Accepting request 1111576 from server:mail
- update to 2.3.21 and pigeonhole 0.5.21 OBS-URL: https://build.opensuse.org/request/show/1111576 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/dovecot23?expand=0&rev=52
This commit is contained in:
@@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:ae32bd4870ea2c1328ae09ba206e9ec12128046d6afca52fbbc9ef7f75617c98
|
||||
size 1945126
|
@@ -1,17 +0,0 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQJLBAABCgA1FiEEK+dKqz7nVN+5yA0zGKNIru1AnaEFAmOkCEgXHGRvdmVjb3Qt
|
||||
Y2VAZG92ZWNvdC5vcmcACgkQGKNIru1AnaElYw/+O7hK3Mg7RBygwlw2EuFBfz0Y
|
||||
y+SC2l35ESVPHCd1U8zl7q3gKiahP8Y+knVpmXiytZ1xOfjf3fHROCH8nFQbNKu5
|
||||
U+BeYxuB0b6zJ6+zmptBWr8dkbPZ1gxc8hgbfRM5PMgn+C1uiiJ4YKNDCco1k5h6
|
||||
dj7JsgXpUILPPxFkJaUcGHG7u6BAtS5M6OxtjgTJM6FwjSzZsl5ZkuB/O1wuojrv
|
||||
IJykKbE0fi9diz+CKSyiL8ge5FbxwFxei5jCVB3pAkdNnY9r+DBdOmnjmO2lYFkO
|
||||
4zvkk2uK/zBHnR28DaAwLRziNNdGs/5QnEOGTx8d6XK5irHOdWUZ83H/LdAbhiKs
|
||||
cNT5o0Wx0nnG0g/j6p2Clrmz8cVDuBtqE+Z2qDhHOc6VtEQXTkR4Z+wWNCJwHtCx
|
||||
uws5jCHv9HcI/3AcxpzV99NofD/VJEs7C6Bmv1bhV3N9Rs6cq0KdcJYBSRsmTN4k
|
||||
KBT7nRc4RCRvyiG/nmK6qO9YfGaShfalTXBzCuCcg5KSEC8J20Cv6NZUtXI4xom4
|
||||
buaw657Ss94YGId1dLzhKp7YJMHCNmtN/tIOlQpSls6D9JLCTSIkKNVg7mx5rf92
|
||||
R7Oa9ixWp1YFyX0G9agFBr4De43ATRFvRcUq+EVm8DJ3nx7emVFLFWEXzg7GJzVh
|
||||
znJGpiGYdtsLpLeYHBA=
|
||||
=0YWo
|
||||
-----END PGP SIGNATURE-----
|
3
dovecot-2.3-pigeonhole-0.5.21.tar.gz
Normal file
3
dovecot-2.3-pigeonhole-0.5.21.tar.gz
Normal file
@@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:1ca71d2659076712058a72030288f150b2b076b0306453471c5261498d3ded27
|
||||
size 1955945
|
17
dovecot-2.3-pigeonhole-0.5.21.tar.gz.sig
Normal file
17
dovecot-2.3-pigeonhole-0.5.21.tar.gz.sig
Normal file
@@ -0,0 +1,17 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQJLBAABCgA1FiEEK+dKqz7nVN+5yA0zGKNIru1AnaEFAmUD/LgXHGRvdmVjb3Qt
|
||||
Y2VAZG92ZWNvdC5vcmcACgkQGKNIru1AnaEOrw//XMtJvAS4s+6VIJ1faAQFztKS
|
||||
8lo3e6dd+EHKEMz70mXu/5tdEQS7JkiN+9O6CbjNY0+/zHmYmXXXiVCvldpSqDhe
|
||||
9c2mIOeAg0C2EVY5Qf/RJ940ByF4Kd/ulUY6exaUycJkUccNEYgBGVWOnIwNDlV/
|
||||
hCLlJy1540nApo7ys9XVh3+WO2I3a8xVm5cRug6j0FD93rhmWc7dpeCe40j7xz0q
|
||||
pMKGbGlQueRgeZ1NO7Qp+9ZIVyy9xIZIuNt13GwhD830ObpE2aGFfW6yxdmIRrgK
|
||||
