Hello community, here is the log from the commit of package dovecot23 for openSUSE:Factory checked in at 2019-10-17 12:21:18 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/dovecot23 (Old) and /work/SRC/openSUSE:Factory/.dovecot23.new.2352 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "dovecot23" Thu Oct 17 12:21:18 2019 rev:21 rq:738214 version:2.3.8 Changes: -------- --- /work/SRC/openSUSE:Factory/dovecot23/dovecot23.changes 2019-08-29 17:28:07.595262212 +0200 +++ /work/SRC/openSUSE:Factory/.dovecot23.new.2352/dovecot23.changes 2019-10-17 12:21:20.711314403 +0200 @@ -1,0 +2,62 @@ +Tue Oct 8 17:31:00 UTC 2019 - Michael Ströder <mich...@stroeder.com> + +- update to 2.3.8 and pigeonhole to 0.5.8 + + Dovecot 2.3.8 + + Added mail_delivery_started and mail_delivery_finished events, see + https://doc.dovecot.org/admin_manual/list_of_events/ for details. + + dsync-replication: Don't replicate users who have "noreplicate" extra + field in userdb. + + doveadm service status: Show total number of processes created. + + When logging to syslog, use instance_name setting's value for the + ident. This commonly is added as a log prefix. + + Base64 encoding/decoding code was rewritten with additional features. + It shouldn't cause any user visible changes. + - v2.3.7 regression: If a folder only receives new mails without any + other mail access, dovecot.index.log keeps growing forever and + dovecot.index keeps being rewritten for every mail delivery. + - dsync-replication may lose keywords after syncing mails restored from + another replica. This only happened if the mail only had keywords and + no system flags. + - event filters: Non-textual event fields could not be filtered using + wildcards. + - auth: Scope parameter was missing from OAuth password grant + request. + - doveadm client-server communication may hang in some situations. + It is also using unnecessarily small TCP/IP packet sizes. + - doveadm who and kick did not flush protocol output correctly. + - imap: SETMETADATA with literal value would delete the metadata value + instead of updating it. + - imap: When client issues FETCH PREVIEW (LAZY=FUZZY) command, the + caching decisions should be updated so that newly saved mails will + have the preview cached. + - With mail_nfs_index=yes and/or mail_nfs_storage=yes setuid/setgid + permission bits in some files may have become dropped with some NFS + servers. Changed NFS flushing to now use chmod() instead of chown(). + - quota: warnings did not work if quota root was noenforcing + - acl: Global ACL file ignored the last line if it didn't end with LF. + - doveadm stats dump: With JSON formatter output numbers using the + number type instead of as strings + - lmtp_proxy: Ensure that real_* variables are correctly set when using + lmtp_proxy. + - event exporter: http-post driver had hardcoded timeout and did not + support DNS lookups or TLS connections. + - auth: Fix user iteration to work with userdb passwd with glibc v2.28. + - auth: auth service can crash if auth-policy JSON response is invalid + or returned too fast. + - In some rare situations "ps" output could have shown a lot of "?" + characters after Dovecot process titles. + - When dovecot.index.pvt is empty, an unnecessary error is logged: + Error: .../dovecot.index.pvt reset, view is now inconsistent + - SMTP address encoder duplicated initial double quote character when + the localpart of an address ended in '..'. For example + "user...@example.com" became ""user+.."@example.com in a + sieve redirect. + + Pigeonhole 0.5.8 + - Sieve may leak resources in rare cases when a redirect, vacation or + report action fails to send the message. This mainly applies when + Sieve is executed in IMAP context; i.e., for the IMAPSIEVE or + FILTER=SIEVE capabilities. + +------------------------------------------------------------------- Old: ---- dovecot-2.3-pigeonhole-0.5.7.2.tar.gz dovecot-2.3-pigeonhole-0.5.7.2.tar.gz.sig dovecot-2.3.7.2.tar.gz dovecot-2.3.7.2.tar.gz.sig New: ---- dovecot-2.3-pigeonhole-0.5.8.tar.gz dovecot-2.3-pigeonhole-0.5.8.tar.gz.sig dovecot-2.3.8.tar.gz dovecot-2.3.8.tar.gz.sig ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ dovecot23.spec ++++++ --- /var/tmp/diff_new_pack.Fa3VHo/_old 2019-10-17 12:21:21.695311935 +0200 +++ /var/tmp/diff_new_pack.Fa3VHo/_new 2019-10-17 12:21:21.699311925 +0200 @@ -17,11 +17,11 @@ Name: dovecot23 -Version: 2.3.7.2 +Version: 2.3.8 Release: 0 %define pkg_name dovecot -%define dovecot_version 2.3.7.2 -%define dovecot_pigeonhole_version 0.5.7.2 +%define dovecot_version 2.3.8 +%define dovecot_pigeonhole_version 0.5.8 %define dovecot_branch 2.3 %define dovecot_pigeonhole_source_dir %{pkg_name}-%{dovecot_branch}-pigeonhole-%{dovecot_pigeonhole_version} %define dovecot_pigeonhole_docdir %{_docdir}/%{pkg_name}/dovecot-pigeonhole @@ -548,6 +548,7 @@ %{_prefix}/lib/%{pkg_name}/doveadm-server %{_prefix}/lib/%{pkg_name}/dovecot-lda %{_prefix}/lib/%{pkg_name}/gdbhelper +%{_prefix}/lib/%{pkg_name}/health-check.sh %{_prefix}/lib/%{pkg_name}/imap %{_prefix}/lib/%{pkg_name}/imap-hibernate %{_prefix}/lib/%{pkg_name}/imap-login ++++++ dovecot-2.3-pigeonhole-0.5.7.2.tar.gz -> dovecot-2.3-pigeonhole-0.5.8.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dovecot-2.3-pigeonhole-0.5.7.2/ChangeLog new/dovecot-2.3-pigeonhole-0.5.8/ChangeLog --- old/dovecot-2.3-pigeonhole-0.5.7.2/ChangeLog 2019-08-26 12:38:11.000000000 +0200 +++ new/dovecot-2.3-pigeonhole-0.5.8/ChangeLog 2019-10-08 10:48:24.000000000 +0200 @@ -1,12 +1,45 @@ -2019-08-23 09:48:58 +0300 Aki Tuomi <aki.tu...@open-xchange.com> (7372921a) +2019-10-08 10:30:48 +0300 Aki Tuomi <aki.tu...@open-xchange.com> (b7b03ba2) - Released 0.5.7.2 + Released v0.5.8 -M NEWS M configure.ac -2019-05-17 10:39:25 +0300 Timo Sirainen <timo.sirai...@open-xchange.com> (4a299840) +2019-09-30 12:15:09 +0300 Aki Tuomi <aki.tu...@open-xchange.com> (8eaf80bb) + + Update news for v0.5.8 release + + +M NEWS + +2019-07-09 22:39:35 +0200 Stephan Bosch <stephan.bo...@open-xchange.com> (cb9698f6) + + lib-sieve: plugins: vnd.dovecot: report: cmd-report - Fix resource leak + occurring when the SMTP submission fails. + + Properly abort the SMTP transaction upon failure. + +M src/lib-sieve/plugins/vnd.dovecot/report/cmd-report.c + +2019-07-09 22:38:14 +0200 Stephan Bosch <stephan.bo...@open-xchange.com> (485861b7) + + lib-sieve: plugins: vacation: cmd-vacation - Fix resource leak occurring + when the SMTP submission fails. + + Properly abort the SMTP transaction upon failure. + +M src/lib-sieve/plugins/vacation/cmd-vacation.c + +2019-07-09 22:36:15 +0200 Stephan Bosch <stephan.bo...@open-xchange.com> (f5aa0661) + + lib-sieve: cmd-redirect - Fix resource leak occurring when the SMTP + submission fails. + + Properly abort the SMTP transaction upon failure. + +M src/lib-sieve/cmd-redirect.c + +2019-05-17 10:39:25 +0300 Timo Sirainen <timo.sirai...