./mail/dovecot2-sqlite, Secure IMAP and POP3 server (sqlite plugin)

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: pkgsrc-2017Q1, Version: 2.2.29.1, Package name: dovecot-sqlite-2.2.29.1, Maintainer: adam

Dovecot is an open source IMAP and POP3 server for Linux/UNIX-like systems,
written with security primarily in mind. This package contains the SQLite
backend plugins.


Required to run:
[mail/dovecot2] [archivers/lz4]

Required to build:
[pkgtools/cwrappers]

Master sites:

SHA1: b9fab821e50337919ac617f1bb9d72e9aa9e8778
RMD160: 3fcfb72df0debe90fe7b7bd7bb98e8bba210857d
Filesize: 5832.147 KB

Version history: (Expand)


CVS history: (Expand)


   2017-04-13 17:04:31 by Benny Siegert | Files touched by this commit (4)
Log message:
Pullup ticket #5274 - requested by taca
mail/dovecot2: security fix
mail/dovecot2-sqlite: security fix

Revisions pulled up:
- mail/dovecot2-sqlite/Makefile                                 1.5
- mail/dovecot2/Makefile.common                                 1.6
- mail/dovecot2/PLIST                                           1.53
- mail/dovecot2/distinfo                                        1.72

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Thu Apr 13 01:59:08 UTC 2017

   Modified Files:
   	pkgsrc/mail/dovecot2: Makefile.common PLIST distinfo
   	pkgsrc/mail/dovecot2-sqlite: Makefile

   Log message:
   Update dovecot2 to 2.2.29.1.  This release contains security fixes.

   v2.2.29.1 2017-04-12  Timo Sirainen <tss@iki.fi>

   	- imapc reconnection fix was forgotten from 2.2.29 release, which also
   	  made "make check" fail in a unit test
   	- dict-sql: Merging multiple UPDATEs to a single statement wasn't
   	  actually working.
   	- Fixed building with vpopmail

   v2.2.29 2017-04-10  Timo Sirainen <tss@iki.fi>

   	* passdb/userdb dict: Don't double-expand %variables in keys. If dict
   	  was used as the authentication passdb, using specially crafted
   	  %variables in the username could be used to cause DoS (CVE-2017-2669)
   	* When Dovecot encounters an internal error, it logs the real error and
   	  usually logs another line saying what function failed. Previously the
   	  second log line's error message was a rather uninformative "Internal
   	  error occurred. Refer to server log for more information." Now the
   	  real error message is duplicated in this second log line.
   	* lmtp: If a delivery has multiple recipients, run autoexpunging only
   	  for the last recipient. This avoids a problem where a long
   	  autoexpunge run causes LMTP client to timeout between the DATA
   	  replies, resulting in duplicate mail deliveries.
   	* config: Don't stop the process due to idling. Otherwise the
   	  configuration is reloaded when the process restarts.
   	* mail_log plugin: Differentiate autoexpunges from regular expunges
   	* imapc: Use LOGOUT to cleanly disconnect from server.
   	* lib-http: Internal status codes (>9000) are no longer visible in logs
   	* director: Log vhost count changes and HOST-UP/DOWNte autoexpunges from \ 
regular expunges
   	* imapc: Use LOGOUT to cleanly disconnect from server.
   	* lib-http: Internal status codes (>9000) are no longer visible in logs
   	* director: Log vhost count changes and HOST-UP/DOWN

   + quota: Add plugin { quota_max_mail_size } setting to limit the
   	  maximum individual mail size that can be saved.
   	+ imapc: Add imapc_features=delay-login. If set, connecting to the
   	  remote IMAP server isn't done until it's necessary.
   	+ imapc: Add imapc_connection_retry_count and
   	  imapc_connection_retry_interval settings.
   	+ imap, pop3, indexer-worker: Add (deinit) to process title before
   	  autoexpunging runs.
   + Added %{encrypt} and %{decrypt} variables
   	+ imap/pop3 proxy: Log proxy state in errors as human-readable string.
   	+ imap/pop3-login: All forward_* extra fields returned by passdb are
   	  sent to the next hop when proxying using ID/XCLIENT commands. On the
   	  receiving side these fields are imported and sent to auth process
   	  where they're accessible via %{passdb:forward_*}. This is done only
   	  if the sending IP address matches login_trusted_networks.
   	+ imap-login: If imap_id_retain=yes, send the IMAP ID string to
   	  auth process. %{client_id} expands to it in auth process. The ID
   	  string is also sent to the next hop when proxying.
   	+ passdb imap: Use ssl_client_ca_* settings for CA validation.
   	- fts-tika: Fixed crash when parsing attachment without
   	  Content-Disposition header. Broken by 2.2.28.
   	- trash plugin was broken in 2.2.28
   	- auth: When passdb/userdb lookups were done via auth-workers, too much
   	  data was added to auth cache. This could have resulted in wrong
   	  replies when using multiple passdbs/userdbs.
   	- auth: passdb { skip & mechanisms } were ignored for the first passdb
   	- oauth2: Various fixes, including fixes to crashes
   	- dsync: Large Sieve scripts (or other large metadata) weren't always
   	  synced.
   - Index rebuild (e.g. doveadm force-resync) set all mails as \Recent
   	- imap-hibernate: %{userdb:*} wasn't expanded in mail_log_prefix
   	- doveadm: Exit codes weren't preserved when proxying commands via
   	  doveadm-server. Almost all errors used exit code 75 (tempfail).
   	- ACLs weren't applied to not-yet-existing autocreated mailboxes.
   	- Fixed a potential crash when parsing a broken message header.
   	- cassandra: Fallback consistency settings weren't working correctly.
   	- doveadm director status <user>: "Initial config" was \ 
always empty
   	- imapc: Various reconnection fixes.