dovecot updated to 2.2.36, pigeonhole updated to 0.4.24

dovecot updated to 2.2.35, pigeonhole updated to 0.4.23
upload new tarballs
2018-06-07 10:15:36 +02:00 · 2018-03-21 17:55:08 +01:00 · 2018-03-02 10:41:27 +01:00 · 2018-03-02 10:38:35 +01:00 · 2017-10-24 12:33:15 +02:00 · 2017-09-07 09:02:32 +02:00
5 changed files with 128 additions and 160 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,117 +1,2 @@
-dovecot-2.0.rc3.tar.gz
-pigeonhole-snap01ee63b788c9.tar.bz2
-dovecot-2.0.rc4.tar.gz
-pigeonhole-snapcac6acdc4d0e.tar.bz2
-dovecot-2.0.rc5.tar.gz
-pigeonhole-snap0592366457df.tar.bz2
-/dovecot-2.0.0.tar.gz
-/pigeonhole-snap1ae9569b0383.tar.bz2
-/dovecot-2.0.1.tar.gz
-/pigeonhole-snapd51650c8af85.tar.bz2
-/dovecot-2.0.2.tar.gz
-/pigeonhole-snapfbcb05e7eda1.tar.bz2
-/dovecot-2.0.3.tar.gz
-/pigeonhole-snapcb4c1ebecff3.tar.bz2
-/dovecot-2.0.4.tar.gz
-/pigeonhole-snap824454514f08.tar.bz2
-/dovecot-2.0.5.tar.gz
-/pigeonhole-snapa50464354f5a.tar.bz2
-/dovecot-2.0.6.tar.gz
-/pigeonhole-snap2023f8c74250.tar.bz2
-/dovecot-2.0.7.tar.gz
-/pigeonhole-snapa8cc6294071e.tar.bz2
-/dovecot-2.0.8.tar.gz
-/pigeonhole-snap67d2240966ec.tar.bz2
-/dovecot-2.0-pigeonhole-0.2.2.tar.gz
-/dovecot-2.0.9.tar.gz
-/dovecot-2.0.11.tar.gz
-/dovecot-2.0.12.tar.gz
-/dovecot-2.0-pigeonhole-0.2.3.tar.gz
-/dovecot-2.0.13.tar.gz
-/dovecot-2.0.14.tar.gz
-/dovecot-2.0.15.tar.gz
-/dovecot-2.0.16.tar.gz
-/dovecot-2.1.rc1.tar.gz
-/dovecot-2.1-pigeonhole-b3bff60a18da.tar.bz2
-/dovecot-2.1.rc3.tar.gz
-/dovecot-2.1.rc5.tar.gz
-/dovecot-2.1-pigeonhole-a130a50f82e1.tar.bz2
-/dovecot-2.1.rc6.tar.gz
-/dovecot-2.1-pigeonhole-b2a456e15ed5.tar.bz2
-/dovecot-2.1.0.tar.gz
-/dovecot-2.1-pigeonhole-0.3.0.tar.gz
-/dovecot-2.1.1.tar.gz
-/pigeonhole-snap67950c9d3675.tar.bz2
-/dovecot-2.1.2.tar.gz
-/pigeonhole-snap08a2d2718a65.tar.bz2
-/dovecot-2.1.3.tar.gz
-/dovecot-2.1.4.tar.gz
-/dovecot-2.1.5.tar.gz
-/dovecot-2.1.6.tar.gz
-/dovecot-2.1.7.tar.gz
-/dovecot-2.1-pigeonhole-0.3.1.tar.gz
-/dovecot-2.1.8.tar.gz
-/dovecot-2.1.9.tar.gz
-/dovecot-2.1.10.tar.gz
-/dovecot-2.1-pigeonhole-0.3.3.tar.gz
-/dovecot-2.1.12.tar.gz
-/dovecot-2.1.13.tar.gz
-/dovecot-2.1.14.tar.gz
-/dovecot-2.1.15.tar.gz
-/dovecot-2.2.rc2.tar.gz
-/pigeonhole-99eec511aa2c.tar.bz2
-/dovecot-2.2.rc3.tar.gz
-/dovecot-2.2.rc4.tar.gz
-/dovecot-2.2.0.tar.gz
-/dovecot-2.2.1.tar.gz
-/pigeonhole-snape42a38f02d28.tar.bz2
-/dovecot-2.2-pigeonhole-0.4.0.tar.gz
-/dovecot-2.2.2.tar.gz
-/dovecot-2.2.3.tar.gz
-/dovecot-2.2.4.tar.gz
-/dovecot-2.2-pigeonhole-0.4.1.tar.gz
-/dovecot-2.2.5.tar.gz
-/dovecot-2.2.6.tar.gz
-/dovecot-2.2-pigeonhole-0.4.2.tar.gz
-/dovecot-2.2.7.tar.gz
-/dovecot-2.2.8.tar.gz
-/dovecot-2.2.9.tar.gz
-/dovecot-2.2.10.tar.gz
-/dovecot-2.2.11.tar.gz
-/dovecot-2.2.12.tar.gz
-/dovecot-2.2.13.tar.gz
-/dovecot-2.2.14.tar.gz
-/dovecot-2.2-pigeonhole-0.4.3.tar.gz
-/dovecot-2.2.15.tar.gz
-/pigeonhole-snapded0c5a467aa.tar.bz2
-/dovecot-2.2-pigeonhole-0.4.6.tar.gz
-/dovecot-2.2.16.tar.gz
-/dovecot-2.2.17.tar.gz
-/dovecot-2.2.18.tar.gz
-/dovecot-2.2-pigeonhole-0.4.7.tar.gz
-/dovecot-2.2-pigeonhole-0.4.8.tar.gz
-/dovecot-2.2.19.tar.gz
-/dovecot-2.2-pigeonhole-0.4.9.tar.gz