@open-xchange.com> (b46e9731) lib-managesieve: Make sure str_unescape() won't be writing past allocated memory @@ -17,7 +50,7 @@ M src/lib-managesieve/managesieve-parser.c -2019-05-10 19:43:55 +0300 Timo Sirainen <timo.sirai...@open-xchange.com> (7ce9990a) +2019-05-10 19:43:55 +0300 Timo Sirainen <timo.sirai...@open-xchange.com> (ee512c52) lib-managesieve: Don't accept strings with NULs @@ -32,21 +65,14 @@ M src/lib-managesieve/managesieve-parser.c -2019-07-22 14:02:50 +0300 Timo Sirainen <timo.sirai...@open-xchange.com> (db5c74be) - - Released v0.5.7.1 +2019-07-22 13:58:50 +0300 Timo Sirainen <timo.sirai...@open-xchange.com> (e5ffd167) - -M configure.ac - -2019-07-22 13:58:50 +0300 Timo Sirainen <timo.sirai...@open-xchange.com> (fb64268c) - - NEWS: Add news for 0.5.7.1 + NEWS: Add news for 0.5.7 M NEWS -2019-07-17 12:33:09 +0300 Timo Sirainen <timo.sirai...@open-xchange.com> (1d618448) +2019-07-17 12:33:09 +0300 Timo Sirainen <timo.sirai...@open-xchange.com> (a25ab22f) doveadm-sieve: Shared attribute iteration shouldn't list Sieve scripts @@ -54,29 +80,31 @@ M src/plugins/doveadm-sieve/doveadm-sieve-sync.c -2019-07-12 13:23:07 +0300 Aki Tuomi <aki.tu...@open-xchange.com> (5a4e63b5) +2019-07-12 13:17:00 +0300 Aki Tuomi <aki.tu...@open-xchange.com> (437ef6e3) + + Revert "Released 0.5.7" - configure: Update ABI version too + This reverts commit 0091473b0c30fe36404d4c211f3f8aec6c35f66f. - Was forgotten from d4588dbf858b1b97662eca08bce1bd67e6ab6aa8 + Was supposed to be done to a release branch. M configure.ac -2019-07-12 13:13:21 +0300 Aki Tuomi <aki.tu...@open-xchange.com> (d4588dbf) +2019-07-12 13:13:21 +0300 Aki Tuomi <aki.tu...@open-xchange.com> (0091473b) Released 0.5.7 M configure.ac -2019-07-12 13:12:32 +0300 Aki Tuomi <aki.tu...@open-xchange.com> (9b6736a0) +2019-07-12 13:12:32 +0300 Aki Tuomi <aki.tu...@open-xchange.com> (4869316b) NEWS: Add news for 0.5.7 M NEWS -2019-06-18 10:59:24 +0300 Martti Rannanjärvi <martti.rannanja...@open-xchange.com> (08e14e72) +2019-06-18 10:59:24 +0300 Martti Rannanjärvi <martti.rannanja...@open-xchange.com> (f2eb2806) lib-sieve: Expand SMTP_ADDRESS_LITERAL() macro @@ -85,7 +113,7 @@ M src/lib-sieve/sieve-config.h M src/lib-sieve/sieve-message.c -2019-06-18 10:56:11 +0300 Martti Rannanjärvi <martti.rannanja...@open-xchange.com> (1cd2a887) +2019-06-18 10:56:11 +0300 Martti Rannanjärvi <martti.rannanja...@open-xchange.com> (d11caef1) testsuite: Fix invalid compound literal use @@ -94,7 +122,7 @@ M src/testsuite/testsuite-message.c -2019-06-18 10:40:52 +0300 Martti Rannanjärvi <martti.rannanja...@open-xchange.com> (88ee6b81) +2019-06-18 10:40:52 +0300 Martti Rannanjärvi <martti.rannanja...@open-xchange.com> (f4344d47) testsuite: Expand SMTP_ADDRESS_LITERAL() macro @@ -102,7 +130,7 @@ M src/testsuite/testsuite-message.c -2019-06-17 23:26:25 +0300 Martti Rannanjärvi <martti.rannanja...@open-xchange.com> (98b44bc3) +2019-06-17 23:26:25 +0300 Martti Rannanjärvi <martti.rannanja...@open-xchange.com> (8a396da0) lib-sieve: storage: file: sieve-file-storage-save - Fix error message to include the intended path value rather than NULL. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dovecot-2.3-pigeonhole-0.5.7.2/NEWS new/dovecot-2.3-pigeonhole-0.5.8/NEWS --- old/dovecot-2.3-pigeonhole-0.5.7.2/NEWS 2019-08-26 12:38:00.000000000 +0200 +++ new/dovecot-2.3-pigeonhole-0.5.8/NEWS 2019-10-08 10:48:13.000000000 +0200 @@ -1,8 +1,9 @@ -v0.5.7.2 2019-08-28 Aki Tuomi <aki.tu...