/wIp+fzdMbPLNbtmCdh1NXz88zC6KbEII1rHaL/KejK7XtOkzR06yOJYr/tgJN+s
|
||||
BnWGQbCAVfBUMWdnvzgs0nTgzqattlXPqoD1v3TkMYXKYcf9Tow9RGNaDk0DXGCH
|
||||
bx3+oBkfjUEvxDU7td4F7DMVjBQZpwhNA/TiGraabtPQKfR4zFcYQUyw3T3G+Rv3
|
||||
PZ32mTmC9TTN5blTxamvsrK2SpFT3uXm1ch019228pul0DtcvjcdZFgkyWl3I0Xy
|
||||
Na/GEPlVodVVTx0cAGbUCeS6Ja3UG9Le4KjfYOEQ8gBeo5dD4/hrs0ZXHBri7XcW
|
||||
0ackeYB4JrSDALumjbHTRL+vo9d0FbtpkxBq9RMXM/xVqMpzfSo3Ac3bViBh05pX
|
||||
BXYU8Uy5LU0VjN7FpOI=
|
||||
=a386
|
||||
-----END PGP SIGNATURE-----
|
@@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:caa832eb968148abdf35ee9d0f534b779fa732c0ce4a913d9ab8c3469b218552
|
||||
size 7805735
|
@@ -1,17 +0,0 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQJLBAABCgA1FiEEK+dKqz7nVN+5yA0zGKNIru1AnaEFAmOkCDwXHGRvdmVjb3Qt
|
||||
Y2VAZG92ZWNvdC5vcmcACgkQGKNIru1AnaGPwxAAwmyTGtrDSyJzzjAuDP0lQVfo
|
||||
v6MjLxmsS2LqrnA6coGpVszc5TsCMOhkk2TYpbIPk1G6Mc5ToW9ZrWKXZcyrk9hv
|
||||
b2VSM04JF1eF+2D9jc4r0eCbrYVx4x0/UVvlZytsaq9b3Gw59NExS4BjOSzByOBD
|
||||
QF3lUdlS1ZGb0iI6dJwlWcmIKJ9RsT2P4GodfkXZf68gi82yMEEtaYxeQzpQqarH
|
||||
dZdl5UGWMUB+eP3VzeqtoPSRmFhLOu4hhKKBOSTK7JX8hNnzWyV0YQ89ZBksJsRb
|
||||
PK5ou16tiWFzmnQ43Sy2W6FLfTog36YXVfvJaCc2zOzrcxD2oykLYealjEfBSUeg
|
||||
FHaSIP8XCnV42PT3MQO931Zt7HphD3VSGslb3p+/fFmpZUtOKjVaNROlD1hvggr7
|
||||
A88YBZE6zffu1Xx9aNBTNu/NV3jFuQdfqpBT/jxwV/hEWaHgBjOwedGsNtiNE3bl
|
||||
FdPc5JuJyOMAzXlAjy6IStL9LCQJpjbXOOgbDLo0KiZUh+K2faFOVcJNmAkhmWSd
|
||||
jYq28HOmHfo7MIoa4CdmBQHKtKSR/OVaOIOOzVSUVCnlTuXm8qQQG5xjjToFN99U
|
||||
TFbJiPvm+/HT6QyeNHH4mO6dUTZ9YdBuyj30P0Rffq0E4fZgz3ZBezwWSYj4bwXx
|
||||
T63m4IEsocH8pQRKpJ0=
|
||||
=aSIL
|
||||
-----END PGP SIGNATURE-----
|
3
dovecot-2.3.21.tar.gz
Normal file
3
dovecot-2.3.21.tar.gz
Normal file
@@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:05b11093a71c237c2ef309ad587510721cc93bbee6828251549fc1586c36502d
|
||||
size 7837242
|
17
dovecot-2.3.21.tar.gz.sig
Normal file
17
dovecot-2.3.21.tar.gz.sig
Normal file
@@ -0,0 +1,17 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQJLBAABCgA1FiEEK+dKqz7nVN+5yA0zGKNIru1AnaEFAmUD/KAXHGRvdmVjb3Qt
|
||||
Y2VAZG92ZWNvdC5vcmcACgkQGKNIru1AnaGv3Q//bB9M8lEVqTyljhPFphhNLJvj
|
||||
zxh9U08nUOpOV9X+IfVX4PcorS5SqrPU45ohVmstLhMf6+ONHLWqE9GHFJrwsvtC
|
||||
/aPdX5ZPQN7/H76hW9rD+m9ytCkKC+sH2tf4RR8IWtfVjF2cU+jRbMcGSJ2SbKS4
