Hello community, here is the log from the commit of package dovecot22 for openSUSE:Factory checked in at 2017-04-20 20:56:51 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/dovecot22 (Old) and /work/SRC/openSUSE:Factory/.dovecot22.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "dovecot22" Thu Apr 20 20:56:51 2017 rev:26 rq:488056 version:2.2.29.1 Changes: -------- --- /work/SRC/openSUSE:Factory/dovecot22/dovecot22.changes 2017-03-02 19:37:39.668871668 +0100 +++ /work/SRC/openSUSE:Factory/.dovecot22.new/dovecot22.changes 2017-04-20 20:56:54.881356815 +0200 @@ -0,0 +1,92 @@ + +------------------------------------------------------------------- +Wed Apr 12 17:02:13 UTC 2017 - mrueckert@suse.de + +- update to 2.2.29.1 + - imapc reconnection fix was forgotten from 2.2.29 release, which + also made "make check" fail in a unit test + - dict-sql: Merging multiple UPDATEs to a single statement wasn't + actually working. + - Fixed building with vpopmail + * passdb/userdb dict: Don't double-expand %variables in keys. If + dict was used as the authentication passdb, using specially + crafted + %variables in the username could be used to cause DoS + %(CVE-2017-2669) + * When Dovecot encounters an internal error, it logs the real + error and usually logs another line saying what function + failed. Previously the second log line's error message was a + rather uninformative "Internal error occurred. Refer to server + log for more information." Now the real error message is + duplicated in this second log line. + * lmtp: If a delivery has multiple recipients, run autoexpunging + only for the last recipient. This avoids a problem where a long + autoexpunge run causes LMTP client to timeout between the DATA + replies, resulting in duplicate mail deliveries. + * config: Don't stop the process due to idling. Otherwise the + configuration is reloaded when the process restarts. + * mail_log plugin: Differentiate autoexpunges from regular + expunges + * imapc: Use LOGOUT to cleanly disconnect from server. + * lib-http: Internal status codes (>9000) are no longer visible + in logs + * director: Log vhost count changes and HOST-UP/DOWN + + quota: Add plugin { quota_max_mail_size } setting to limit the + maximum individual mail size that can be saved. + + imapc: Add imapc_features=delay-login. If set, connecting to + the remote IMAP server isn't done until it's necessary. + + imapc: Add imapc_connection_retry_count and + imapc_connection_retry_interval settings. + + imap, pop3, indexer-worker: Add (deinit) to process title + before autoexpunging runs. + + Added %{encrypt} and %{decrypt} variables + + imap/pop3 proxy: Log proxy state in errors as human-readable + string. + + imap/pop3-login: All forward_* extra fields returned by passdb + are sent to the next hop when proxying using ID/XCLIENT + commands. On the receiving side these fields are imported and + sent to auth process where they're accessible via + %{passdb:forward_*}. This is done only if the sending IP + address matches login_trusted_networks. + + imap-login: If imap_id_retain=yes, send the IMAP ID string to + auth process. %{client_id} expands to it in auth process. The + ID string is also sent to the next hop when proxying. + + passdb imap: Use ssl_client_ca_* settings for CA validation. + - fts-tika: Fixed crash when parsing attachment without + Content-Disposition header. Broken by 2.2.28. + - trash plugin was broken in 2.2.28 + - auth: When passdb/userdb lookups were done via auth-workers, + too much data was added to auth cache. This could have resulted + in wrong replies when using multiple passdbs/userdbs. + - auth: passdb { skip & mechanisms } were ignored for the first + passdb + - oauth2: Various fixes, including fixes to crashes + - dsync: Large Sieve scripts (or other large metadata) weren't + always synced. + - Index rebuild (e.g. doveadm force-resync) set all mails as + \Recent + - imap-hibernate: %{userdb:*} wasn't expanded in mail_log_prefix + - doveadm: Exit codes weren't preserved when proxying commands + via doveadm-server. Almost all errors used exit code 75 + (tempfail). + - ACLs weren't applied to not-yet-existing autocreated mailboxes. + - Fixed a potential crash when parsing a broken message header. + - cassandra: Fallback consistency settings weren't working + correctly. + - doveadm