dovecot updated to 2.2.35, pigeonhole updated to 0.4.23

fixes CVE-2017-15130: TLS SNI config lookups may lead to excessive
  memory usage, causing imap-login/pop3-login VSZ limit to be reached
  and the process restarted. This happens only if Dovecot config has
  local_name { } or local { } configuration blocks and attacker uses
  randomly generated SNI servernames.
fixes CVE-2017-14461: Parsing invalid email addresses may cause a crash or
  leak memory contents to attacker. For example, these memory contents
  might contain parts of an email from another user if the same imap
  process is reused for multiple users.
fixes CVE-2017-15132: Aborted SASL authentication leaks memory in login
  process.

.gitignore

@@ -1,110 +1,2 @@
-dovecot-2.0.rc3.tar.gz
-pigeonhole-snap01ee63b788c9.tar.bz2
-dovecot-2.0.rc4.tar.gz
-pigeonhole-snapcac6acdc4d0e.tar.bz2
-dovecot-2.0.rc5.tar.gz
-pigeonhole-snap0592366457df.tar.bz2
-/dovecot-2.0.0.tar.gz
-/pigeonhole-snap1ae9569b0383.tar.bz2
-/dovecot-2.0.1.tar.gz
-/pigeonhole-snapd51650c8af85.tar.bz2
-/dovecot-2.0.2.tar.gz
-/pigeonhole-snapfbcb05e7eda1.tar.bz2
-/dovecot-2.0.3.tar.gz
-/pigeonhole-snapcb4c1ebecff3.tar.bz2
-/dovecot-2.0.4.tar.gz
-/pigeonhole-snap824454514f08.tar.bz2
-/dovecot-2.0.5.tar.gz
-/pigeonhole-snapa50464354f5a.tar.bz2
-/dovecot-2.0.6.tar.gz
-/pigeonhole-snap2023f8c74250.tar.bz2
-/dovecot-2.0.7.tar.gz
-/pigeonhole-snapa8cc6294071e.tar.bz2
-/dovecot-2.0.8.tar.gz
-/pigeonhole-snap67d2240966ec.tar.bz2
-/dovecot-2.0-pigeonhole-0.2.2.tar.gz
-/dovecot-2.0.9.tar.gz
-/dovecot-2.0.11.tar.gz
-/dovecot-2.0.12.tar.gz
-/dovecot-2.0-pigeonhole-0.2.3.tar.gz
-/dovecot-2.0.13.tar.gz
-/dovecot-2.0.14.tar.gz
-/dovecot-2.0.15.tar.gz
-/dovecot-2.0.16.tar.gz
-/dovecot-2.1.rc1.tar.gz
-/dovecot-2.1-pigeonhole-b3bff60a18da.tar.bz2
-/dovecot-2.1.rc3.tar.gz
-/dovecot-2.1.rc5.tar.gz
-/dovecot-2.1-pigeonhole-a130a50f82e1.tar.bz2
-/dovecot-2.1.rc6.tar.gz
-/dovecot-2.1-pigeonhole-b2a456e15ed5.tar.bz2
-/dovecot-2.1.0.tar.gz
-/dovecot-2.1-pigeonhole-0.3.0.tar.gz
-/dovecot-2.1.1.tar.gz
-/pigeonhole-snap67950c9d3675.tar.bz2
-/dovecot-2.1.2.tar.gz
-/pigeonhole-snap08a2d2718a65.tar.bz2
-/dovecot-2.1.3.tar.gz
-/dovecot-2.1.4.tar.gz
-/dovecot-2.1.5.tar.gz
-/dovecot-2.1.6.tar.gz
-/dovecot-2.1.7.tar.gz
-/dovecot-2.1-pigeonhole-0.3.1.tar.gz
-/dovecot-2.1.8.tar.gz
-/dovecot-2.1.9.tar.gz
-/dovecot-2.1.10.tar.gz
-/dovecot-2.1-pigeonhole-0.3.3.tar.gz
-/dovecot-2.1.12.tar.gz
-/dovecot-2.1.13.tar.gz
-/dovecot-2.1.14.tar.gz
-/dovecot-2.1.15.tar.gz
-/dovecot-2.2.rc2.tar.gz
-/pigeonhole-99eec511aa2c.tar.bz2
-/dovecot-2.2.rc3.tar.gz
-/dovecot-2.2.rc4.tar.gz
-/dovecot-2.2.0.tar.gz
-/dovecot-2.2.1.tar.gz
-/pigeonhole-snape42a38f02d28.tar.bz2
-/dovecot-2.2-pigeonhole-0.4.0.tar.gz
-/dovecot-2.2.2.tar.gz
-/dovecot-2.2.3.tar.gz
-/dovecot-2.2.4.tar.gz
-/dovecot-2.2-pigeonhole-0.4.1.tar.gz
-/dovecot-2.2.5.tar.gz
-/dovecot-2.2.6.tar.gz
-/dovecot-2.2-pigeonhole-0.4.2.tar.gz
-/dovecot-2.2.7.tar.gz
-/dovecot-2.2.8.tar.gz
-/dovecot-2.2.9.tar.gz
-/dovecot-2.2.10.tar.gz
-/dovecot-2.2.11.tar.gz
-/dovecot-2.2.12.tar.gz
-/dovecot-2.2.13.tar.gz
-/dovecot-2.2.14.tar.gz
-/dovecot-2.2-pigeonhole-0.4.3.tar.gz
-/dovecot-2.2.15.tar.gz
-/pigeonhole-snapded0c5a467aa.tar.bz2
-/dovecot-2.2-pigeonhole-0.4.6.tar.gz
-/dovecot-2.2.16.tar.gz
-/dovecot-2.2.17.tar.gz
-/dovecot-2.2.18.tar.gz
-/dovecot-2.2-pigeonhole-0.4.7.tar.gz
-/dovecot-2.2-pigeonhole-0.4.8.tar.gz
-/dovecot-2.2.19.tar.gz
-/dovecot-2.2-pigeonhole-0.4.9.tar.gz
-/dovecot-2.2.20.tar.gz
-/dovecot-2.2.21.tar.gz
-/dovecot-2.2-pigeonhole-0.4.10.tar.gz
-/dovecot-2.2-pigeonhole-0.4.11.tar.gz
-/dovecot-2.2-pigeonhole-0.4.12.tar.gz
-/dovecot-2.2.22.tar.gz
-/dovecot-2.2.23.tar.gz
-/dovecot-2.2-pigeonhole-0.4.13.tar.gz
-/dovecot-2.2.24.tar.gz
-/dovecot-2.2-pigeonhole-0.4.14.tar.gz
-/dovecot-2.2.25.tar.gz
-/dovecot-2.2.26.0.tar.gz
-/dovecot-2.2-pigeonhole-0.4.16.tar.gz
-/dovecot-2.2.27.tar.gz
-/dovecot-2.2.28.tar.gz
-/dovecot-2.2-pigeonhole-0.4.17.tar.gz
+/dovecot-*.tar.gz
+/pigeonhole-*.tar.bz2

