Hello community, here is the log from the commit of package dovecot23 for openSUSE:Factory checked in at 2018-07-09 13:29:33 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/dovecot23 (Old) and /work/SRC/openSUSE:Factory/.dovecot23.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "dovecot23" Mon Jul 9 13:29:33 2018 rev:8 rq:621463 version:2.3.2 Changes: -------- --- /work/SRC/openSUSE:Factory/dovecot23/dovecot23.changes 2018-05-29 16:53:34.936932294 +0200 +++ /work/SRC/openSUSE:Factory/.dovecot23.new/dovecot23.changes 2018-07-09 13:31:13.982503637 +0200 @@ -1,0 +2,93 @@ +Sat Jun 30 20:06:40 UTC 2018 - mrueck...@suse.de + +- update to 2.3.2 + * old-stats plugin: Don't temporarily enable PR_SET_DUMPABLE + while opening /proc/self/io. This may still cause security + problems if the process is ptrace()d at the same time. + Instead, open it while still running as root. + + doveadm: Added mailbox cache decision&remove commands. See + doveadm-mailbox(1) man page for details. + + doveadm: Added rebuild attachments command for rebuilding + $HasAttachment or $HasNoAttachment flags for matching mails. + See doveadm-rebuild(1) man page for details. + + cassandra: Use fallback_consistency on more types of errors + + lmtp proxy: Support outgoing SSL/TLS connections + + lmtp: Add lmtp_rawlog_dir and lmtp_proxy_rawlog_dir settings. + + submission: Add support for rawlog_dir + + submission: Add submission_client_workarounds setting. + + lua auth: Add password_verify() function and additional fields + in auth request. + - doveadm-server: TCP connections are hanging when there is a lot + of network output. This especially caused hangs in + dsync-replication. + - Using multiple type=shared mdbox namespaces crashed + - mail_fsync setting was ignored. It was always set to + "optimized". + - lua auth: Fix potential crash at deinit + - SSL/TLS servers may have crashed if client disconnected during + handshake. + - SSL/TLS servers: Don't send extraneous certificates to client + when alt certs are used. + - lda, lmtp: Return-Path header without '<' may have + assert-crashed. + - lda, lmtp: Unencoded UTF-8 in email address headers may + assert-crash + - lda: -f parameter didn't allow empty/null/domainless address + - lmtp, submission: Message size limit was hardcoded to 40 MB. + Exceeding it caused the connection to get dropped during + transfer. + - lmtp: Fix potential crash when delivery fails at DATA stage + - lmtp: login_greeting setting was ignored + - Fix to work with OpenSSL v1.0.2f + - systemd unit restrictions were too strict by default + - Fix potential crashes when a lot of log output was produced + - SMTP client may have assert-crashed when sending mail + - IMAP COMPRESS: Send "end of compression" marker when + disconnecting. + - cassandra: Fix consistency=quorum to work + - dsync: Lock file generation failed if home directory didn't + exist + - Snippet generation for HTML mails didn't ignore &entities + inside blockquotes, producing strange looking snippets. + - imapc: Fix assert-crash if getting disconnected and after + reconnection all mails in the selected mailbox are gone. + - pop3c: Handle unexpected server disconnections without + assert-crash + - fts: Fixes to indexing mails via virtual mailboxes. + - fts: If mails contained NUL characters, the text around it + wasn't indexed. + - Obsolete dovecot.index.cache offsets were sometimes used. + Trying to fetch a field that was just added to cache file may + not have always found it. +- update pigeonhole to 0.5.2 + + Implement plugin for the a vendor-defined IMAP capability + called "FILTER=SIEVE". It adds the ability to manually invoke + Sieve filtering in IMAP. More information can be found in + doc/plugins/imap_filter_sieve.txt. + - The Sieve addess test caused an assertion panic for invalid + addresses with UTF-8 codepoints in the localpart. Fixed by + properly detecting invalid addresses with UTF-8 codepoints in + the localpart and skipping these like other invalid addresses + while iterating addresses for the address test. + - Make the length of the subject header for the vacation response + configurable and enforce the limit in UTF-8 codepoints rather + than bytes. The subject header for a vacation response was + statically truncated to 256 bytes, which is too limited for + multi-byte UTF-8 characters. + - Sieve editheader extension: Fix assertion panic occurring when + it is used to manipulate a message header with a very large + header field. + - Properly abort execution of the sieve_discard script upon + error. Before, the LDA Sieve plugin attempted to execute the + sieve_discard script when an error occurs. This can lead to the + message being lost. + - Fix the interaction between quota and the sieve_discard script. + When quota was used together with a sieve_discard script, the + message delivery did not bounce when the quota was