-/dovecot-2.2.20.tar.gz
-/dovecot-2.2.21.tar.gz
-/dovecot-2.2-pigeonhole-0.4.10.tar.gz
-/dovecot-2.2-pigeonhole-0.4.11.tar.gz
-/dovecot-2.2-pigeonhole-0.4.12.tar.gz
-/dovecot-2.2.22.tar.gz
-/dovecot-2.2.23.tar.gz
-/dovecot-2.2-pigeonhole-0.4.13.tar.gz
-/dovecot-2.2.24.tar.gz
-/dovecot-2.2-pigeonhole-0.4.14.tar.gz
-/dovecot-2.2.25.tar.gz
-/dovecot-2.2.26.0.tar.gz
-/dovecot-2.2-pigeonhole-0.4.16.tar.gz
-/dovecot-2.2.27.tar.gz
-/dovecot-2.2.28.tar.gz
-/dovecot-2.2-pigeonhole-0.4.17.tar.gz
-/dovecot-2.2.29.tar.gz
-/dovecot-2.2.29.1.tar.gz
-/dovecot-2.2-pigeonhole-0.4.18.tar.gz
-/dovecot-2.2.30.1.tar.gz
-/dovecot-2.2.30.2.tar.gz
-/dovecot-2.2.31.tar.gz
-/dovecot-2.2-pigeonhole-0.4.19.tar.gz
+/dovecot-*.tar.gz
+/pigeonhole-*.tar.bz2
--- a/dovecot-2.2.31-notifyrevert.patch
+++ b/dovecot-2.2.31-notifyrevert.patch
@ -1,28 +0,0 @@
-From 64d2efdc4b0bdf92249840e9db89b91c8dc0f3a3 Mon Sep 17 00:00:00 2001
-From: Timo Sirainen <timo.sirainen@dovecot.fi>
-Date: Sat, 17 Jun 2017 14:38:22 +0300
-Subject: [PATCH] imap: Fix NOTIFY to parse more than just the first
- event-group
-
---
- src/imap/cmd-notify.c | 6 +++---
- 1 file changed, 3 insertions(+), 3 deletions(-)
-
-diff --git a/src/imap/cmd-notify.c b/src/imap/cmd-notify.c
-index 4c6aad975..94cf103b8 100644
--- a/src/imap/cmd-notify.c
-+++ b/src/imap/cmd-notify.c
-@@ -292,10 +292,10 @@ cmd_notify_set(struct imap_notify_context *ctx, const struct imap_arg *args)
- 		ctx->send_immediate_status = TRUE;
- 		args++;
- 	}
-+	for (; args->type != IMAP_ARG_EOL; args++) {
-+		if (!imap_arg_get_list(args, &event_group))
-+			return -1;
- 
-	if (!imap_arg_get_list(args, &event_group))
-		return -1;
-	for (; event_group->type != IMAP_ARG_EOL; event_group++) {
- 		/* filter-mailboxes */
- 		if (!imap_arg_get_atom(event_group, &filter_mailboxes))
- 			return -1;
--- a/dovecot-2.3.0.1-libxcrypt.patch
+++ b/dovecot-2.3.0.1-libxcrypt.patch
@ -0,0 +1,11 @@
+diff -up dovecot-2.3.0.1/src/auth/mycrypt.c.libxcrypt dovecot-2.3.0.1/src/auth/mycrypt.c
+--- dovecot-2.3.0.1/src/auth/mycrypt.c.libxcrypt       2018-02-28 15:28:58.000000000 +0100
+++ dovecot-2.3.0.1/src/auth/mycrypt.c 2018-03-27 10:57:38.447769201 +0200
+@@ -14,6 +14,7 @@
+ #  define _XPG6 /* Some Solaris versions require this, some break with this */
+ #endif
+ #include <unistd.h>
+#include <crypt.h>
+ 
+ #include "mycrypt.h"
+ 
--- a/dovecot.spec
+++ b/dovecot.spec
@ -3,9 +3,9 @@
 Summary: Secure imap and pop3 server
 Name: dovecot
 Epoch: 1
-Version: 2.2.31
+Version: 2.2.36
 %global prever %{nil}
-Release: 5%{?dist}
+Release: 1%{?dist}
 #dovecot itself is MIT, a few sources are PD, pigeonhole is LGPLv2
 License: MIT and LGPLv2
 Group: System Environment/Daemons
@ -14,7 +14,7 @@ URL: http://www.dovecot.org/
 Source: http://www.dovecot.org/releases/2.2/%{name}-%{version}%{?prever}.tar.gz
 Source1: dovecot.init
 Source2: dovecot.pam
-%global pigeonholever 0.4.19
+%global pigeonholever 0.4.24
 Source8: http://pigeonhole.dovecot.org/releases/2.2/dovecot-2.2-pigeonhole-%{pigeonholever}.tar.gz
 Source9: dovecot.sysconfig
 Source10: dovecot.tmpfilesd
@ -33,7 +33,7 @@ Patch7: dovecot-2.2.13-online.patch