dovecot.spec

@@ -3,7 +3,7 @@
 Summary: Secure imap and pop3 server
 Name: dovecot
 Epoch: 1
-Version: 2.2.28
+Version: 2.2.35
 %global prever %{nil}
 Release: 1%{?dist}
 #dovecot itself is MIT, a few sources are PD, pigeonhole is LGPLv2
@@ -14,7 +14,7 @@ URL: http://www.dovecot.org/
 Source: http://www.dovecot.org/releases/2.2/%{name}-%{version}%{?prever}.tar.gz
 Source1: dovecot.init
 Source2: dovecot.pam
-%global pigeonholever 0.4.17
+%global pigeonholever 0.4.23
 Source8: http://pigeonhole.dovecot.org/releases/2.2/dovecot-2.2-pigeonhole-%{pigeonholever}.tar.gz
 Source9: dovecot.sysconfig
 Source10: dovecot.tmpfilesd
@@ -40,7 +40,12 @@ BuildRequires: openssl-devel, pam-devel, zlib-devel, bzip2-devel, libcap-devel
 BuildRequires: libtool, autoconf, automake, pkgconfig
 BuildRequires: sqlite-devel
 BuildRequires: postgresql-devel
+%if %{?fedora}0 < 280
 BuildRequires: mysql-devel
+BuildRequires: tcp_wrappers-devel
+%else
+BuildRequires: mariadb-connector-c-devel
+%endif
 BuildRequires: openldap-devel
 BuildRequires: krb5-devel
 BuildRequires: quota-devel
@@ -160,6 +165,9 @@ autoreconf -I . -fiv #required for aarch64 support
     --with-sqlite                \
     --with-zlib                  \
     --with-libcap                \
+%if %{?fedora}0 < 280
+    --with-libwrap               \
+%endif
 %if %{?fedora}0 > 150 || %{?rhel}0 >60
     --with-lucene                \
 %endif
@@ -406,9 +414,10 @@ make check
 %{_libdir}/dovecot/doveadm
 %exclude %{_libdir}/dovecot/doveadm/*sieve*
 %{_libdir}/dovecot/*.so.*
-#these (*.so files) are plugins, not a devel files
+#these (*.so files) are plugins, not devel files
 %{_libdir}/dovecot/*_plugin.so
 %exclude %{_libdir}/dovecot/*_sieve_plugin.so
+%{_libdir}/dovecot/auth/lib20_auth_var_expand_crypt.so
 %{_libdir}/dovecot/auth/libauthdb_imap.so
 %{_libdir}/dovecot/auth/libauthdb_ldap.so
 %{_libdir}/dovecot/auth/libmech_gssapi.so
@@ -423,6 +432,8 @@ make check
 %{_libdir}/dovecot/libfs_crypt.so
 %{_libdir}/dovecot/libfs_mail_crypt.so
 %{_libdir}/dovecot/libdcrypt_openssl.so
+%{_libdir}/dovecot/lib20_var_expand_crypt.so
+
 %dir %{_libdir}/dovecot/settings
 
 %{_libexecdir}/%{name}
@@ -485,6 +496,185 @@ make check
 %{_libdir}/%{name}/dict/libdriver_pgsql.so
 
