requires using the new quota_vsizes=yes
setting, which tracks the messages' "virtual sizes" rather than
"physical sizes". Their distiction is minor and mostly irrelevant
nowadays (if mail sizes should be counted with LF or CRLF newlines).
+ "doveadm director up/down" commands added. The monitoring script
should be using these commands instead of changing the vhost count.
This allows admin to manually disable a server by changing the vhost
count to 0 without the monitoring script changing it back.
+ Added support for HAProxy protocol: http://wiki2.dovecot.org/HAProxy
+ Added push-notification plugin framework, which can be used to
easily implement push notifications to various backends. Implemented
"ox" backend for notifying Open-Xchange via HTTP/json.
+ imap_logout_format supports more variables now, e.g. number of
deleted messages.
+ pop3: Added pop3_delete_type setting (related to pop3_deleted_flag).
+ plugin { fts_enforced=yes } setting now fails body searches unless
it can be done via the full text search engine.
+ Added %{passdb:*} and %{userdb:*} variables to various places
+ auth: Added ":protected" suffix for passdb and userdb fields. If
used, the field doesn't overwrite an existing field.
+ IMAP/POP3 proxy: If a backend server dies, avoid client reconnection
spikes by slowly disconnecting clients over time. This is enabled by
setting login_proxy_max_disconnect_delay=secs passdb extra field.
+ imap: Added new read-only METADATA entries: /private/specialuse,
/shared/comment, /shared/admin
+ imap: If client disconnects in the middle of a command, log how long
the command had been running.
- mdbox: Rebuilding could have caused message's reference count to
overflow the 16bit number in some situations, causing problems when
trying to expunge the duplicates.
- Various search fixes (fts, solr, tika, lib-charset, indexer)
- Various virtual plugin fixes
- Various fixes and optimizations to dsync, imapc and pop3-migration
- imap: Various RFC compliancy and crash fixes to NOTIFY
Bump PKGREVISION for nettle shlib major bump.
Update dovecot2 package to 2.2.18.
v2.2.18 2015-05-15 Timo Sirainen <tss@iki.fi>
- director: Login UNIX sockets were normally detected as doveadm or
director ring sockets, causing it to break in existing installations.
- sdbox: When copying a mail in alt storage, place the destination to
alt storage as well.
v2.2.17 2015-05-13 Timo Sirainen <tss@iki.fi>
* Dovecot no longer checks or warns if a mountpoint is removed. This
was causing more trouble than it was worth. Make sure that all the
mountpoints that Dovecot accesses aren't writable by mail processes
when they're unmounted.
* dict server wasn't properly escaping/unescaping data. Fixing this
broke backwards compatibility with data that contains line feeds.
This hopefully affects only very few installations. If you're using
dict to save multiline data (Sieve scripts to SQL), you may be
affected.
* imap: SPECIAL-USE capability is no longer advertised if there are
no special_use flags specified for any mailboxes.
+ lmtp: Added lmtp_hdr_delivery_address setting to specify whether
to include email address in Delivered-To: and Received: headers.
+ Added initial version of full text search library, which includes
language-specific text normalization and filtering. This is still
in development, but it's already possible to use for testing with
fts-lucene and fts-solr.
+ lda, lmtp: deliver_log_format can now include %{delivery_time},
which expands to how many milliseconds it took to deliver the mail.
With LMTP %{session_time} also expands to how many milliseconds the
LMTP session took, not including the delivery time.
+ lmtp proxy: Mail delivery logging includes timing information.
+ imap: Most IMAP commands now include in the tagged reply how many
milliseconds it took to run the command (not counting the time spent
on waiting for the IMAP client to read/write data).
+ director: Implemented director_proxy_maybe passdb extra field to
be able to run director and backend in the same Dovecot instance.
(LMTP doesn't support mixed proxy/non-proxy destinations currently.)