@open-xchange.com> +v0.5.8 2019-10-08 Aki Tuomi <aki.tu...@open-xchange.com> - * CVE-2019-11500: ManageSieve protocol parser does not properly handle - NUL byte when scanning data in quoted strings, leading to out of - bounds heap memory writes. Found by Nick Roessler and Rafi Rubin. + - Sieve may leak resources in rare cases when a redirect, vacation or + report action fails to send the message. This mainly applies when + Sieve is executed in IMAP context; i.e., for the IMAPSIEVE or + FILTER=SIEVE capabilities. v0.5.7.1 2019-07-23 Timo Sirainen <timo.sirai...@open-xchange.com> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dovecot-2.3-pigeonhole-0.5.7.2/configure new/dovecot-2.3-pigeonhole-0.5.8/configure --- old/dovecot-2.3-pigeonhole-0.5.7.2/configure 2019-08-26 12:38:05.000000000 +0200 +++ new/dovecot-2.3-pigeonhole-0.5.8/configure 2019-10-08 10:48:19.000000000 +0200 @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for Pigeonhole 0.5.7.2. +# Generated by GNU Autoconf 2.69 for Pigeonhole 0.5.8. # # Report bugs to <dove...@dovecot.org>. # @@ -590,8 +590,8 @@ # Identity of this package. PACKAGE_NAME='Pigeonhole' PACKAGE_TARNAME='dovecot-2.3-pigeonhole' -PACKAGE_VERSION='0.5.7.2' -PACKAGE_STRING='Pigeonhole 0.5.7.2' +PACKAGE_VERSION='0.5.8' +PACKAGE_STRING='Pigeonhole 0.5.8' PACKAGE_BUGREPORT='dove...@dovecot.org' PACKAGE_URL='' @@ -1413,7 +1413,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures Pigeonhole 0.5.7.2 to adapt to many kinds of systems. +\`configure' configures Pigeonhole 0.5.8 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1485,7 +1485,7 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of Pigeonhole 0.5.7.2:";; + short | recursive ) echo "Configuration of Pigeonhole 0.5.8:";; esac cat <<\_ACEOF @@ -1610,7 +1610,7 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -Pigeonhole configure 0.5.7.2 +Pigeonhole configure 0.5.8 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -1979,7 +1979,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by Pigeonhole $as_me 0.5.7.2, which was +It was created by Pigeonhole $as_me 0.5.8, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -2329,7 +2329,7 @@ cat >>confdefs.h <<_ACEOF -#define PIGEONHOLE_ABI_VERSION "0.5.ABIv7($PACKAGE_VERSION)" +#define PIGEONHOLE_ABI_VERSION "0.5.ABIv8($PACKAGE_VERSION)" _ACEOF @@ -2869,7 +2869,7 @@ # Define the identity of the package. PACKAGE='dovecot-2.3-pigeonhole' - VERSION='0.5.7.2' + VERSION='0.5.8' # Some tools Automake needs. @@ -13907,7 +13907,7 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by Pigeonhole $as_me 0.5.7.2, which was +This file was extended by Pigeonhole $as_me 0.5.8, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -13973,7 +13973,7 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -Pigeonhole config.status 0.5.7.2 +Pigeonhole config.status 0.5.8 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dovecot-2.3-pigeonhole-0.5.7.2/configure.ac new/dovecot-2.3-pigeonhole-0.5.8/configure.ac --- old/dovecot-2.3-pigeonhole-0.5.7.2/configure.ac 2019-08-26 12:38:00.000000000 +0200 +++ new/dovecot-2.3-pigeonhole-0.5.8/configure.ac 2019-10-08 10:48:14.000000000 +0200 @@ -2,8 +2,8 @@ # Be sure to update ABI version also if anything changes that might require # recompiling plugins. Most importantly that means if any structs are changed. -AC_INIT([Pigeonhole], [0.5.7.2], [dove...