 %changelog
+* Wed Mar 21 2018 Michal Hlavinka <mhlavink@redhat.com> - 1:2.2.35-1
+- dovecot updated to 2.2.35, pigeonhole updated to 0.4.23
+
+* Thu Mar 01 2018 Michal Hlavinka <mhlavink@redhat.com> - 1:2.2.34-1
+- dovecot updated to 2.2.34, pigeonhole updated to 0.4.22
+- fixes CVE-2017-15130: TLS SNI config lookups may lead to excessive
+  memory usage, causing imap-login/pop3-login VSZ limit to be reached
+  and the process restarted. This happens only if Dovecot config has
+  local_name { } or local { } configuration blocks and attacker uses
+  randomly generated SNI servernames.
+- fixes CVE-2017-14461: Parsing invalid email addresses may cause a crash or
+  leak memory contents to attacker. For example, these memory contents
+  might contain parts of an email from another user if the same imap
+  process is reused for multiple users.
+- fixes CVE-2017-15132: Aborted SASL authentication leaks memory in login
+  process.
+
+* Fri Feb 09 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 1:2.2.33.2-5
+- Escape macros in %%changelog
+
+* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1:2.2.33.2-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
+
+* Sat Jan 20 2018 Björn Esser <besser82@fedoraproject.org> - 1:2.2.33.2-3
+- Rebuilt for switch to libxcrypt
+
+* Mon Jan 08 2018 Michal Hlavinka <mhlavink@redhat.com> - 1:2.2.33.2-2
+- remove tcp_wrappers on Fedora 28 and later (#1518761)
+- use use mariadb-connector-c-devel instead of mysql-devel on Fedora 28 and later (#1493624)
+
+* Tue Oct 24 2017 Michal Hlavinka <mhlavink@redhat.com> - 1:2.2.33.2-1
+- dovecot updated to 2.2.33.2
+- doveadm: Fix crash in proxying (or dsync replication) if remote is
+  running older than v2.2.33
+- auth: Fix memory leak in %%{ldap_dn}
+- dict-sql: Fix data types to work correctly with Cassandra
+
+* Wed Oct 18 2017 Michal Hlavinka <mhlavink@redhat.com> - 1:2.2.33.1-1
+- dovecot updated to 2.2.33.1, pigeonhole updated to 
+- Added %%{if}, see https://wiki2.dovecot.org/Variables#Conditionals
+- sdbox: Mails were always opened when expunging, unless
+  mail_attachment_fs was explicitly set to empty.
+- lmtp/doveadm proxy: hostip passdb field was ignored, which caused
+  unnecessary DNS lookups if host field wasn't an IP
+- lmtp proxy: Fix crash when receiving unexpected reply in RCPT TO
+- quota_clone: Update also when quota is unlimited (broken in v2.2.31)
+- mbox, zlib: Fix assert-crash when accessing compressed mbox
+- doveadm director kick -f parameter didn't work
+- doveadm director flush <host> resulted flushing all hosts, if <host>
+  wasn't an IP address.
+- director: Various fixes to handling backend/director changes at
+   abnormal times, especially while ring was unsynced.
+- director: Use less CPU in imap-login processes when moving/kicking
+  many users.
+- lmtp: Session IDs were duplicated/confusing with multiple RCPT TOs
+  when lmtp_rcpt_check_quota=yes
+- LDA Sieve plugin: Fixed sequential execution of LDAP-based scripts. A
+  missing LDAP-based script could cause the script sequence to exit earlier.
+- sieve-filter: Removed the (now) duplicate utf8 to mutf7 mailbox name
+  conversion. This caused problems with mailbox names containing UTF-8
+  characters. 
+
+* Mon Aug 28 2017 Michal Hlavinka <mhlavink@redhat.com> - 1:2.2.32-2
+- pigeonhole updated to 0.4.20
+- Made the retention period for redirect duplicate identifiers
+  configurable. Changed the default retention period from 24 to 12 hours.
+- sieve-filter: Fixed memory leak: forgot to clean up script binary at
+  end of execution