+ doveadm: Added -F <file> parameter to read a list of users from the
given file and run the command for all the users. This is similar to
-A parameter reading the list of users from userdb lookup.
+ Implemented initial Cassandra CQL support as lib-sql backend. It's
only usable as dict backend currently.
+ Added quota-clone plugin to copy current quota usage to a dict.
- auth: If auth_master_user_separator was set, auth process could be
crashed by trying to log in with empty master username.
- imap-login, pop3-login: Fixed crash on handshake failures with new
OpenSSL versions (v1.0.2) when SSLv3 was disabled.
- auth: If one passdb fails allow_nets check, it shouldn't have failed
all the other passdb checks later on.
- imap: Server METADATA couldn't be accessed
- imapc: Fixed \Muted label handling in gmail-migration.
- imapc: Various bugfixes and improvements.
- Trash plugin fixes by Alexei Gradinari
- mbox: Fixed crash/corruption in some situations
Changes 2.2.16: * dbox: Resyncing (e.g. doveadm force-resync) no longer deletes dovecot.index.cache file. The cache file was rarely the problem so this just caused unnecessary slowness. * Mailbox name limits changed during mailbox creation: Each part of a hierarchical name (e.g. "x" or "y" in "x/y") can now be up to 255 chars long (instead of 200). This also reduces the max number of hierarchical levels to 16 (instead of 20) to keep the maximum name length 4096 (a common PATH_MAX limit). The 255 char limit is hopefully large enough for migrations from all existing systems. It's also the limit on many filesystems. + director: Added director_consistent_hashing setting to enable consistent hashing (instead of the mostly-random MD5 hashing). This causes fewer user moves between backends when backend counts are changed, which may improve performance (mainly due to caching). + director: Added support for "tags", which allows one director ring to serve multiple backend clusters with different sets of users. + LMTP server: Added lmtp_user_concurrency_limit setting to limit how many LMTP deliveries can be done concurrently for a single user. + LMTP server: Added support for STARTTLS command. + If logging data is generated faster than it can be written, log a warning about it and show information about it in log process's process title in ps output. Also don't allow a single service to flood too long at the cost of delaying other services' logging. + stats: Added support for getting global statistics. + stats: Use the same session IDs as the rest of Dovecot. + stats: Plugins can now create their own statistics fields + doveadm server: Non-mail related commands can now also be used via doveadm server (TCP socket). + doveadm proxying: passdb lookup can now override doveadm_port and change the username. + doveadm: Search query supports now "oldestonly" parameter to stop immediately on the first non-match. This can be used to optimize: doveadm expunge mailbox Trash savedbefore 30d oldestonly + doveadm: Added "save" command to directly save mails to specified mailbox (bypassing Sieve). + doveadm fetch: Added body.snippet field, which returns the first 100 chars of a message without whitespace or HTML tags. The result is stored into dovecot.index.cache, so it can be fetched efficiently. + dsync: Added -t <timestamp> parameter to sync only mails newer than the given received-timestamp. + dsync: Added -F [-]<flag> parameter to sync only mails with[out] the given flag/keyword. + dsync: Added -a <mailbox> parameter to specify the virtual mailbox containing user's all mails. If this mailbox is already found to contain the wanted mail (by its GUID), the message is copied from there instead of being re-saved. (This isn't efficient enough yet for incremental replication.) + dsync: -m parameter can now specify \Special-use names for mailboxes. + imapc: Added imapc_features=gmail-migration to help migrations from GMail. See http://wiki2.dovecot.org/Migration/Gmail + imapc: Added imapc_features=search to support IMAP SEARCH command. (Currently requires ESEARCH support from remote server.) + expire plugin: Added expire_cache=yes setting to cache most of the database lookups in dovecot index files. + quota: If overquota-flag in userdb doesn't match the current quota usage, execute a configured script. + redis dict: Added support for expiring keys (:expire_secs=n) and specifying the database number (:db=n) - auth: Don't crash if master user login is attempted without any configured master=yes passdbs - Parsing UTF-8 text for mails could have caused broken results sometimes if buffering was split in the middle of a UTF-8 character. This affected at least searching messages. - String sanitization for some logged output wasn't done properly: UTF-8 text could have been truncated wrongly or the truncation may not have happened at all. - fts-lucene: Lookups from virtual mailbox consisting of over 32 physical mailboxes could have caused crashes.