@dovecot.org], [dovecot-2.3-pigeonhole]) -AC_DEFINE_UNQUOTED([PIGEONHOLE_ABI_VERSION], "0.5.ABIv7($PACKAGE_VERSION)", [Pigeonhole ABI version]) +AC_INIT([Pigeonhole], [0.5.8], [dove...@dovecot.org], [dovecot-2.3-pigeonhole]) +AC_DEFINE_UNQUOTED([PIGEONHOLE_ABI_VERSION], "0.5.ABIv8($PACKAGE_VERSION)", [Pigeonhole ABI version]) AC_CONFIG_AUX_DIR([.]) AC_CONFIG_SRCDIR([src]) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dovecot-2.3-pigeonhole-0.5.7.2/pigeonhole-version.h new/dovecot-2.3-pigeonhole-0.5.8/pigeonhole-version.h --- old/dovecot-2.3-pigeonhole-0.5.7.2/pigeonhole-version.h 2019-08-26 12:38:11.000000000 +0200 +++ new/dovecot-2.3-pigeonhole-0.5.8/pigeonhole-version.h 2019-10-08 10:48:24.000000000 +0200 @@ -1,6 +1,6 @@ #ifndef PIGEONHOLE_VERSION_H #define PIGEONHOLE_VERSION_H -#define PIGEONHOLE_VERSION_FULL PIGEONHOLE_VERSION" (7372921a)" +#define PIGEONHOLE_VERSION_FULL PIGEONHOLE_VERSION" (b7b03ba2)" #endif /* PIGEONHOLE_VERSION_H */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dovecot-2.3-pigeonhole-0.5.7.2/src/lib-sieve/cmd-redirect.c new/dovecot-2.3-pigeonhole-0.5.8/src/lib-sieve/cmd-redirect.c --- old/dovecot-2.3-pigeonhole-0.5.7.2/src/lib-sieve/cmd-redirect.c 2019-08-26 12:38:00.000000000 +0200 +++ new/dovecot-2.3-pigeonhole-0.5.8/src/lib-sieve/cmd-redirect.c 2019-10-08 10:48:14.000000000 +0200 @@ -382,6 +382,7 @@ i_stream_get_name(input), i_stream_get_error(input)); i_stream_unref(&input); + sieve_smtp_abort(sctx); return SIEVE_EXEC_TEMP_FAILURE; } i_stream_unref(&input); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dovecot-2.3-pigeonhole-0.5.7.2/src/lib-sieve/plugins/vacation/cmd-vacation.c new/dovecot-2.3-pigeonhole-0.5.8/src/lib-sieve/plugins/vacation/cmd-vacation.c --- old/dovecot-2.3-pigeonhole-0.5.7.2/src/lib-sieve/plugins/vacation/cmd-vacation.c 2019-08-26 12:38:00.000000000 +0200 +++ new/dovecot-2.3-pigeonhole-0.5.8/src/lib-sieve/plugins/vacation/cmd-vacation.c 2019-10-08 10:48:14.000000000 +0200 @@ -1080,6 +1080,7 @@ if ( (ret=mail_get_first_header (msgdata->mail, "references", &header)) < 0 ) { + sieve_smtp_abort(sctx); return sieve_result_mail_error(aenv, msgdata->mail, "vacation action: " "failed to read header field `references'"); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dovecot-2.3-pigeonhole-0.5.7.2/src/lib-sieve/plugins/vnd.dovecot/report/cmd-report.c new/dovecot-2.3-pigeonhole-0.5.8/src/lib-sieve/plugins/vnd.dovecot/report/cmd-report.c --- old/dovecot-2.3-pigeonhole-0.5.7.2/src/lib-sieve/plugins/vnd.dovecot/report/cmd-report.c 2019-08-26 12:38:00.000000000 +0200 +++ new/dovecot-2.3-pigeonhole-0.5.8/src/lib-sieve/plugins/vnd.dovecot/report/cmd-report.c 2019-10-08 10:48:14.000000000 +0200 @@ -608,6 +608,7 @@ i_stream_ref(input); } if (ret < 0) { + sieve_smtp_abort(sctx); return sieve_result_mail_error(aenv, msgdata->mail, "report action: failed to read input message"); } @@ -622,6 +623,7 @@ i_stream_get_name(input), i_stream_get_error(input)); i_stream_unref(&input); + sieve_smtp_abort(sctx); return SIEVE_EXEC_OK; } i_stream_unref(&input); ++++++ dovecot-2.3-pigeonhole-0.5.7.2.tar.gz -> dovecot-2.3.8.tar.gz ++++++ /work/SRC/openSUSE:Factory/dovecot23/dovecot-2.3-pigeonhole-0.5.7.2.tar.gz /work/SRC/openSUSE:Factory/.dovecot23.new.2352/dovecot-2.3.8.tar.gz differ: char 5, line 1