+- managesieve-login: Fixed handling of AUTHENTICATE command. A second
+  authenticate command would be parsed wrong.
+
+* Fri Aug 25 2017 Michal Hlavinka <mhlavink@redhat.com> - 1:2.2.32-1
+- dovecot updated to 2.2.32
+- Modseq tracking didn't always work correctly. This could have caused
+  imap unhibernation to fail or IMAP QRESYNC/CONDSTORE extensions to
+  not work perfectly.
+- mdbox: "Inconsistency in map index" wasn't fixed automatically
+- dict-ldap: %variable values used in the LDAP filter weren't escaped.
+- quota=count: quota_warning = -storage=.. was never executed (try #2).
+- imapc: >= 32 kB mail bodies were supposed to be cached for subsequent
+  FETCHes, but weren't.
+- quota-status service didn't support recipient_delimiter
+- acl: Don't access dovecot-acl-list files with acl_globals_only=yes
+- mail_location: If INDEX dir is set, mailbox deletion deletes its
+  childrens' indexes. 
+- director: v2.2.31 caused rapid reconnection loops to directors
+  that were down.
+
+* Wed Aug 02 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1:2.2.31-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
+
+* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1:2.2.31-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
+
+* Tue Jul 11 2017 Michal Hlavinka <mhlavink@redhat.com> - 1:2.2.31-3
+- enable tcpwrap support (#1450587)
+
+* Tue Jul 04 2017 Michal Hlavinka <mhlavink@redhat.com> - 1:2.2.31-2
+- revert commit breaking NOTIFY support
+
+* Tue Jun 27 2017 Michal Hlavinka <mhlavink@redhat.com> - 1:2.2.31-1
+- dovecot updated to 2.2.31
+- Various fixes to handling mailbox listing. Especially related to
+  handling nonexistent autocreated/autosubscribed mailboxes and ACLs.
+- Global ACL file was parsed as if it was local ACL file. This caused
+  some of the ACL rule interactions to not work exactly as intended.
+- Using mail_sort_max_read_count may have caused very high CPU usage.
+- Message address parsing could have crashed on invalid input.
+- imapc_features=fetch-headers wasn't always working correctly and
+  caused the full header to be fetched.
+- imapc: Various bugfixes related to connection failure handling.
+- quota=count: quota_warning = -storage=.. was never executed
+- quota=count: Add support for "ns" parameter
+- dsync: Fix incremental syncing for mails that don't have Date or
+  Message-ID headers.
+- imap: Fix hang when client sends pipelined SEARCH +
+  EXPUNGE/CLOSE/LOGOUT.
+- oauth2: Token validation didn't accept empty server responses.
+- imap: NOTIFY command has been almost completely broken since the
+  beginning.
+- pigeonhole updated to 0.4.19
+- Fixed bug in handling of implicit keep in some cases.
+- include extension: Fixed segfault that (sometimes) occurred when the
+  global script location was left unconfigured.
+
+* Wed Jun 07 2017 Michal Hlavinka <mhlavink@redhat.com> - 1:2.2.30.2-1
+- dovecot updated to 2.2.30.2
+- auth: Multiple failed authentications within short time caused crashes
+- push-notification: OX driver crashed at deinit
+
+* Thu Jun 01 2017 Michal Hlavinka <mhlavink@redhat.com> - 1:2.2.30.1-1
+- dovecot updated to 2.2.30.1
+- More fixes to automatically fix corruption in dovecot.list.index
+- dsync-server: Fix support for dsync_features=empty-header-workaround
+- imapc: Various bugfixes, including infinite loops on some errors
+- IMAP NOTIFY wasn't working for non-INBOX if IMAP client hadn't
+  enabled modseq tracking via CONDSTORE/QRESYNC.
+- fts-lucene: Fix it to work again with mbox format
+- Some internal error messages may have contained garbage in v2.2.29