 Patch8: dovecot-2.2.20-initbysystemd.patch
 Patch9: dovecot-2.2.22-systemd_w_protectsystem.patch
-Patch10: dovecot-2.2.31-notifyrevert.patch
+Patch10: dovecot-2.3.0.1-libxcrypt.patch

 Source15: prestartscript

@ -41,12 +41,16 @@ BuildRequires: openssl-devel, pam-devel, zlib-devel, bzip2-devel, libcap-devel
 BuildRequires: libtool, autoconf, automake, pkgconfig
 BuildRequires: sqlite-devel
 BuildRequires: postgresql-devel
+%if %{?fedora}0 < 280
 BuildRequires: mysql-devel
+BuildRequires: tcp_wrappers-devel
+%else
+BuildRequires: mariadb-connector-c-devel
+%endif
 BuildRequires: openldap-devel
 BuildRequires: krb5-devel
 BuildRequires: quota-devel
 BuildRequires: xz-devel
-BuildRequires: tcp_wrappers-devel

 # gettext-devel is needed for running autoconf because of the
 # presence of AM_ICONV
@ -131,7 +135,7 @@ This package provides the development files for dovecot.
 %patch7 -p1 -b .online
 %patch8 -p1 -b .initbysystemd
 %patch9 -p1 -b .systemd_w_protectsystem
-%patch10 -p1 -b .notifyrevert
+%patch10 -p1 -b .libxcrypt

