Commit Graph

348 Commits

Author SHA1 Message Date
Michal Hlavinka
627140a00c dovecot updated to 2.2.29
fts-tika: Fixed crash when parsing attachment without
  Content-Disposition header. Broken by 2.2.28.
trash plugin was broken in 2.2.28
auth: When passdb/userdb lookups were done via auth-workers, too much
  data was added to auth cache. This could have resulted in wrong
  replies when using multiple passdbs/userdbs.
auth: passdb { skip & mechanisms } were ignored for the first passdb
oauth2: Various fixes, including fixes to crashes
dsync: Large Sieve scripts (or other large metadata) weren't always
  synced.
Index rebuild (e.g. doveadm force-resync) set all mails as \Recent
imap-hibernate: %{userdb:*} wasn't expanded in mail_log_prefix
doveadm: Exit codes weren't preserved when proxying commands via
  doveadm-server. Almost all errors used exit code 75 (tempfail).
ACLs weren't applied to not-yet-existing autocreated mailboxes.
Fixed a potential crash when parsing a broken message header.
cassandra: Fallback consistency settings weren't working correctly.
doveadm director status <user>: "Initial config" was always empty
imapc: Various reconnection fixes.
2017-04-11 10:32:58 +02:00
Michal Hlavinka
6cde4f186a dovecot updated to 2.2.28, pigeonhole to 0.4.17
auth: Support OAUTHBEARER and XOAUTH2 mechanisms. Also support them
  in lib-dsasl for client side.
imap: SEARCH/SORT may have assert-crashed in
  client_check_command_hangs
imap: FETCH X-MAILBOX may have assert-crashed in virtual mailboxes.
search: Using NOT n:* or NOT UID n:* wasn't handled correctly
fts: fts_autoindex_exclude = \Special-use caused crashes
doveadm-server: Fix leaks and other problems when process is reused
  for multiple requests (service_count != 1)
sdbox: Fix assert-crash on mailbox create race
lda/lmtp: deliver_log_format values weren't entirely correct if Sieve
  was used. especially %{storage_id} was broken.
imapsieve plugin: Fixed assert failure occurring when used with virtual
  mailboxes.
doveadm sieve plugin: Fixed crash when setting Sieve script via attribute's
  string value.
2017-02-27 10:23:36 +01:00
Fedora Release Engineering
60fba238a2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild 2017-02-10 08:34:30 +00:00
Than Ngo
e50e991859 fixed bz#1403760, big endian issue 2016-12-14 17:09:11 +01:00
Michal Hlavinka
3203a05c7d Fixed crash in auth process when auth-policy was configured and
authentication was aborted/failed without a username set.
- director: If two users had different tags but the same hash,
  the users may have been redirected to the wrong tag's hosts.
- Index files may have been thought incorrectly lost, causing
  "Missing middle file seq=.." to be logged and index rebuild.
  This happened more easily with IMAP hibernation enabled.
- Various fixes to restoring state correctly in un-hibernation.
- dovecot.index files were commonly 4 bytes per email too large. This
  is because 3 bytes per email were being wasted that could have been
  used for IMAP keywords.
- Various fixes to handle dovecot.list.index corruption better.
- lib-fts: Fixed assert-crash in address tokenizer with specific input.
- Fixed assert-crash in HTML to text parsing with specific input
  (e.g. for FTS indexing or snippet generation)
- doveadm sync -1: Fixed handling mailbox GUID conflicts.
- sdbox, mdbox: Perform full index rebuild if corruption is detected
  inside lib-index, which runs index fsck.
- quota: Don't skip quota checks when moving mails between different
  quota roots.
- search: Multiple sequence sets or UID sets in search parameters
  weren't handled correctly. They were incorrectly merged together.
2016-12-05 10:41:59 +01:00
Michal Hlavinka
828b5d8c85 fix remote crash when auth-policy component is activated (CVE-2016-8652,#1401025) 2016-12-02 17:21:11 +01:00
Michal Hlavinka
621a521183 dovecot updated to 2.2.26.0, pigeonhole updated to 0.4.16
- master process's listener socket was leaked to all child processes.
