Hello community,
here is the log from the commit of package dovecot22 for openSUSE:Factory checked in at 2017-07-04 09:11:13
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/dovecot22 (Old)
and /work/SRC/openSUSE:Factory/.dovecot22.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "dovecot22"
Tue Jul 4 09:11:13 2017 rev:31 rq:507795 version:2.2.31
Changes:
--------
--- /work/SRC/openSUSE:Factory/dovecot22/dovecot22.changes 2017-06-28 10:36:52.666357270 +0200
+++ /work/SRC/openSUSE:Factory/.dovecot22.new/dovecot22.changes 2017-07-04 09:11:30.693182653 +0200
@@ -1,0 +2,20 @@
+Mon Jul 3 11:09:39 UTC 2017 - mrueckert@suse.de
+
+- added de5d6bb50931ea243f582ace5a31abb11b619ffe.patch:
+ Do not attempt to deinitialize backend if it's not set
+
+-------------------------------------------------------------------
+Mon Jul 3 10:45:21 UTC 2017 - mrueckert@suse.de
+
+- Fix notify extension
+ (https://www.dovecot.org/pipermail/dovecot/2017-June/108474.html)
+ bcb321bc62117d30bc53a872ca1154c0100aeefd.patch
+ 8b2d740b8182c63b76ff7ef0dd5e01710228705a.patch
+
+-------------------------------------------------------------------
+Tue Jun 27 10:51:08 UTC 2017 - mrueckert@suse.de
+
+- update dovecot-2.2.31-dhparams_fips_mode.patch to also work with
+ libressl
+
+-------------------------------------------------------------------
New:
----
8b2d740b8182c63b76ff7ef0dd5e01710228705a.patch
bcb321bc62117d30bc53a872ca1154c0100aeefd.patch
de5d6bb50931ea243f582ace5a31abb11b619ffe.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ dovecot22.spec ++++++
--- /var/tmp/diff_new_pack.PxHMb9/_old 2017-07-04 09:11:31.861018425 +0200
+++ /var/tmp/diff_new_pack.PxHMb9/_new 2017-07-04 09:11:31.861018425 +0200
@@ -129,6 +129,9 @@
Patch: dovecot-2.2.18-dont_use_etc_ssl_certs.patch
Patch1: dovecot-2.2.18-better_ssl_defaults.patch
Patch2: dovecot-2.2.31-dhparams_fips_mode.patch
+Patch3: bcb321bc62117d30bc53a872ca1154c0100aeefd.patch
+Patch4: 8b2d740b8182c63b76ff7ef0dd5e01710228705a.patch
+Patch5: de5d6bb50931ea243f582ace5a31abb11b619ffe.patch
Summary: IMAP and POP3 Server Written Primarily with Security in Mind
License: BSD-3-Clause and LGPL-2.1+ and MIT
Group: Productivity/Networking/Email/Servers
@@ -309,6 +312,9 @@
%patch -p1
%patch1 -p1
%patch2 -p1
+%patch3 -p1
+%patch4 -p1
+%patch5 -p1
%{__gzip} -9v ChangeLog
# Fix plugins dir.
%{__sed} -i 's|#mail_plugin_dir = /usr/lib/dovecot|mail_plugin_dir = %{_libdir}/dovecot/modules|' doc/example-config/conf.d/10-mail.conf
++++++ 8b2d740b8182c63b76ff7ef0dd5e01710228705a.patch ++++++
commit 8b2d740b8182c63b76ff7ef0dd5e01710228705a
Author: Timo Sirainen
From de5d6bb50931ea243f582ace5a31abb11b619ffe Mon Sep 17 00:00:00 2001 From: Aki Tuomi
Date: Wed, 17 May 2017 12:26:42 +0300 Subject: [PATCH] fts: Do not attempt to deinitialize backend if it's not set
If FTS backend initialization fails or does not happen, flist->backend might end up being NULL, and attempt to deinitialize NULL won't end well. --- src/plugins/fts/fts-storage.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/plugins/fts/fts-storage.c b/src/plugins/fts/fts-storage.c index 32a49ade0..370ec8680 100644 --- a/src/plugins/fts/fts-storage.c +++ b/src/plugins/fts/fts-storage.c @@ -830,7 +830,8 @@ static void fts_mailbox_list_deinit(struct mailbox_list *list) { struct fts_mailbox_list *flist = FTS_LIST_CONTEXT(list); - fts_backend_deinit(&flist->backend); + if (flist->backend != NULL) + fts_backend_deinit(&flist->backend); flist->module_ctx.super.deinit(list); } ++++++ dovecot-2.2.31-dhparams_fips_mode.patch ++++++ --- /var/tmp/diff_new_pack.PxHMb9/_old 2017-07-04 09:11:31.985000990 +0200 +++ /var/tmp/diff_new_pack.PxHMb9/_new 2017-07-04 09:11:31.985000990 +0200 @@ -1,17 +1,19 @@ diff --git a/src/lib-ssl-iostream/iostream-openssl-params.c b/src/lib-ssl-iostream/iostream-openssl-params.c -index 5fdaa30de..edfc81ac3 100644 +index 5fdaa30de..576915371 100644 --- a/src/lib-ssl-iostream/iostream-openssl-params.c +++ b/src/lib-ssl-iostream/iostream-openssl-params.c -@@ -44,9 +44,14 @@ generate_dh_parameters(int bitsize, buffer_t *output, const char **error_r) +@@ -44,9 +44,16 @@ generate_dh_parameters(int bitsize, buffer_t *output, const char **error_r) int openssl_iostream_generate_params(buffer_t *output, unsigned int dh_length, const char **error_r) { - if (generate_dh_parameters(512, output, error_r) < 0) + unsigned int minimal_dh_size = 512; ++ #ifdef OPENSSL_FIPS + if (FIPS_mode() > 0) { + minimal_dh_size = 2048; + i_warning("FIPS mode detected. Setting minimum DH params size from 512 to 2048. Accepting SSL connections after first start might take longer."); + }; ++ #endif + if (generate_dh_parameters(minimal_dh_size, output, error_r) < 0) return -1; - if (dh_length != 512) {