director status <user>: "Initial config" was always + empty + - imapc: Various reconnection fixes. +- update pigeonhole to 0.4.18 + + imapsieve plugin: Implemented the copy_source_after rule + action. When this is enabled for a mailbox rule, the specified + Sieve script is executed for the message in the source mailbox + during a "COPY" event. This happens only after the Sieve script + that is executed for the corresponding message in the + destination mailbox finishes running successfully. + + imapsieve plugin: Added non-standard Sieve environment items + for the source and destination mailbox. + - multiscript: The execution of the discard script had an + implicit "keep", rather than an implicit "discard". +- refreshed dovecot-2.2.18-better_ssl_defaults.patch +- moved the libdovecot-ldap.so symlink to the devel package + Old: ---- dovecot-2.2-pigeonhole-0.4.17.tar.gz dovecot-2.2.28.tar.gz New: ---- dovecot-2.2-pigeonhole-0.4.18.tar.gz dovecot-2.2.29.1.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ dovecot22.spec ++++++ --- /var/tmp/diff_new_pack.6Isd0e/_old 2017-04-20 20:56:56.497128316 +0200 +++ /var/tmp/diff_new_pack.6Isd0e/_new 2017-04-20 20:56:56.497128316 +0200 @@ -17,11 +17,11 @@ Name: dovecot22 -Version: 2.2.28 +Version: 2.2.29.1 Release: 0 %define pkg_name dovecot -%define dovecot_version 2.2.28 -%define dovecot_pigeonhole_version 0.4.17 +%define dovecot_version 2.2.29.1 +%define dovecot_pigeonhole_version 0.4.18 %define dovecot_branch 2.2 %define dovecot_pigeonhole_source_dir %{pkg_name}-%{dovecot_branch}-pigeonhole-%{dovecot_pigeonhole_version} %define dovecot_pigeonhole_docdir %{_docdir}/%{pkg_name}/dovecot-pigeonhole @@ -548,7 +548,7 @@ %{_libdir}/%{pkg_name}/libdovecot-dsync.so.* %{_libdir}/%{pkg_name}/libdovecot-fts.so.* %{_libdir}/%{pkg_name}/libdovecot-lda.so.* -%{_libdir}/%{pkg_name}/libdovecot-ldap.so* +%{_libdir}/%{pkg_name}/libdovecot-ldap.so.* %{_libdir}/%{pkg_name}/libdovecot-login.so.* %{_libdir}/%{pkg_name}/libdovecot-sieve.so.* %{_libdir}/%{pkg_name}/libdovecot-sql.so.* @@ -573,6 +573,7 @@ %{_libdir}/%{pkg_name}/modules/lib20_mail_log_plugin.so %{_libdir}/%{pkg_name}/modules/lib20_mailbox_alias_plugin.so %{_libdir}/%{pkg_name}/modules/lib20_expire_plugin.so +%{_libdir}/%{pkg_name}/modules/lib20_var_expand_crypt.so %{_libdir}/%{pkg_name}/modules/lib20_zlib_plugin.so %{_libdir}/%{pkg_name}/modules/lib20_push_notification_plugin.so %{_libdir}/%{pkg_name}/modules/lib20_autocreate_plugin.so @@ -597,6 +598,7 @@ %{_libdir}/%{pkg_name}/modules/auth/libauthdb_imap.so %{_libdir}/%{pkg_name}/modules/auth/libauthdb_ldap.so %{_libdir}/%{pkg_name}/modules/auth/libmech_gssapi.so +%{_libdir}/%{pkg_name}/modules/auth/lib20_auth_var_expand_crypt.so %dir %{_libdir}/%{pkg_name}/modules/dict/ %{_libdir}/%{pkg_name}/modules/dict/libdict_ldap.so # more dict modules are in the sql packages @@ -702,6 +704,7 @@ %{_libdir}/%{pkg_name}/libdovecot-dsync.so %{_libdir}/%{pkg_name}/libdovecot-fts.so %{_libdir}/%{pkg_name}/libdovecot-lda.so +%{_libdir}/%{pkg_name}/libdovecot-ldap.so %{_libdir}/%{pkg_name}/libdovecot-login.so %{_libdir}/%{pkg_name}/libdovecot-sieve.so %{_libdir}/%{pkg_name}/libdovecot-sql.so ++++++ dovecot-2.2-pigeonhole-0.4.17.tar.gz -> dovecot-2.2-pigeonhole-0.4.18.tar.gz ++++++ ++++ 21872 lines of diff (skipped) ++++++ dovecot-2.2.18-better_ssl_defaults.patch ++++++ --- /var/tmp/diff_new_pack.6Isd0e/_old 2017-04-20 20:56:57.041051396 +0200 +++ /var/tmp/diff_new_pack.6Isd0e/_new 2017-04-20 20:56:57.041051396 +0200 @@ -1,7 +1,7 @@ -Index: dovecot-2.2.27/doc/example-config/conf.d/10-ssl.conf +Index: dovecot-2.2.29.1/doc/example-config/conf.d/10-ssl.conf =================================================================== ---- dovecot-2.2.27.orig/doc/example-config/conf.d/10-ssl.conf -+++ dovecot-2.2.27/doc/example-config/conf.d/10-ssl.conf +--- dovecot-2.2.29.1.orig/doc/example-config/conf.d/10-ssl.conf ++++ dovecot-2.2.29.1/doc/example-config/conf.d/10-ssl.conf @@ -9,8 +9,8 @@ # dropping root privileges, so keep the key file unreadable by anyone but # root. Included doc/mkcert.sh can be used to easily generate self-signed @@ -34,15 +34,15 @@ # SSL crypto device to use, for valid values run "openssl engine" #ssl_crypto_device = -@@ -60,3 +63,4 @@ ssl_key = dovecot-2.2.29.1.tar.gz ++++++ ++++ 1039976 lines of diff (skipped)