  This might have allowed untrusted processes to capture and prevent
  "doveadm service stop" comands from working.
- login proxy: Fixed crash when outgoing SSL connections were hanging.
- auth: userdb fields weren't passed to auth-workers, so %{userdb:*}
  from previous userdbs didn't work there.
- auth: Fixed auth_bind=yes + sasl_bind=yes to work together
- lmtp: %{userdb:*} variables didn't work in mail_log_prefix
- Fixed writing >2GB to iostream-temp files (used by fs-compress,
  fs-metawrap, doveadm-http)
- fts-solr: Fixed searching multiple mailboxes
- and more...
2016-10-31 16:13:54 +01:00
Michal Hlavinka
4e13d130a0 dovecot updated to 2.2.25
- doveadm backup was sometimes deleting entire mailboxes unnecessarily.
- doveadm: Command -parameters weren't being sent to doveadm-server.
- if dovecot.index read failed e.g. because mmap() reached VSZ limit,
  an empty index could have been opened instead, corrupting the
  mailbox state.
- lazy-expunge: Fixed a crash when copying failed. Various other fixes.
- fts-lucene: Fixed crash on index rescan.
- dict-ldap: Various fixes
- dict-sql: NULL values crashed. Now they're treated as "not found".
2016-07-04 16:16:17 +02:00
Michal Hlavinka
f4c61be70c dovecot updated to 2.2.24
- Huge header lines could have caused Dovecot to use too much memory
- dsync: Detect and handle invalid/stale -s state string better.
- dsync: Fixed crash caused by specific mailbox renames
- auth: Auth cache is now disabled passwd-file.
- fts-tika: Don't crash if it returns 500 error
- dict-redis: Fixed timeout handling
- SEARCH INTHREAD was crashing
- stats: Only a single fifo_listeners was supported, making it impossible to
  use both auth_stats=yes and mail stats plugin.
- SSL errors were logged in separate "Stacked error" log lines instead of as
  part of the disconnection reason.
- MIME body parser didn't handle properly when a child MIME part's --boundary
  had the same prefix as the parent.
- pigeonhole updated to 0.4.14
- extprograms plugin: Fixed epoll() panic caused by closing the output
  FD before the output stream.
- Made sure that the local part of a mail address is encoded properly
  using quoted string syntax when it is not a dot-atom.
2016-04-27 11:27:42 +02:00
Michal Hlavinka
cc37c37fa9 dovecot updated to 2.2.23, pigeonhole updated to 0.4.13
- Various fixes to doveadm. Especially running commands via
  doveadm-server was broken.
- director: Fixed user weakness getting stuck in some situations
- director: Fixed a situation where directors keep re-sending
  different states to each others and never becoming synced.
- director: Fixed assert-crash related to a slow "user killed" reply
- Fixed assert-crash related to istream-concat, which could have
  been triggered at least by a Sieve script.
2016-03-31 17:23:11 +02:00
Michal Hlavinka
437ee22f0c update files section 2016-03-16 15:31:29 +01:00
Michal Hlavinka
8c9abbf261 dovecot updated to 2.2.22
- auth: Auth caching was done too aggressively when %variables were
  used in default_fields, override_fields or LDAP pass/user_attrs.
  userdb result_* were also ignored when user was found from cache.
- imap: Fixed various assert-crashes caused v2.2.20+. Some of them
  caught actual hangs or otherwise unwanted behavior towards IMAP
  clients.
- Expunges were forgotten in some situations, for example when
  pipelining multiple IMAP MOVE commands.
- quota: Per-namespaces quota were broken for dict and count backends
  in v2.2.20+
- fts-solr: Search queries were using OR instead of AND as the
  separator for multi-token search queries in v2.2.20+.
- Single instance storage support wasn't really working in v2.2.16+
- dbox: POP3 message ordering wasn't working correctly.
- virtual plugin: Fixed crashes related to backend mailbox deletions.
2016-03-16 13:58:24 +01:00
Michal Hlavinka
6c7ce94860 pigeonhole updated to 0.4.12
- multiscript: Fixed bug in handling of (implicit) keep; final keep action was
  always executed as though there was a failure.
