Navigation:
Browse pkgsrc
(this page)| 2008-03-04 08:52:46 by Geert Hendrickx | Files touched by this commit (2) |
Log message: Update to Dovecot 1.0.11. * mail_extra_groups setting was commonly used insecurely. This setting is now deprecated. Most users should switch to using mail_privileged_group setting, but if you really need the old functionality use mail_access_groups instead. - mbox: Dropped some of the physical size fetch optimizations added in v1.0.8. This makes some commands slower, but should fix the rest of the problems. - IMAP: SEARCH BEFORE/ON/SINCE didn't handle timezones correctly. - ldap: auth_bind was doing lookups using subtree scope instead of the scope specified in config file. - zlib plugin crashfixes by Richard Platel - master passdbs: pass=yes setting was broken with blocking passdbs (e.g. MySQL) |
| 2008-01-18 06:08:56 by Tobias Nygren | Files touched by this commit (214) |
Log message: Per the process outlined in revbump(1), perform a recursive revbump on packages that are affected by the switch from the openssl 0.9.7 branch to the 0.9.8 branch. ok jlam@ |
| 2008-01-03 15:06:20 by Geert Hendrickx | Files touched by this commit (2) |
Log message: pkglint. |
| 2008-01-01 21:47:58 by Geert Hendrickx | Files touched by this commit (3) |
Log message: Update to Dovecot 1.0.10. v1.0.8 and v1.0.9 were a bit bad releases. Hopefully one day I've managed to have written a proper test suite which can be run before doing any releases.. * Security hole with LDAP+auth cache: If base setting contained %variables they weren't included in auth cache key, which broke caching. This could have caused different users with same passwords to log in as each other. [pkgsrc: this was fixed in dovecot-1.0.9nb1] - LDAP: Fixed potential infinite looping when connection to LDAP server was lost and there were queued requests. - mbox: More changes to fix problems caused by v1.0.8 and v1.0.9. - Maildir: Fixed a UIDLIST_IS_LOCKED() assert-crash in some conditions (caused by changes in v1.0.9) - If protocols=none, don't require imap executables to exist |
| 2007-12-23 00:12:04 by Geert Hendrickx | Files touched by this commit (3) |
Log message: Fix a possible security hole with LDAP authentication and variables in the LDAP search base, see http://www.dovecot.org/list/dovecot-news/2007-December/000057.html |
| 2007-12-12 14:15:49 by Geert Hendrickx | Files touched by this commit (2) |
Log message: Update to Dovecot 1.0.9. + Maildir: Don't wait on dovecot-uidlist.lock when we just want to find out a new filename for the message. - mbox: v1.0.8 changes sometimes caused FETCH to fail with "got too little data", disconnecting the client. - Fixed a memory leak when FETCHing message header/body multiple times within a command (e.g. BODY[1] BODY[2]) - IMAP: Partial body fetching was still slow with mboxes |
| 2007-11-28 16:11:51 by Geert Hendrickx | Files touched by this commit (3) |
Log message:
Update to Dovecot 1.0.8.
+ Authentication: Added "password_noscheme" field that can be used
instead of "password". "password" treats \
"{prefix}" as a password
scheme while "password_noscheme" treats it as part of the password
itself. So "password_noscheme" should be used if you're storing
passwords as plaintext. Non-plaintext passwords never begin
with "{", so this isn't a problem with them.
- IMAP: Partial body fetching was sometimes non-optimal, causing
the entire message to be read for every FETCH command.
- deliver failed to save the message when envelope sender address
contained spaces.
- Maildir++ quota: We could have randomly recalculated quota when
it wasn't necessary.
- Login process could have crashed after logging in if client sent
data before "OK Logged in" reply was sent (i.e. before master had
replied that login succeeded).
- Don't assert-crash when reading dovecot.index.logs generated by
Dovecot v1.1.
- Authentication: Don't assert-crash if password beings with "{" but
doesn't contain "}".
- Authentication cache didn't work when using settings that changed
the username (e.g. auth_username_format).
|
| 2007-11-23 12:48:56 by Roland Illig | Files touched by this commit (1) |
Log message: The example configuration file has a different name. PKGREVISION++ |
| 2007-10-30 13:04:04 by Geert Hendrickx | Files touched by this commit (2) |
Log message: Update to Dovecot 1.0.7. Almost missed this one. I had already fixed it in v1.1 tree, but forgot to fix in v1.0 tree. - deliver: v1.0.6's "From " line ignoring could have written to a bad location in stack, possibly causing problems. |
| 2007-10-28 13:49:37 by Geert Hendrickx | Files touched by this commit (2) |
Log message: Update to Dovecot 1.0.6. * IDLE: Interval between mailbox change notifies is now 1 second, because some clients keep a long-running IDLE connection and use other connections to actually read the mails. * SORT: If Date: header is missing or broken, fallback to using INTERNALDATE (as the SORT draft nowadays specifies). + deliver: If message begins with a "From " line, ignore it. + zlib plugin: If maildir file has a "Z" flag, open it with zlib. - CREATE: Don't assert-crash if trying to create namespace prefix. - SEARCH: Fixes to handling NOT operator with sequence ranges. - LDAP reconnection fixes - Maildir: Don't break when renaming mailboxes with '*' or '%' characters and children. - mbox: Fixed "file size unexpectedly shrinked" error in some conditions. - quota+mbox: Don't fail if trying to delete a directory. - Fixes to running from inetd |
New packages: