- Fixed problem in address test: erroneously decoded mime-encoded words in
address headers.
- extprograms plugin: Fixed failure occurring when connecting to script
service without the need to read back the output from the external program.
- Fixed bug in script storage path normalization occurring with relative
symbolic links below root.
director ring sockets, causing it to break in existing installations.
- sdbox: When copying a mail in alt storage, place the destination to
alt storage as well.
director ring sockets, causing it to break in existing installations.
- sdbox: When copying a mail in alt storage, place the destination to
alt storage as well.
- auth: Don't crash if master user login is attempted without
any configured master=yes passdbs
- Parsing UTF-8 text for mails could have caused broken results
sometimes if buffering was split in the middle of a UTF-8 character.
This affected at least searching messages.
- String sanitization for some logged output wasn't done properly:
UTF-8 text could have been truncated wrongly or the truncation may
not have happened at all.
- fts-lucene: Lookups from virtual mailbox consisting of over 32
physical mailboxes could have caused crashes.
- fixed several race conditions with dovecot.index.cache handling that
may have caused unnecessary "cache is corrupted" errors.
- auth: If auth client listed userdb and disconnected before finishing,
the auth worker process got stuck
- imap-login, pop3-login: Fixed potential crashes when client
disconnected unexpectedly.
- imap proxy: The connection was hanging in some usage patterns.
- fixes CVE-2014-3430: denial of service through maxxing out SSL connections
- pop3 server was still crashing in v2.2.12
- maildir: Various fixes and improvements to handling compressed mails
- fts-lucene, fts-solr: Fixed crash on search when the index contained
duplicate entries.
- mail_attachment_dir: Attachments with the last base64-encoded line
longer than the rest wasn't handled correctly.
- IMAP: SEARCH/SORT PARTIAL was handled completely wrong in v2.2.11+
- acl: Global ACL file handling was broken when multiple entries
matched the mailbox name
- quota-status: quota_grace was ignored
- ldap: Fixed memory leak with auth_bind=yes and without
auth_bind_userdn.
- imap: Don't send HIGHESTMODSEQ anymore on SELECT/EXAMINE when
CONDSTORE/QRESYNC has never before been enabled for the mailbox.
- imap: Fixes to handling mailboxes without permanent modseqs.
(When [NOMODSEQ] is returned by SELECT, mainly with in-memory
indexes.)
- imap: Various fixes to METADATA support.
- stats plugin: Processes that only temporarily dropped privileges
(e.g. indexer-worker) may have been logging errors about not being
able to open /proc/self/io.
"--boundary" and CR (without LF). Messages saved via SMTP/LMTP can't
trigger this, because messages must end with an "LF.". A user could
trigger this for him/herself though.
- lmtp: Client was sometimes disconnected before all the output was
sent to it.
- replicator: Database wasn't being exported to disk every 15 minutes
as it should have. Instead it was being imported, causing "doveadm
replicator remove" commands to not work very well.
- master process was doing a hostname.domain lookup for each created
process, which may have caused a lot of unnecessary DNS lookups.
- dsync: Syncing over 100 messages at once caused problems in some
situations, causing messages to get new UIDs.
- fts-solr: Different Solr hosts for different users didn't work.
- director: v2.2.5 changes caused "SYNC lost" errors
- dsync: Many fixes and error handling improvements
- doveadm -A: Don't waste CPU by doing a separate config lookup
for each user
- Long-running ssl-params process no longer prevents Dovecot restart
- mbox: Fixed mailbox_list_index=yes to work correctly
- added some missing man pages (by Pascal Volk)
- director: Users near expiration could have been redirected to
different servers at the same time.
- pop3: Avoid assert-crash if client disconnects during LIST.
- mdbox: Corrupted index header still wasn't automatically fixed.
- dsync: Various fixes to work better with imapc and pop3c storages.
- ldap: sasl_bind=yes caused crashes, because Dovecot's lib-sasl
symbols conflicted with Cyrus SASL library.