- managesieve-login: Fixed proxy to allow SASL mechanisms other than PLAIN.
- ldap storage: Prevent segfault occurring when assigning certain (global)
  configuration options.
2016-02-08 16:46:41 +01:00
Dennis Gilmore
c1158c6c59 - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild 2016-02-03 18:57:37 +00:00
Michal Hlavinka
90086d6bb4 update pigeonhole source url 2016-01-29 15:44:21 +01:00
Michal Hlavinka
27efdc43f0 pigeonhole updated to 0.4.11
- Sieve mime extension: Fixed the header :mime :anychild test to work properly
  outside a foreverypart loop.
- Fixed assert failure occurring when text extraction is attempted on a
  empty or broken text part.
- Fixed assert failure in handling of body parts that are converted to text.
- Fixed header unfolding for (mime) headers parsed from any mime part.
- Fixed trimming for (mime) headers parsed from any mime part.
- Fixed erroneous changes to the message part tree structure performed when
  re-parsing the message.
- LDA Sieve plugin: Fixed bug in error handling of script storage initialization
- Fixed duplication of discard actions in the script result.
- Made sure that quota errors never get logged as errors in syslog.
2016-01-28 11:50:38 +01:00
Michal Hlavinka
d792532462 update file list 2015-12-16 14:45:54 +01:00
Michal Hlavinka
dc5e809093 dovecot updated to 2.2.21
- doveadm mailbox list (and some others) were broken in v2.2.20
- director: Fixed making backend changes when running with only a
  single director server.
- virtual plugin: Fixed crash when trying to open nonexistent
  autocreated backend mailbox.
- pigeonhole updated to 0.4.10
- implemented the Sieve mime and foreverypart extensions (RFC 5703).
+ sieve body extension: Properly implemented the `:text' body
  transform. It now extracts text for HTML message parts.
- variables extension: Fixed handling of empty string by the `:length'
  set modifier. An empty string yielded an empty string rather than "0".
- Fixed memory leak in the Sieve script byte code dumping facility.
  Extension contexts were never actually freed.
- doveadm sieve plugin: Fixed crashes caused by incorrect context
  allocation in the sieve command implementations.
2015-12-16 13:27:15 +01:00
Michal Hlavinka
76785b6c24 move ssl initialization from %post to dovecot-init.service 2015-12-08 19:07:07 +01:00
Michal Hlavinka
7fbbaf9773 dovecot updated to 2.2.20
- director: Backend tags weren't working correctly.
- ldap: tls_* settings weren't used for ldaps URIs.
- ldap, mysql: Fixed setting connect timeout.
- auth: userdb lookups via auth-worker couldn't change username
- dsync: Fixed handling deleted directories. Make sure we don't go to
  infinite mailbox renaming loop.
- imap: Fixed crash in NOTIFY when there were watched namespaces that
  didn't support NOTIFY.
- imap: After SETMETADATA was used, various commands (especially FETCH)
  could have started hanging when their output was large.
- stats: Idle sessions weren't refreshed often enough, causing stats
  process to forget them and log errors about unknown sessions when
  they were updated later.
- stats: Fixed "Duplicate session ID" errors when LMTP delivered to
  multiple recipients and fts_autoindex=yes.
- zlib plugin: Fixed copying causing cache corruption when zlib_save
  wasn't set, but the source message was compressed.
- fts-solr: Fixed escaping Solr query parameters.
- lmtp: quota_full_tempfail=yes was ignored with
  lmtp_rcpt_check_quota=yes
2015-12-08 09:38:42 +01:00
Michal Hlavinka
7e0f121e5e dovecot updated to 2.2.19
- mdbox: Rebuilding could have caused message's reference count to
  overflow the 16bit number in some situations, causing problems when
  trying to expunge the duplicates.
- Various search fixes (fts, solr, tika, lib-charset, indexer)
- Various virtual plugin fixes
- Various fixes and optimizations to dsync, imapc and pop3-migration
- imap: Various RFC compliancy and crash fixes to NOTIFY
- pigeonhole updated to 0.4.9
- ManageSieve: Fixed an assert failure occurring when a client
  disconnects during the GETSCRIPT command.