|
||||
APOEMJgdtmh5vZTHMYCSv0+8+pi4LNm3pth6XbbneJ8cmoLlZ3kjUn63pb8atkwF
|
||||
fhSNIMjb3ZKE4kJT+p01Q18DO5X4DQuPrjiuRPHLpe+PbsUYdu44Wuu+vsM/eSO2
|
||||
RQ3C+uoFg2DfhwkjLxiiTli+bnKONUKpBae3ckG1GO6cBqtPuDEIea2dcPOjJ3Ga
|
||||
Vpssy+iq7qvGIZDC5YPmdRH6O0k4r0ntTljFlpg2SW7afE2tC1ipadCcwOsF9dUZ
|
||||
DDF89o+k8s0kl8486YTIeTSwGBWJCQJPzmdA8hBxCcVTvvo5G+N2xxX6ZL+wqG3Y
|
||||
vV43n/Xvi4GkrOS7Rp+SOMGS5E4/+VB2udC3qm1s6cFm0bFVXMGwbzFnKqpcGaYX
|
||||
UDmbZAkKA4pCkEdNJIz1QUpNtQnf1vGHaMeW+IAW5xPjKJ15/M+GPZ0yeqv2Gt6I
|
||||
v1J0EM5ZkgNJ+9NU093QxORdXrTD7bDMa5yOv/7ih+9Cx4r9GhdgS/T/3LZIncrg
|
||||
xpKXvK/XKM7RFMhOnz4=
|
||||
=fueB
|
||||
-----END PGP SIGNATURE-----
|
@@ -1,3 +1,125 @@
|
||||
-------------------------------------------------------------------
|
||||
Fri Sep 15 12:12:44 UTC 2023 - Arjen de Korte <suse+build@de-korte.org>
|
||||
|
||||
- update to 2.3.21 and pigeonhole 0.5.21
|
||||
|
||||
Dovecot 2.3.21
|
||||
* lib-oauth2: Allow JWT tokens to be validated with missing typ field.
|
||||
The typ field is left out by some key issuers to conserve space,
|
||||
notably kubernetes. Now missing typ is tolerated, but if present, it
|
||||
still must be "jwt".
|
||||
+ auth: Auth passdb and userdb reply can contain "event_<name>=value"
|
||||
which will be added to login event and mail user event respectively.
|
||||
+ lib-master: Set process title during various initialization stages to
|
||||
clearly describe what the process is waiting on.
|
||||
+ lib-storage: The mail_temp_scan_interval is now fuzzed incrementing it
|
||||
by 0..30% based on username's hash to reduce the chance of load spikes.
|
||||
+ lib-storage: The temp file scan has been moved from the open of the
|
||||
mailbox to the close, to reduce the latency perceived by users.
|
||||
+ stats: If metric has fields specified, all these fields are
|
||||
exported as counters to prometheus exposition.
|
||||
See https://doc.dovecot.org/configuration_manual/stats/openmetrics/.
|
||||
- *-login: Processes might have crashed when a SSL connection disconnects
|
||||
uncleanly.
|
||||
- acl: When plugin was loaded \HasChildren and \HasNoChildren flags
|
||||
were calculated incorrectly for mailboxes containing '*' and '%'
|
||||
in their names.