Add upper bound to ABI depends. Suggested by tron.
Bump ABI depends per PR 49563 from Petar Bogdanovic, and add a note in the Makefile for updaters.
Recursive PKGREVISION bump for OpenSSL API version bump.
Dovecot 2.2 change API/ABI.
PKGREVISION bumps for the security/openssl 1.0.1d update.
Pullup ticket #3450 - requested by tron
mail/dovecot2 security update
Revisions pulled up:
- mail/dovecot2/Makefile 1.9,1.11
- mail/dovecot2/PLIST 1.6-1.7
- mail/dovecot2/buildlink3.mk 1.4
- mail/dovecot2/distinfo 1.9-1.10
---
Module Name: pkgsrc
Committed By: adam
Date: Fri Apr 15 13:34:28 UTC 2011
Modified Files:
pkgsrc/mail/dovecot2: Makefile PLIST distinfo
Log Message:
Changes 2.0.12:
* doveadm: Added "move" command for moving mails between mailboxes.
* virtual: Added support for "+mailbox" entries that clear \Recent
flag from messages (default is to preserve them).
* dbox: Fixes to handling external attachments
* dsync: More fixes to avoid hanging with remote syncs
* dsync: Many other syncing/correctness fixes
* doveconf: v2.0.10 and v2.0.11 didn't output plugin {} section right
---
Module Name: pkgsrc
Committed By: adam
Date: Fri May 13 07:36:39 UTC 2011
Modified Files:
pkgsrc/mail/dovecot2: Makefile PLIST buildlink3.mk distinfo
Log Message:
Changes 2.0.13:
* Added "doveadm index" command to add unindexed messages into
index/cache. If full text search is enabled, it also adds unindexed
messages to the fts database.
* added "doveadm director dump" command.
* pop3: Added support for showing messages in "POP3 order", which can
be different from IMAP message order. This can be useful for
migrations from other servers. Implemented it for Maildir as 'O'
field in dovecot-uidlist.
* doveconf: Fixed a wrong "subsection has ssl=yes" warning.
* mdbox purge: Fixed wrong warning about corrupted extrefs.
* sdbox: INBOX GUID changed when INBOX was autocreated, leading to
trouble with dsync.
* script-login binary wasn't actually dropping privileges to the
user/group/chroot specified by its service settings.
* Fixed potential crashes and other problems when parsing header names
that contained NUL characters.
Changes 2.0.13: * Added "doveadm index" command to add unindexed messages into index/cache. If full text search is enabled, it also adds unindexed messages to the fts database. * added "doveadm director dump" command. * pop3: Added support for showing messages in "POP3 order", which can be different from IMAP message order. This can be useful for migrations from other servers. Implemented it for Maildir as 'O' field in dovecot-uidlist. * doveconf: Fixed a wrong "subsection has ssl=yes" warning. * mdbox purge: Fixed wrong warning about corrupted extrefs. * sdbox: INBOX GUID changed when INBOX was autocreated, leading to trouble with dsync. * script-login binary wasn't actually dropping privileges to the user/group/chroot specified by its service settings. * Fixed potential crashes and other problems when parsing header names that contained NUL characters.
recursive bump from gettext-lib shlib bump.
Fix buildlinking when ssl or gnutls has been set
Dovecot is an open source IMAP and POP3 server for Linux/UNIX-like systems, written with security primarily in mind. Dovecot is an excellent choice for both small and large installations. It's fast, simple to set up, requires no special administration and it uses very little memory.
Initial revision