- doveadm sieve plugin: Fixed incorrect initialization (mem leaks) of mail user.
- sieve-filter command line tool: Fixed handling of failure-related
  implicit keep when there is an explicit default destination folder.
- lib-sieve: Fixed bug in RFC5322 header folding.
2015-10-05 13:02:53 +02:00
Michal Hlavinka
e8c10d3eba use the system crypto policy (#1109114) 2015-08-24 17:12:10 +02:00
Michal Hlavinka
c761f78337 fix build for s390x and ppc64 (#1232650) 2015-06-19 13:31:53 +02:00
Dennis Gilmore
65cfd5ffb0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild 2015-06-17 04:21:27 +00:00
Michal Hlavinka
00c784df4e update pigeonhole to 0.4.8
- Fixed problem in address test: erroneously decoded mime-encoded words in
  address headers.
- extprograms plugin: Fixed failure occurring when connecting to script
  service without the need to read back the output from the external program.
- Fixed bug in script storage path normalization occurring with relative
  symbolic links below root.
2015-05-18 10:26:58 +02:00
Michal Hlavinka
554733c72e director: Login UNIX sockets were normally detected as doveadm or
director ring sockets, causing it to break in existing installations.
- sdbox: When copying a mail in alt storage, place the destination to
  alt storage as well.
2015-05-18 09:53:03 +02:00
Michal Hlavinka
407352a4eb director: Login UNIX sockets were normally detected as doveadm or
director ring sockets, causing it to break in existing installations.
- sdbox: When copying a mail in alt storage, place the destination to
  alt storage as well.
2015-05-15 15:19:40 +02:00
Michal Hlavinka
51f4fff5f1 fix CVE-2015-3420: SSL/TLS handshake failures leading to a crash of the login process 2015-04-28 15:43:34 +02:00
Michal Hlavinka
907076b191 update files section 2015-03-16 13:02:49 +01:00
Michal Hlavinka
c4ef51f5aa dovecot updated to 2.2.16
- auth: Don't crash if master user login is attempted without
  any configured master=yes passdbs
- Parsing UTF-8 text for mails could have caused broken results
  sometimes if buffering was split in the middle of a UTF-8 character.
  This affected at least searching messages.
- String sanitization for some logged output wasn't done properly:
  UTF-8 text could have been truncated wrongly or the truncation may
  not have happened at all.
- fts-lucene: Lookups from virtual mailbox consisting of over 32
  physical mailboxes could have caused crashes.
2015-03-16 12:42:18 +01:00
Michal Hlavinka
14512a3359 fix mbox istream crashes (#1189198, #1186504) 2015-02-05 16:50:58 +01:00
Michal Hlavinka
36260035e4 fix crash related to logging BYE notifications (#1176282)
- update pigeonhole to 0.4.6
2015-01-05 09:36:54 +01:00
Michal Hlavinka
a0c43f9f3e dovecot updated to 2.2.15
- various race condition fixes to LAYOUT=index
- v2.2.14 virtual plugin crashed in some situations
2014-10-30 14:03:27 +01:00
Michal Hlavinka
4beaca435e dovecot updated to 2.2.14, pigeonhole updated to 0.4.3
- fixed several race conditions with dovecot.index.cache handling that
  may have caused unnecessary "cache is corrupted" errors.
- auth: If auth client listed userdb and disconnected before finishing,
  the auth worker process got stuck
- imap-login, pop3-login: Fixed potential crashes when client
  disconnected unexpectedly.
- imap proxy: The connection was hanging in some usage patterns.
