Log message:
Update to Dovecot 1.1rc3.  From the release announcement mail:

Note that the changes for the security hole fix were quite large. I
tested with several auth configurations myself and they seemed to work,
but it's possible I left a bug somewhere in there breaking someone's
configuration. So make sure to test that it works after upgrading.

Of course it would be really nice if Dovecot had a proper test suite
where testing all configurations could be automated and run before each
release. I've already started this with my imaptest tool
(http://imapwiki.org/ImapTest), but it only does IMAP tests and a lot of
things are still missing. Some help would be nice here.

	* Fixed a security hole in blocking passdbs (MySQL always. PAM, passwd
	  and shadow if blocking=yes) where user could specify extra fields
	  in the password. The main problem here is when specifying
	  "skip_password_check" introduced in v1.0.11 for fixing master user
	  logins, allowing the user to log in as anyone without a valid
	  password.

	- mail_privileged_group was broken in some systems (OS X, Solaris?)
	- IMAP THREAD: Fixed some correctness problems

Log message:
Update to Dovecot 1.1rc2.

Changes since rc1:

	* mail_extra_groups setting was commonly used insecurely. This setting
	  is now deprecated. Most users should switch to using
	  mail_privileged_group setting, but if you really need the old
	  functionality use mail_access_groups instead.

	+ Expire plugin now supports wildcards in mailbox names.
	+ dbox: Expire plugin supports moving old mails to alternative
	  dbox directory
	+ Maildir++ quota: quota_rule=?:<rule> specifies a default rule
	  which is used only if the maildirsize file doesn't exist.
	+ If SSL/TLS connection isn't closed cleanly, log the last error
	  in the disconnection line.
	+ EXPUNGE: If new \Deleted messages were found while expunging,
	  do it again and expunge them as well (Outlook workaround)
	- IMAP: SEARCH, LIST and THREAD command correctness fixes
	- Maildir++ quota: Quota rules and warnings with % rules didn't work
	  if the default limits were taken from maildirsize file.
	- Maildir++ quota: If both byte and message limits weren't specified,
	  maildirsize file was recalculated all the time
	- mbox: Flag and keyword updates may have gotten lost in some
	  situations (happens with v1.0 too)
	- ldap: Don't crash if userdb lookup fails
	- Squat fixes and performance improvements

Things left to do for v1.1.0:

 - dbox has a metadata corruption bug, find and fix it
 - Squat has some locking issues that causes errors when stress testing
with multiple connections
 - Squat doesn't do NFS cache flushing and has some other NFS problems.

Log message:
Update to Dovecot 1.1rc1.

Finally the first v1.1 release candidate. Please test so we can have a
fully stable v1.1.0 release. v1.1.betas are already running in a few
large installations, so I don't expect there to be many bugs left.

There are no release critical bugs left and no known crash bugs. There
are a few issues I'd like to fix before v1.1.0, but I don't expect to
have more than 3-5 release candidates this time (certainly much less
than 31 anyway..)

Changes since beta16:

 - ioloop defaults now to best one availablable instead of poll
 - IMAP SEARCH correctness fixes
 - Fixed proxy_maybe handling with caching and with mysql
 - IMAP: ENVELOPE's subject field now always has TABs changed to spaces
 - Some crashfixes

Log message:
Update to Dovecot 1.1beta16, and bump the API_DEPENDS version to it.

>From the release announcement mail:

If all goes well, I'll release v1.1.rc1 in a couple of days. Now's a good time
to start testing v1.1 :)

Changes since beta15:

 - Squat is finally working and supports expunging messages from it.  I've been
   stress testing it and can't find any problems anymore.
 - Some index/cache crashfixes

TODO for v1.1.0:

 - mbox: We write From_-lines to message bodies unescaped and assume
   Content-Length: header allows us to skip over them. This probably worked in
   v0.99, but got broken when mbox code was rewritten for v1.0. This should be
   fixed somehow.
 - dbox: fsync()ing isn't done for saved messages.
 - maildir: after rename()ing files from tmp/ to new/ we should probably
   fsync() the new/ directory.
 - Squat: NFS support. Check/fix a potential locking problem.
 - Lucene: It gives all kinds of locking errors which cause other problems.
   Maybe Dovecot should do the locking itself so Lucene never needs to wait for
   locks? Has anyone here used Lucene before and knows about these issues?