|
||||
- auth: Crash occured if a connection to PostgreSQL database server
|
||||
failed during startup.
|
||||
- auth: Logins with invalid passwords (e.g. unknown scheme) in passdb
|
||||
were failing with "password mismatch" instead of "internal error".
|
||||
- auth: XOAUTH2 and OAUTHBEARER mechanisms were not giving out protocol
|
||||
specific error message on all errors. This especially broke OIDC
|
||||
discovery.
|
||||
- dbox: When last_temp_file_scan header wasn't set (especially after
|
||||
dsync migration), the next mailbox open always triggers the temp file
|
||||
scan. This could have caused a load spike after migrations. Fixed by
|
||||
using the mailbox directory's atime when the header isn't set, which
|
||||
usually moves the scan time into the future.
|
||||
- dict-redis: A crash would occur on transaction rollback.
|
||||
- dsync: Infinite loop causing out of memory would occur when handling
|
||||
mailbox deletion from remote end and hierarchy separators would differ.
|
||||
- dsync: Incremental dsync failed for folder names ending with '%',
|
||||
unless BROKENCHAR was set. Also folder names with '%' elsewhere in
|
||||
them caused each incremental dsync to unnecessarily rename the folder
|
||||
to a temporary name and back. v2.3.19 regression.
|
||||
- imap-hibernate: If an IMAP client unhibernation timed out with
|
||||
"(version received)", the unhibernation could still have successfully
|
||||
finished later on and continued working normally. This was rather
|
||||
confusing, because imap-hibernate already logged that the client got
|
||||
disconnected. Avoid this by forcing the connection to shutdown on
|
||||
unhibernation timeout.
|
||||
- imapc: Crashed when a folder mapped through the virtual plugin
|
||||
disappears from the storage.
|
||||
- imapc: EXPUNGE, EXISTS or FETCH replies from a server for a previously
|
||||
selected mailbox could have been processed as if they belonged to the
|
||||
new mailbox currently being selected. This could have caused warnings.
|
||||
- lib-http: Dovecot HTTP server (doveadm, stats/openmetrics) may have
|
||||
disconnected HTTP clients before the response is fully sent. This
|
||||
happened only on busy servers where kernel's socket buffers were
|
||||
rather full.
|
||||
- lib-http: Fixed a potential crash on http-server if a client
|
||||
disconnected early. v2.3.18 regression.
|
||||
- lib-index: Index file corruption could have caused a crash. Fixes:
|
||||
Panic: file mail-transaction-log-view.c: line 165 (mail_transaction_log_view_set):
|
||||
assertion failed: (min_file_seq <= max_file_seq).
|
||||
- lib-index: Purging an existing >1GB cache file can crash. Now cache
|
||||
files still above 1GB after purging are removed. Fixes:
|
||||
Panic: file mail-index-util.c: line 10 (mail_index_uint32_to_offset):
|
||||
assertion failed: (offset < 0x40000000)
|
||||
- lib-lua: A HTTP client could not resolve DNS names in mail processes,
|
||||
because it expected "the dns-client" socket to exist in the current
|
||||
directory.
|
||||
- lib-oauth2: Dovecot would send client_id and client_secret as POST
|
||||
parameters to the introspection server. These need to be optionally in
|
||||
Basic auth instead.
|
||||
- lib-oauth2: JWT aud validation was not performed if aud was missing
|
||||
from a token, but was configured on Dovecot.
|
||||
- lib-oauth2: JWT key type check was too strict.
|
||||
- lib-oauth2: JWT token audience was not validated against client_id as
|
||||
required by the specification.
|
||||
- lib-ssl-iostream: Using the ssl_require_crl=yes setting may have caused
|
||||
CRL check failures for outgoing SSL/TLS connections, although it was
|
||||
supposed to affect checking CRLs only for client-side SSL
|
||||
certificates. v2.3.17 regression.
|
||||
- lib-sql: MySQL driver leaked memory when connection failed.
|
||||
- lib-storage: Various fixes when running into out of disk space.