 #pushd dovecot-2*2-pigeonhole-%{pigeonholever}
 #popd
@ -163,7 +167,9 @@ autoreconf -I . -fiv #required for aarch64 support
    --with-sqlite                \
    --with-zlib                  \
    --with-libcap                \
+%if %{?fedora}0 < 280
    --with-libwrap               \
+%endif
 %if %{?fedora}0 > 150 || %{?rhel}0 >60
    --with-lucene                \
 %endif
@ -492,6 +498,100 @@ make check
 %{_libdir}/%{name}/dict/libdriver_pgsql.so

 %changelog
+* Thu Jun 07 2018 Michal Hlavinka <mhlavink@redhat.com> - 1:2.2.36-1
+- dovecot updated to 2.2.36, pigeonhole updated to 0.4.24
+
+* Thu Apr 19 2018 Michal Hlavinka <mhlavink@redhat.com> - 1:2.2.35-2
+- include crypt.h explicitely
+
+* Wed Mar 21 2018 Michal Hlavinka <mhlavink@redhat.com> - 1:2.2.35-1
+- dovecot updated to 2.2.35, pigeonhole updated to 0.4.23
+
+* Thu Mar 01 2018 Michal Hlavinka <mhlavink@redhat.com> - 1:2.2.34-1
+- dovecot updated to 2.2.34, pigeonhole updated to 0.4.22
+- fixes CVE-2017-15130: TLS SNI config lookups may lead to excessive
+  memory usage, causing imap-login/pop3-login VSZ limit to be reached
+  and the process restarted. This happens only if Dovecot config has
+  local_name { } or local { } configuration blocks and attacker uses
+  randomly generated SNI servernames.
+- fixes CVE-2017-14461: Parsing invalid email addresses may cause a crash or
+  leak memory contents to attacker. For example, these memory contents
+  might contain parts of an email from another user if the same imap
+  process is reused for multiple users.
+- fixes CVE-2017-15132: Aborted SASL authentication leaks memory in login
+  process.
+
+* Fri Feb 09 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 1:2.2.33.2-5
+- Escape macros in %%changelog
+
+* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1:2.2.33.2-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
+
+* Sat Jan 20 2018 Björn Esser <besser82@fedoraproject.org> - 1:2.2.33.2-3
+- Rebuilt for switch to libxcrypt
+
+* Mon Jan 08 2018 Michal Hlavinka <mhlavink@redhat.com> - 1:2.2.33.2-2
+- remove tcp_wrappers on Fedora 28 and later (#1518761)
+- use use mariadb-connector-c-devel instead of mysql-devel on Fedora 28 and later (#1493624)
+
+* Tue Oct 24 2017 Michal Hlavinka <mhlavink@redhat.com> - 1:2.2.33.2-1
+- dovecot updated to 2.2.33.2
+- doveadm: Fix crash in proxying (or dsync replication) if remote is
+  running older than v2.2.33
+- auth: Fix memory leak in %%{ldap_dn}
+- dict-sql: Fix data types to work correctly with Cassandra
+
+* Wed Oct 18 2017 Michal Hlavinka <mhlavink@redhat.com> - 1:2.2.33.1-1
+- dovecot updated to 2.2.33.1, pigeonhole updated to 
+- Added %%{if}, see https://wiki2.dovecot.org/Variables#Conditionals
+- sdbox: Mails were always opened when expunging, unless
+  mail_attachment_fs was explicitly set to empty.
+- lmtp/doveadm proxy: hostip passdb field was ignored, which caused
+  unnecessary DNS lookups if host field wasn't an IP
+- lmtp proxy: Fix crash when receiving unexpected reply in RCPT TO
+- quota_clone: Update also when quota is unlimited (broken in v2.2.31)
+- mbox, zlib: Fix assert-crash when accessing compressed mbox
+- doveadm director kick -f parameter didn't work
+- doveadm director flush <host> resulted flushing all hosts, if <host>
+  wasn't an IP address.
+- director: Various fixes to handling backend/director changes at
+   abnormal times, especially while ring was unsynced.
+- director: Use less CPU in imap-login processes when moving/kicking
+  many users.
+- lmtp: Session IDs were duplicated/confusing with multiple RCPT TOs
+  when lmtp_rcpt_check_quota=yes
+- LDA Sieve plugin: Fixed sequential execution of LDAP-based scripts. A
+  missing LDAP-based script could cause the script sequence to exit earlier.
+- sieve-filter: Removed the (now) duplicate utf8 to mutf7 mailbox name
+  conversion. This caused problems with mailbox names containing UTF-8
+  characters. 
+
+* Mon Aug 28 2017 Michal Hlavinka <mhlavink@redhat.com> - 1:2.2.32-2
+- pigeonhole updated to 0.4.20
+- Made the retention period for redirect duplicate identifiers
+  configurable. Changed the default retention period from 24 to 12 hours.
+- sieve-filter: Fixed memory leak: forgot to clean up script binary at
+  end of execution
+- managesieve-login: Fixed handling of AUTHENTICATE command. A second
+  authenticate command would be parsed wrong.
+
+* Fri Aug 25 2017 Michal Hlavinka <mhlavink@redhat.com> - 1:2.2.32-1
+- dovecot updated to 2.2.32
+- Modseq tracking didn't always work correctly. This could have caused
+  imap unhibernation to fail or IMAP QRESYNC/CONDSTORE extensions to
+  not work perfectly.
+- mdbox: "Inconsistency in map index" wasn't fixed automatically
+- dict-ldap: %variable values used in the LDAP filter weren't escaped.
+- quota=count: quota_warning = -storage=.. was never executed (try #2).
+- imapc: >= 32 kB mail bodies were supposed to be cached for subsequent
+  FETCHes, but weren't.
+- quota-status service didn't support recipient_delimiter
+- acl: Don't access dovecot-acl-list files with acl_globals_only=yes
+- mail_location: If INDEX dir is set, mailbox deletion deletes its
+  childrens' indexes. 
+- director: v2.2.31 caused rapid reconnection loops to directors
+  that were down.
+
 * Wed Aug 02 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1:2.2.31-5
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild

@ -574,7 +674,7 @@ make check
 - dsync: Large Sieve scripts (or other large metadata) weren't always
  synced.
 - Index rebuild (e.g. doveadm force-resync) set all mails as \Recent
- imap-hibernate: %{userdb:*} wasn't expanded in mail_log_prefix
+- imap-hibernate: %%{userdb:*} wasn't expanded in mail_log_prefix
 - doveadm: Exit codes weren't preserved when proxying commands via
  doveadm-server. Almost all errors used exit code 75 (tempfail).
 - ACLs weren't applied to not-yet-existing autocreated mailboxes.
@ -596,7 +696,7 @@ make check
  for multiple requests (service_count != 1)
 - sdbox: Fix assert-crash on mailbox create race
 - lda/lmtp: deliver_log_format values weren't entirely correct if Sieve
-  was used. especially %{storage_id} was broken.
+  was used. especially %%{storage_id} was broken.
 - imapsieve plugin: Fixed assert failure occurring when used with virtual
  mailboxes.
 - doveadm sieve plugin: Fixed crash when setting Sieve script via attribute's
@ -641,10 +741,10 @@ make check
  This might have allowed untrusted processes to capture and prevent
  "doveadm service stop" comands from working.
 - login proxy: Fixed crash when outgoing SSL connections were hanging.
- auth: userdb fields weren't passed to auth-workers, so %{userdb:*}
+- auth: userdb fields weren't passed to auth-workers, so %%{userdb:*}
  from previous userdbs didn't work there.
 - auth: Fixed auth_bind=yes + sasl_bind=yes to work together
- lmtp: %{userdb:*} variables didn't work in mail_log_prefix
+- lmtp: %%{userdb:*} variables didn't work in mail_log_prefix
 - Fixed writing >2GB to iostream-temp files (used by fs-compress,
  fs-metawrap, doveadm-http)
 - fts-solr: Fixed searching multiple mailboxes
@ -697,7 +797,7 @@ make check

 * Wed Mar 16 2016 Michal Hlavinka <mhlavink@redhat.com> - 1:2.2.22-1
 - dovecot updated to 2.2.22
- auth: Auth caching was done too aggressively when %variables were
+- auth: Auth caching was done too aggressively when %%variables were
  used in default_fields, override_fields or LDAP pass/user_attrs.
  userdb result_* were also ignored when user was found from cache.
 - imap: Fixed various assert-crashes caused v2.2.20+. Some of them
@ -758,7 +858,7 @@ make check
  allocation in the sieve command implementations.