2014-10-17 15:36:50 +02:00
Michal Hlavinka
fe8db23995 use network-online target instead of just network (#1119814) 2014-08-21 13:48:50 +02:00
Peter Robinson
043dcef9fb - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild 2014-08-16 09:39:50 +00:00
Dennis Gilmore
41f624fc00 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild 2014-06-07 02:59:35 -05:00
Michal Hlavinka
b0e24df588 dovecot updated to 2.2.13
- fixes CVE-2014-3430: denial of service through maxxing out SSL connections
- pop3 server was still crashing in v2.2.12
- maildir: Various fixes and improvements to handling compressed mails
- fts-lucene, fts-solr: Fixed crash on search when the index contained
  duplicate entries.
- mail_attachment_dir: Attachments with the last base64-encoded line
  longer than the rest wasn't handled correctly.
- IMAP: SEARCH/SORT PARTIAL was handled completely wrong in v2.2.11+
- acl: Global ACL file handling was broken when multiple entries
  matched the mailbox name
2014-05-12 17:59:47 +02:00
Michal Hlavinka
fa33e6dd2a el6 build fixes (#1082384) by John Morris 2014-03-31 11:37:31 +02:00
Michal Hlavinka
861e720916 merge review cleanup 2014-03-31 10:37:15 +02:00
Michal Hlavinka
cb3273fa52 make list of man pages a little more abstract 2014-03-26 15:01:50 +01:00
Michal Hlavinka
ccd0cf09e4 dovecot updated to 2.2.12
- fixes pop3 crash
2014-02-14 12:30:11 +01:00
Michal Hlavinka
549444db43 dovecot updated to 2.2.11 - part2 2014-02-13 10:11:34 +01:00
Michal Hlavinka
60ec5304bc pigeonhole is 2.2 branch, not 2.1 2014-01-08 12:07:32 +01:00
Michal Hlavinka
1753244ff8 dovecot updated to 2.2.10
- quota-status: quota_grace was ignored
- ldap: Fixed memory leak with auth_bind=yes and without
  auth_bind_userdn.
- imap: Don't send HIGHESTMODSEQ anymore on SELECT/EXAMINE when
  CONDSTORE/QRESYNC has never before been enabled for the mailbox.
- imap: Fixes to handling mailboxes without permanent modseqs.
  (When [NOMODSEQ] is returned by SELECT, mainly with in-memory
  indexes.)
- imap: Various fixes to METADATA support.
- stats plugin: Processes that only temporarily dropped privileges
  (e.g. indexer-worker) may have been logging errors about not being
  able to open /proc/self/io.
2014-01-02 17:37:29 +01:00
Michal Hlavinka
0c5c743ea0 improved cache file handling exposed several old bugs related to fetching
mail headers.
- iostream handling changes were causing some connections to be disconnected
  before flushing their output
2013-11-25 10:58:30 +01:00
Michal Hlavinka
680863f7be Fixed infinite loop in message parsing if message ends with
"--boundary" and CR (without LF). Messages saved via SMTP/LMTP can't
  trigger this, because messages must end with an "LF.". A user could
  trigger this for him/herself though.
- lmtp: Client was sometimes disconnected before all the output was
  sent to it.
- replicator: Database wasn't being exported to disk every 15 minutes
  as it should have. Instead it was being imported, causing "doveadm
  replicator remove" commands to not work very well.
2013-11-20 17:12:58 +01:00
Michal Hlavinka
3ecaa4f55d fix ostream infinite loop (#1029906) 2013-11-14 17:29:06 +01:00
Michal Hlavinka
7a3fe1431f dovecot updated to 2.2.7
- master process was doing a hostname.domain lookup for each created
  process, which may have caused a lot of unnecessary DNS lookups.
- dsync: Syncing over 100 messages at once caused problems in some
  situations, causing messages to get new UIDs.
- fts-solr: Different Solr hosts for different users didn't work.
2013-11-04 17:08:31 +01:00
Michal Hlavinka
ddae93e1d0 dovecot updated to 2.2.6, pigeonhole updated to 0.4.2
- director: v2.2.5 changes caused "SYNC lost" errors
- dsync: Many fixes and error handling improvements
- doveadm -A: Don't waste CPU by doing a separate config lookup
  for each user
- Long-running ssl-params process no longer prevents Dovecot restart
- mbox: Fixed mailbox_list_index=yes to work correctly
2013-10-01 18:55:23 +02:00