- imap/pop3 proxy: Master user logins were broken in v2.2.3
- sdbox/mdbox: A corrupted index header with wrong size was never
automatically fixed in v2.2.3.
- mbox: Fixed assert-crashes related to locking.
- IMAP: If subject contained only whitespace, Dovecot returned an
ENVELOPE reply with a huge literal value, effectively causing the
IMAP client to wait for more data forever.
- IMAP: Various URLAUTH fixes.
- imapc: Various bugfixes and improvements
- pop3c: Various fixes to make it work in dsync (without imapc)
- dsync: Fixes to syncing subscriptions. Fixes to syncing mailbox
renames.
- IMAP: Various URLAUTH fixes.
- IMAP: Fixed a hang with invalid APPEND parameters.
- IMAP LIST-EXTENDED: INBOX was never listed with \Subscribed flag.
- mailbox_list_index=yes still caused crashes.
- maildir: Fixed a crash after dovecot-keywords file was re-read.
- maildir: If files had reappeared unexpectedly to a Maildir, they
were ignored until index files were deleted.
- Maildir: Fixed handling over 26 keywords in a mailbox.
- imap/pop3-login proxying: Fixed a crash if TCP connection succeeded,
but the remote login timed out.
Some of the documentation in %docdir (wiki/Migration*.txt) uses perl as
an interpreter, which causes rpmbuild to autogenerate deps on perl.
Filter this out as it's not needed for the main dovecot functionality.
https://bugzilla.redhat.com/show_bug.cgi?id=956194
- Mailbox list indexes weren't using proper file permissions based
on the root directory.
- replicator: doveadm commands and user list export may have skipped
some users.
- Various fixes to mailbox_list_index=yes
- v2.1.11+ had a race condition where it sometimes overwrote data in
dovecot.index.cache file. This could have caused Dovecot to return
the same cached data to two different messages.
- mdbox: Fixes to handling duplicate GUIDs during index rebuild
- lmtp proxy: Fixed hanging if remote server was down.
- doveadm: Various fixes to handling doveadm-server connections.
- auth: passdb imap was broken in v2.1.10.
- director: In some conditions director may have disconnected from
another director (without logging about it), thinking it was sending
invalid data.
- imap: Various fixes to listing mailboxes.
- login processes crashed if there were a lot of local {} or remote {}
settings blocks.
- Full text search indexing might have failed for some messages,
always causing indexer-worker process to run out of memory.
- fts-lucene: Fixed handling SEARCH HEADER FROM/TO/SUBJECT/CC/BCC when
the header wasn't lowercased.
- fts-squat: Fixed crash when searching a virtual mailbox.
- pop3: Fixed assert crash when doing UIDL on empty mailbox on some
setups.
- auth: GSSAPI RFC compliancy and error handling fixes.
- Various fixes related to handling shared namespaces
- imap: Mailbox names were accidentally sent as UTF-8 instead of mUTF-7
in previous v2.1.x releases for STATUS, MYRIGHTS and GETQUOTAROOT commands.
- lmtp proxy: Don't timeout connections too early when mail has a lot of RCPT TOs.
- director: Don't crash if the director is working alone.
- shared mailboxes: Avoid doing "@domain" userdb lookups.
- doveadm: Fixed crash with proxying some commands.
- fts-squat: Fixed handling multiple SEARCH parameters.
- imapc: Fixed a crash when message had more than 8 keywords.
- imapc: Don't crash on APPEND/COPY if server doesn't support UIDPLUS.
- director: Don't crash with quickly disconnecting incoming director
connections.
- mdbox: If mail was originally saved to non-INBOX, and namespace
prefix is non-empty, don't assert-crash when rebuilding indexes.
- sdbox: Don't use more fds than necessary when copying mails.
- auth: Fixed crash with DIGEST-MD5 when attempting to do master user
login without master passdbs.
- Several fixes to mail_shared_explicit_inbox=no
- imapc: Use imapc_list_prefix also for listing subscriptions.
- v2.1.5: Using "~/" as mail_location or elsewhere failed to actually
expand it to home directory.