Log message:
Update to Dovecot 1.1beta15.

Changes in beta14:

Pretty much the same things are in TODO for v1.1.rc1 as there were in beta13.
But there are quite a lot of other changes:

 - Added proxy_maybe setting. If the returned IP/port/user points to ourself,
   log in normally. Otherwise proxy to the IP.
 - Added quota_exceeded_message setting for quota plugin. Add it to plugin {}
   for global, or protocol lda {} for deliver-only.
 - mysql: default_file and default_group settings (by Luca Longinotti)
 - Timeout handling rewritten using a priority queue (heap). Dovecot should now
   be able to handle lots of timeouts quite fast.
 - Using the new timeout changes several places in code have been changed from
   iterate-through-objects-in-one-timeout to timeout-per-object. This means
   that there are no longer timeouts triggering every couple of seconds for no
   reason. dovecot master and dovecot-auth processes haven't been changed yet.
 - deliver without -d parameter: if $USER and $HOME exists, don't do getpwuid()
   lookup.
 - Maildir locking fix
 - Index file performance fixes
 - Don't allow RENAME box box/child. It breaks some clients (which do it
   themselves..) and there's really no reason to allow it.
 - Quota warnings were broken
 - Maildir quota didn't use limits from maildirsize if no quota rules were
   specified

I'm also thinking about getting rid of the "time moved backwards" error and
change it to a warning. First I'd just need to fix the timeout handling code to
handle time jumps and then verify that all timestamp comparisons can handle it
correctly.

Also besides warning about "time moved backwards" it should warn about \ 
"time
moved forwards a lot" where "lot" is probably something like a \ 
minute. That
could cause problems with dotlocks just the same as time moving backwards.

Changes in beta15:

 - If dovecot master kills itself, the error message is now written to a file
   in base_dir as well as to log file. When Dovecot starts the next time it
   shows this error message to user and asks to look into error log file. I'm
   hoping this will reduce "why dovecot exits silently after starting it?"
   questions.
 - LDAP: Added tls_* settings for using TLS with OpenLDAP.
 - POP3-only users shouldn't get dovecot.index.cache files created anymore when
   quota plugin is used
 - Fixed/optimized handling pipelined commands
 - rawlog: added -b parameter to log packet boundaries.
 - auth: %a and %b were broken

Log message:
Per the process outlined in revbump(1), perform a recursive revbump
on packages that are affected by the switch from the openssl 0.9.7
branch to the 0.9.8 branch. ok jlam@

Log message:
Add MESSAGE file with pointer to 1.0->1.1 upgrade notes.

Log message:
pkglint.

Log message:
Update to Dovecot 1.1beta13.

Changes since beta12:

 - Half of LDAP code was rewritten to fix reconnect/queuing problems. I did
   test that the new code works with and without auth binds, but be careful.
 - \Recent flags should finally work correctly with maildir.
 - last_used field wasn't updated for cache fields that were permanently
   cached. This caused them to be dropped after a month.

TODO for RC1:

 - When pipelining commands, do only one sync after all of them. Besides
   improving performance, this fixes some rare problems when multiple commands
   are running simultaneously.
 - SEARCH/SORT: Replace invalid input with unicode "replacement character"
   instead of just skipping it.
 - Squat: Handle expunges. NFS support.
 - Fix Lucene support.

Log message:
Update to Dovecot 1.1beta12.

This release fixes a lot of bugs and adds some new sanity checks. Fixes
quite a lot of mbox problems.

v1.1.beta11 (no other versions) had a potential security hole where
memory was free()d multiple times.

\Recent flags should work perfectly now with mbox. Still somewhat broken
with maildir.