|
||||
- master: Service idle_kill setting didn't work properly on busy
|
||||
servers. It was very unlikely that any process was idling long enough
|
||||
to become killed. Also the idle_kill handling code was using quite a
|
||||
lot of CPU on the master process when there were a lot of processes
|
||||
(e.g. imap). The new behavior is to track the lowest number of idling
|
||||
processes every idle_kill time interval and then kill that many idling
|
||||
processes.
|
||||
- mdbox: Temp file scan was done for always empty directories.
|
||||
- mdbox: The fdatasync() call was done in wrong parent directory when
|
||||
writing mails. Also on a failure it crashed instead of logging an error.
|
||||
- notify_status: The plugin crashes if any user initialization fails.
|
||||
- pop3: Sending command with the ':' character caused an assert-crash.
|
||||
v2.3.18 regression. Fixes: Panic: event_reason_code_prefix(): name has ':'
|
||||
- stats: Fix panic when a nonexistent event exporter was referenced while
|
||||
adding a new metric dynamically via doveadm stats add. This produces
|
||||
a proper error now.
|
||||
- stats: If process exported a lot of events and then exited, some of
|
||||
the last events may have become lost.
|
||||
- stats: Invalid Prometheus label names were created with specific
|
||||
histogram group_by configurations. Prometheus rejected these labels.
|
||||
- welcome: The plugin didn't execute in some situations that created
|
||||
INBOX but didn't open it, e.g. if GETMETADATA was used before the
|
||||
INBOX was opened.
|
||||
|
||||
Pigeonhole v0.5.21
|
||||
- sieve: Using the deleteheader action on a message with a broken/invalid
|
||||
header can cause the Sieve interpreter to crash with an assert panic.
|
||||
This can happen e.g. when the message is missing the empty EOH line
|
||||
between the headers and the body of the message. Fixes:
|
||||
Panic: file edit-mail.c: line 820 (edit_mail_headers_parse):
|
||||
assertion failed: (body_offset > 0).
|
||||
- sieve: Pigeonhole added an extra Message-ID header during mail
|
||||
forwarding when the existing one was invalid. Now it adds the
|
||||
Message-ID only if it is entirely missing. Existing Message-ID(s) are
|
||||
left unchanged.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Mar 27 09:15:10 UTC 2023 - Martin Liška <mliska@suse.cz>
|
||||
|
||||
|
@@ -17,11 +17,11 @@
|
||||
|
||||
|
||||
Name: dovecot23
|
||||
Version: 2.3.20
|
||||
Version: 2.3.21
|
||||
Release: 0
|
||||
%define pkg_name dovecot
|
||||
%define dovecot_version 2.3.20
|
||||
%define dovecot_pigeonhole_version 0.5.20
|
||||
%define dovecot_version 2.3.21
|
||||
%define dovecot_pigeonhole_version 0.5.21
|
||||
%define dovecot_branch 2.3
|
||||
%define dovecot_pigeonhole_source_dir %{pkg_name}-%{dovecot_branch}-pigeonhole-%{dovecot_pigeonhole_version}
|
||||
%define dovecot_pigeonhole_docdir %{_docdir}/%{pkg_name}/dovecot-pigeonhole
|
||||
@@ -162,6 +162,7 @@ Patch: dovecot-2.3.0-dont_use_etc_ssl_certs.patch
|
||||
Patch1: dovecot-2.3.0-better_ssl_defaults.patch
|
||||
# PATCH-FIX-OPENSUSE - boo#1207958
|
||||
Patch2: fix-build-with-openssl-3.patch
|
||||
# PATCH-FIX-UPSTREAM - https://github.com/dovecot/core/commit/f0c1cf42ea78d22e2674b03fe65f0ee6545c5b99
|
||||
Patch3: fix-strict-aliasing.patch
|
||||
Summary: IMAP and POP3 Server Written Primarily with Security in Mind
|
||||
License: BSD-3-Clause AND LGPL-2.1-or-later AND MIT
|
||||
|
Reference in New Issue
Block a user