+- mail-crypt: Re-encrypt when copying/moving mails and per-mailbox keys
+  are used. Otherwise the copied mails can't be opened.
+
+* Wed Apr 12 2017 Michal Hlavinka <mhlavink@redhat.com> - 1:2.2.29.1-1
+- dovecot updated to 2.2.29.1
+- dict-sql: Merging multiple UPDATEs to a single statement wasn't
+  actually working.
+- pigeonhole updated to 0.4.18
+- imapsieve plugin: Implemented the copy_source_after rule action. When this
+  is enabled for a mailbox rule, the specified Sieve script is executed for
+  the message in the source mailbox during a "COPY" event. This happens only
+  after the Sieve script that is executed for the corresponding message in the
+  destination mailbox finishes running successfully.
+- imapsieve plugin: Added non-standard Sieve environment items for the source
+  and destination mailbox.
+- multiscript: The execution of the discard script had an implicit "keep",
+  rather than an implicit "discard". 
+
+* Tue Apr 11 2017 Michal Hlavinka <mhlavink@redhat.com> - 1:2.2.29-1
+- dovecot updated to 2.2.29
+- fts-tika: Fixed crash when parsing attachment without
+  Content-Disposition header. Broken by 2.2.28.
+- trash plugin was broken in 2.2.28
+- auth: When passdb/userdb lookups were done via auth-workers, too much
+  data was added to auth cache. This could have resulted in wrong
+  replies when using multiple passdbs/userdbs.
+- auth: passdb { skip & mechanisms } were ignored for the first passdb
+- oauth2: Various fixes, including fixes to crashes
+- dsync: Large Sieve scripts (or other large metadata) weren't always
+  synced.
+- Index rebuild (e.g. doveadm force-resync) set all mails as \Recent
+- imap-hibernate: %%{userdb:*} wasn't expanded in mail_log_prefix
+- doveadm: Exit codes weren't preserved when proxying commands via
+  doveadm-server. Almost all errors used exit code 75 (tempfail).
+- ACLs weren't applied to not-yet-existing autocreated mailboxes.
+- Fixed a potential crash when parsing a broken message header.
+- cassandra: Fallback consistency settings weren't working correctly.
+- doveadm director status <user>: "Initial config" was always empty
+- imapc: Various reconnection fixes.
+
 * Mon Feb 27 2017 Michal Hlavinka <mhlavink@redhat.com> - 1:2.2.28-1
 - dovecot updated to 2.2.28, pigeonhole to 0.4.17
 - auth: Support OAUTHBEARER and XOAUTH2 mechanisms. Also support them
@@ -498,7 +688,7 @@ make check
   for multiple requests (service_count != 1)
 - sdbox: Fix assert-crash on mailbox create race
 - lda/lmtp: deliver_log_format values weren't entirely correct if Sieve
-  was used. especially %{storage_id} was broken.
+  was used. especially %%{storage_id} was broken.
 - imapsieve plugin: Fixed assert failure occurring when used with virtual
   mailboxes.
 - doveadm sieve plugin: Fixed crash when setting Sieve script via attribute's
@@ -543,10 +733,10 @@ make check
   This might have allowed untrusted processes to capture and prevent
   "doveadm service stop" comands from working.
 - login proxy: Fixed crash when outgoing SSL connections were hanging.
-- auth: userdb fields weren't passed to auth-workers, so %{userdb:*}
+- auth: userdb fields weren't passed to auth-workers, so %%{userdb:*}
   from previous userdbs didn't work there.
 - auth: Fixed auth_bind=yes + sasl_bind=yes to work together
-- lmtp: %{userdb:*} variables didn't work in mail_log_prefix
+- lmtp: %%{userdb:*} variables didn't work in mail_log_prefix
 - Fixed writing >2GB to iostream-temp files (used by fs-compress,
   fs-metawrap, doveadm-http)
 - fts-solr: Fixed searching multiple mailboxes
@@ -599,7 +789,7 @@ make check
 