- dbox: Fixed potential assert-crash when reading dbox files.
- trash plugin: Fixed behavior when quota is already over limit.
- mail_log plugin: Logging "copy" event didn't work.
- Proxying to backend server with SSL: Verifying server certificate
name always failed, because it was compared to an IP address.
expand it to home directory.
- dbox: Fixed potential assert-crash when reading dbox files.
- trash plugin: Fixed behavior when quota is already over limit.
- Proxying to backend server with SSL: Verifying server certificate
name always failed, because it was compared to an IP address.
- director: A lot of fixes and performance improvements
- mbox: Deleting a mailbox didn't delete its index files.
- pop3c: TOP command was sent incorrectly
- trash plugin didn't work properly
- LMTP: Don't add a duplicate Return-Path: header when proxying.
- listescape: Don't unescape namespace prefixes.
- Proxying SSL connections crashed in v2.1.[23]
- fts-solr: Indexing mail bodies was broken.
- director: Several changes to significantly improve error handling
- doveadm import didn't import messages' flags
- mail_full_filesystem_access=yes was broken
- Make sure IMAP clients can't create directories when accessing
nonexistent users' mailboxes via shared namespace.
- Dovecot auth clients authenticating via TCP socket could have failed
with bogus "PID already in use" errors.
- doveadm sync: If mailbox was expunged empty, messages may have
become back instead of also being expunged in the other side.
- imap_id_* settings were ignored before login.
- Several fixes to mailbox_list_index=yes
- Previous v2.1.x didn't log all messages at shutdown.
- acl plugin + autocreated mailboxes crashed when listing mailboxes
- doveadm force-resync: Don't skip autocreated mailboxes (especially
INBOX).
- If process runs out of fds, stop listening for new connections only
temporarily, not permanently (avoids hangs with process_limit=1
services)
- auth: passdb imap crashed for non-login authentication (e.g. smtp).
- dbox: Fixed error handling when saving failed or was aborted
- IMAP: Using COMPRESS extension may have caused assert-crashes
- IMAP: THREAD REFS sometimes returned invalid (0) nodes.
- dsync: Fixed handling non-ASCII characters in mailbox names.
- director: With >2 directors ring syncing might have stalled during
director connect/disconnect, causing logins to fail.
- LMTP client/proxy: Fixed potential hanging when sending (big) mails
- Compressed mails with external attachments (dbox + SIS + zlib) failed
sometimes with bogus "cached message size wrong" errors.
major changes since 2.0.x:
plugins now use UTF-8 mailbox names rather than mUTF-7
auth_username_format default changed to %Lu
solr full text search backend changed to use mailbox GUIDs instead of
mailbox names, requiring reindexing everything
v2.0.14: Index reading could have eaten a lot of memory in some
situations
mbox: Fixed crash during mail delivery when mailbox didn't yet have
GUID assigned to it.
zlib+mbox: Fetching last message from compressed mailboxes crashed.
userdb extra fields can now return name+=value to append to an
existing name
script-login attempted an unnecessary config lookup, which usually
failed with "Permission denied".
lmtp: Fixed parsing quoted strings with spaces as local-part for
MAIL FROM and RCPT TO.
imap: FETCH BODY[HEADER.FIELDS (..)] may have crashed or not
returned all data sometimes.
ldap: Fixed random assert-crashing with with sasl_bind=yes.
Fixes to handling mail chroots
Fixed renaming mailboxes under different parent with FS layout when
using separate ALT, INDEX or CONTROL paths.
zlib: Fixed reading concatenated .gz files.
mdbox purge: Fixed wrong warning about corrupted extrefs.
script-login binary wasn't actually dropping privileges to the
user/group/chroot specified by its service settings.
Fixed potential crashes and other problems when parsing header names
that contained NUL characters.
dsync: More fixes to avoid hanging with remote syncs
dsync: Many other syncing/correctness fixes
doveconf: v2.0.10 and v2.0.11 didn't output plugin {} section right