exceeded. +- refreshed to apply cleanly again dovecot-2.3.0-better_ssl_defaults.patch +- dropped patches: + - 35497604d80090a02619024aeec069b32568e4b4.diff + - 5522b8b3d3ed1a99c3b63bb120216af0bd427403.diff + - 847790d5aab84df38256a6f9b4849af0eb408419.patch + +------------------------------------------------------------------- Old: ---- 35497604d80090a02619024aeec069b32568e4b4.diff 5522b8b3d3ed1a99c3b63bb120216af0bd427403.diff 847790d5aab84df38256a6f9b4849af0eb408419.patch dovecot-2.3-pigeonhole-0.5.1.tar.gz dovecot-2.3-pigeonhole-0.5.1.tar.gz.sig dovecot-2.3.1.tar.gz dovecot-2.3.1.tar.gz.sig New: ---- dovecot-2.3-pigeonhole-0.5.2.tar.gz dovecot-2.3-pigeonhole-0.5.2.tar.gz.sig dovecot-2.3.2.tar.gz dovecot-2.3.2.tar.gz.sig ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ dovecot23.spec ++++++ --- /var/tmp/diff_new_pack.XyOzdC/_old 2018-07-09 13:31:14.910501767 +0200 +++ /var/tmp/diff_new_pack.XyOzdC/_new 2018-07-09 13:31:14.918501751 +0200 @@ -17,11 +17,11 @@ Name: dovecot23 -Version: 2.3.1 +Version: 2.3.2 Release: 0 %define pkg_name dovecot -%define dovecot_version 2.3.1 -%define dovecot_pigeonhole_version 0.5.1 +%define dovecot_version 2.3.2 +%define dovecot_pigeonhole_version 0.5.2 %define dovecot_branch 2.3 %define dovecot_pigeonhole_source_dir %{pkg_name}-%{dovecot_branch}-pigeonhole-%{dovecot_pigeonhole_version} %define dovecot_pigeonhole_docdir %{_docdir}/%{pkg_name}/dovecot-pigeonhole @@ -136,9 +136,6 @@ Source12: dovecot23.keyring Patch: dovecot-2.3.0-dont_use_etc_ssl_certs.patch Patch1: dovecot-2.3.0-better_ssl_defaults.patch -Patch2: 35497604d80090a02619024aeec069b32568e4b4.diff -Patch3: 5522b8b3d3ed1a99c3b63bb120216af0bd427403.diff -Patch4: 847790d5aab84df38256a6f9b4849af0eb408419.patch Summary: IMAP and POP3 Server Written Primarily with Security in Mind License: BSD-3-Clause AND LGPL-2.1-or-later AND MIT Group: Productivity/Networking/Email/Servers @@ -318,9 +315,6 @@ %setup -q -n %{pkg_name}-%{dovecot_version} -a 1 %patch -p1 %patch1 -p1 -%patch2 -p1 -%patch3 -p1 -%patch4 -p1 gzip -9v ChangeLog # Fix plugins dir. sed -i 's|#mail_plugin_dir = /usr/lib/dovecot|mail_plugin_dir = %{_libdir}/dovecot/modules|' doc/example-config/conf.d/10-mail.conf @@ -623,6 +617,7 @@ %{_libdir}/%{pkg_name}/modules/lib90_sieve_plugin.so %{_libdir}/%{pkg_name}/modules/lib90_old_stats_plugin.so %{_libdir}/%{pkg_name}/modules/lib95_imap_sieve_plugin.so +%{_libdir}/%{pkg_name}/modules/lib95_imap_filter_sieve_plugin.so %{_libdir}/%{pkg_name}/modules/lib95_imap_old_stats_plugin.so %{_libdir}/%{pkg_name}/modules/lib99_welcome_plugin.so %{_libdir}/%{pkg_name}/modules/libfs_compress.so ++++++ dovecot-2.3-pigeonhole-0.5.1.tar.gz -> dovecot-2.3-pigeonhole-0.5.2.tar.gz ++++++ ++++ 5273 lines of diff (skipped) ++++++ dovecot-2.3.0-better_ssl_defaults.patch ++++++ --- /var/tmp/diff_new_pack.XyOzdC/_old 2018-07-09 13:31:15.386500808 +0200 +++ /var/tmp/diff_new_pack.XyOzdC/_new 2018-07-09 13:31:15.386500808 +0200 @@ -1,7 +1,7 @@ -Index: dovecot-2.3.0.rc1/doc/example-config/conf.d/10-ssl.conf +Index: dovecot-2.3.2/doc/example-config/conf.d/10-ssl.conf =================================================================== ---- dovecot-2.3.0.rc1.orig/doc/example-config/conf.d/10-ssl.conf -+++ dovecot-2.3.0.rc1/doc/example-config/conf.d/10-ssl.conf +--- dovecot-2.3.2.orig/doc/example-config/conf.d/10-ssl.conf ++++ dovecot-2.3.2/doc/example-config/conf.d/10-ssl.conf @@ -9,8 +9,8 @@ # dropping root privileges, so keep the key file unreadable by anyone but # root. Included doc/mkcert.sh can be used to easily generate self-signed @@ -34,13 +34,13 @@ # no_ticket - Disable SSL session tickets. #ssl_options = +ssl_options = no_compression -Index: dovecot-2.3.0.rc1/src/lib-master/master-service-ssl-settings.c +Index: dovecot-2.3.2/src/lib-master/master-service-ssl-settings.c =================================================================== ---- dovecot-2.3.0.rc1.orig/src/lib-master/master-service-ssl-settings.c -+++ dovecot-2.3.0.rc1/src/lib-master/master-service-ssl-settings.c -@@ -55,7 +55,7 @@ static const struct master_service_ssl_s - .ssl_client_ca_file = "", - .ssl_client_ca_dir = "", +--- dovecot-2.3.2.orig/src/lib-master/master-service-ssl-settings.c ++++ dovecot-2.3.2/src/lib-master/master-service-ssl-settings.c +@@ -59,7 +59,7 @@ static const struct master_service_ssl_s + .ssl_client_cert = "", + .ssl_client_key = "", .ssl_dh = "", - .ssl_cipher_list = "ALL:!kRSA:!SRP:!kDHd:!DSS:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK:!RC4:!ADH:!LOW@STRENGTH", + .ssl_cipher_list = "ALL:!LOW:!SSLv2:!EXP:!aNULL:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK:!RC4:!ADH:!LOW@STRENGTH", ++++++ dovecot-2.3-pigeonhole-0.5.1.tar.gz -> dovecot-2.3.2.tar.gz ++++++ /work/SRC/openSUSE:Factory/dovecot23/dovecot-2.3-pigeonhole-0.5.1.tar.gz /work/SRC/openSUSE:Factory/.dovecot23.new/dovecot-2.3.2.tar.gz differ: char 5, line 1