 * Wed Mar 16 2016 Michal Hlavinka <mhlavink@redhat.com> - 1:2.2.22-1
 - dovecot updated to 2.2.22
-- auth: Auth caching was done too aggressively when %variables were
+- auth: Auth caching was done too aggressively when %%variables were
   used in default_fields, override_fields or LDAP pass/user_attrs.
   userdb result_* were also ignored when user was found from cache.
 - imap: Fixed various assert-crashes caused v2.2.20+. Some of them
@@ -660,7 +850,7 @@ make check
   allocation in the sieve command implementations.
 
 * Tue Dec 08 2015 Michal Hlavinka <mhlavink@redhat.com> - 1:2.2.20-2
-- move ssl initialization from %post to dovecot-init.service
+- move ssl initialization from %%post to dovecot-init.service
 
 * Tue Dec 08 2015 Michal Hlavinka <mhlavink@redhat.com> - 1:2.2.20-1
 - dovecot updated to 2.2.20
@@ -1169,7 +1359,7 @@ make check
 - updated to 2.1.rc1
 - major changes since 2.0.x:
 - plugins now use UTF-8 mailbox names rather than mUTF-7
-- auth_username_format default changed to %Lu
+- auth_username_format default changed to %%Lu
 - solr full text search backend changed to use mailbox GUIDs instead of
   mailbox names, requiring reindexing everything
 

sources

@@ -1,2 +1,2 @@
-SHA512 (dovecot-2.2.28.tar.gz) = 3f40eb52413130dd47da98470d797ede63db3296923c2888b48f1a021e473cfcad064671ad804037d101990457ee57def30f2c27010ede2d758f3d3cfd8ef741
-SHA512 (dovecot-2.2-pigeonhole-0.4.17.tar.gz) = 3ea6faebf04154649c32612f204e909aa131582c99867865bff3d3a78a75593d96109586eeb6403bc915046b8b6f02e8bacbf6cb6733ea186d2e1a209a7e2b79
+SHA512 (dovecot-2.2.35.tar.gz) = 002ceea7f17018bcd438edda5a36a782606f291264ef63cebb8b4f72b094e812bf5553686c9e1e0d8c1354af54c1174f3670d1b1fc498ec4cddb3f731bf00c56
+SHA512 (dovecot-2.2-pigeonhole-0.4.23.tar.gz) = 24dae1f7a52fdb37f644e9c0a5c30dcbb95018e8dd43f18af56e7ee813723cad36b74d6c22ddff281e140e4c0bbb61900baf23116a980dcda5244ae8a5b544f8