 * Tue Dec 08 2015 Michal Hlavinka <mhlavink@redhat.com> - 1:2.2.20-2
- move ssl initialization from %post to dovecot-init.service
+- move ssl initialization from %%post to dovecot-init.service

 * Tue Dec 08 2015 Michal Hlavinka <mhlavink@redhat.com> - 1:2.2.20-1
 - dovecot updated to 2.2.20
@ -1267,7 +1367,7 @@ make check
 - updated to 2.1.rc1
 - major changes since 2.0.x:
 - plugins now use UTF-8 mailbox names rather than mUTF-7
- auth_username_format default changed to %Lu
+- auth_username_format default changed to %%Lu
 - solr full text search backend changed to use mailbox GUIDs instead of
  mailbox names, requiring reindexing everything

--- a/4
+++ b/4
@ -1,2 +1,2 @@
-SHA512 (dovecot-2.2.31.tar.gz) = 071797e260a75de9117b03c0fa9d903de82b1f1c039c2aece2d7313587e6673c49174bfce17b80fe3f3725fcbc42ed3a1bd1f1c22efef5bc016752277eff3266
-SHA512 (dovecot-2.2-pigeonhole-0.4.19.tar.gz) = c1211a3c65b25995770309c427ec5cd888ddb962f2f64884640163b492a11ffa8937aac1eb66d25e48f0e00131da1cc98c1cb307781576780de47b8816333ff1
+SHA512 (dovecot-2.2.36.tar.gz) = 327c50971e276f6013ca7f7bb59498ee88d76c9f8419bd18ee531cf10142214350fb81c6d64eaef73ee01765dd0fcf4142ab146ed67d9d7d86d5a58d41cf8db5
+SHA512 (dovecot-2.2-pigeonhole-0.4.24.tar.gz) = 2e21c95ece475ffcb78e5b5d4efa29e61471faf90b80b44a49963fb287de2784ebfb4c2b7ddfc66732fd073e9f02995d5950840336f6babe618b3d7d5166059f
Author	SHA1	Message	Date
Michal Hlavinka	49ee1b1eb6	dovecot updated to 2.2.36, pigeonhole updated to 0.4.24	2018-06-07 10:15:36 +02:00
Michal Hlavinka	710627472a	dovecot updated to 2.2.35, pigeonhole updated to 0.4.23	2018-03-21 17:55:08 +01:00
Michal Hlavinka	c75d4e7107	upload new tarballs	2018-03-02 10:41:27 +01:00
Michal Hlavinka	a27cafd2e8	dovecot updated to 2.2.34, pigeonhole updated to 0.4.22 fixes CVE-2017-15130: TLS SNI config lookups may lead to excessive memory usage, causing imap-login/pop3-login VSZ limit to be reached and the process restarted. This happens only if Dovecot config has local_name { } or local { } configuration blocks and attacker uses randomly generated SNI servernames. fixes CVE-2017-14461: Parsing invalid email addresses may cause a crash or leak memory contents to attacker. For example, these memory contents might contain parts of an email from another user if the same imap process is reused for multiple users. fixes CVE-2017-15132: Aborted SASL authentication leaks memory in login process.	2018-03-02 10:38:35 +01:00
Michal Hlavinka	8e92fc5f66	dovecot updated to 2.2.33.2 doveadm: Fix crash in proxying (or dsync replication) if remote is running older than v2.2.33 auth: Fix memory leak in %{ldap_dn} dict-sql: Fix data types to work correctly with Cassandra	2017-10-24 12:33:15 +02:00
Michal Hlavinka	d5df6cbf02	pigeonhole updated to 0.4.20 Made the retention period for redirect duplicate identifiers configurable. Changed the default retention period from 24 to 12 hours. sieve-filter: Fixed memory leak: forgot to clean up script binary at end of execution managesieve-login: Fixed handling of AUTHENTICATE command. A second authenticate command would be parsed wrong.	2017-09-07 09:02:32 +02:00