diff options
author | taca <taca@pkgsrc.org> | 2017-04-13 01:59:08 +0000 |
---|---|---|
committer | taca <taca@pkgsrc.org> | 2017-04-13 01:59:08 +0000 |
commit | 46bba9e4f0efcc6a13eaad4e2345885270c72440 (patch) | |
tree | a476d402728102837e08c18dbbb5a106fdd0596e /mail | |
parent | 7ceffe5c41841fc5e0da77cd3766fa1eeb0c4099 (diff) | |
download | pkgsrc-46bba9e4f0efcc6a13eaad4e2345885270c72440.tar.gz |
Update dovecot2 to 2.2.29.1. This release contains security fixes.
v2.2.29.1 2017-04-12 Timo Sirainen <tss@iki.fi>
- imapc reconnection fix was forgotten from 2.2.29 release, which also
made "make check" fail in a unit test
- dict-sql: Merging multiple UPDATEs to a single statement wasn't
actually working.
- Fixed building with vpopmail
v2.2.29 2017-04-10 Timo Sirainen <tss@iki.fi>
* passdb/userdb dict: Don't double-expand %variables in keys. If dict
was used as the authentication passdb, using specially crafted
%variables in the username could be used to cause DoS (CVE-2017-2669)
* When Dovecot encounters an internal error, it logs the real error and
usually logs another line saying what function failed. Previously the
second log line's error message was a rather uninformative "Internal
error occurred. Refer to server log for more information." Now the
real error message is duplicated in this second log line.
* lmtp: If a delivery has multiple recipients, run autoexpunging only
for the last recipient. This avoids a problem where a long
autoexpunge run causes LMTP client to timeout between the DATA
replies, resulting in duplicate mail deliveries.
* config: Don't stop the process due to idling. Otherwise the
configuration is reloaded when the process restarts.
* mail_log plugin: Differentiate autoexpunges from regular expunges
* imapc: Use LOGOUT to cleanly disconnect from server.
* lib-http: Internal status codes (>9000) are no longer visible in logs
* director: Log vhost count changes and HOST-UP/DOWN
+ quota: Add plugin { quota_max_mail_size } setting to limit the
maximum individual mail size that can be saved.
+ imapc: Add imapc_features=delay-login. If set, connecting to the
remote IMAP server isn't done until it's necessary.
+ imapc: Add imapc_connection_retry_count and
imapc_connection_retry_interval settings.
+ imap, pop3, indexer-worker: Add (deinit) to process title before
autoexpunging runs.
+ Added %{encrypt} and %{decrypt} variables
+ imap/pop3 proxy: Log proxy state in errors as human-readable string.
+ imap/pop3-login: All forward_* extra fields returned by passdb are
sent to the next hop when proxying using ID/XCLIENT commands. On the
receiving side these fields are imported and sent to auth process
where they're accessible via %{passdb:forward_*}. This is done only
if the sending IP address matches login_trusted_networks.
+ imap-login: If imap_id_retain=yes, send the IMAP ID string to
auth process. %{client_id} expands to it in auth process. The ID
string is also sent to the next hop when proxying.
+ passdb imap: Use ssl_client_ca_* settings for CA validation.
- fts-tika: Fixed crash when parsing attachment without
Content-Disposition header. Broken by 2.2.28.
- trash plugin was broken in 2.2.28
- auth: When passdb/userdb lookups were done via auth-workers, too much
data was added to auth cache. This could have resulted in wrong
replies when using multiple passdbs/userdbs.
- auth: passdb { skip & mechanisms } were ignored for the first passdb
- oauth2: Various fixes, including fixes to crashes
- dsync: Large Sieve scripts (or other large metadata) weren't always
synced.
- Index rebuild (e.g. doveadm force-resync) set all mails as \Recent
- imap-hibernate: %{userdb:*} wasn't expanded in mail_log_prefix
- doveadm: Exit codes weren't preserved when proxying commands via
doveadm-server. Almost all errors used exit code 75 (tempfail).
- ACLs weren't applied to not-yet-existing autocreated mailboxes.
- Fixed a potential crash when parsing a broken message header.
- cassandra: Fallback consistency settings weren't working correctly.
- doveadm director status <user>: "Initial config" was always empty
- imapc: Various reconnection fixes.
Diffstat (limited to 'mail')
-rw-r--r-- | mail/dovecot2-sqlite/Makefile | 3 | ||||
-rw-r--r-- | mail/dovecot2/Makefile.common | 6 | ||||
-rw-r--r-- | mail/dovecot2/PLIST | 6 | ||||
-rw-r--r-- | mail/dovecot2/distinfo | 10 |
4 files changed, 14 insertions, 11 deletions
diff --git a/mail/dovecot2-sqlite/Makefile b/mail/dovecot2-sqlite/Makefile index ef1bd825f4a..e536ec02714 100644 --- a/mail/dovecot2-sqlite/Makefile +++ b/mail/dovecot2-sqlite/Makefile @@ -1,7 +1,6 @@ -# $NetBSD: Makefile,v 1.4 2016/12/12 14:22:03 wiz Exp $ +# $NetBSD: Makefile,v 1.5 2017/04/13 01:59:08 taca Exp $ # -PKGREVISION= 1 .include "../../mail/dovecot2/Makefile.plugin" PKGNAME= ${DISTNAME:S/dovecot/dovecot-sqlite/} diff --git a/mail/dovecot2/Makefile.common b/mail/dovecot2/Makefile.common index b0b25789b87..4517926884a 100644 --- a/mail/dovecot2/Makefile.common +++ b/mail/dovecot2/Makefile.common @@ -1,4 +1,4 @@ -# $NetBSD: Makefile.common,v 1.5 2017/03/18 07:14:46 adam Exp $ +# $NetBSD: Makefile.common,v 1.6 2017/04/13 01:59:08 taca Exp $ # # when updating to a new release, update ABI depends in # the buildlink3.mk file as well, since the plugins' version @@ -9,9 +9,9 @@ # used by mail/dovecot2-mysql/Makefile # used by mail/dovecot2-pgsql/Makefile -DISTNAME= dovecot-2.2.28 +DISTNAME= dovecot-2.2.29.1 CATEGORIES= mail -MASTER_SITES= http://www.dovecot.org/releases/${PKGVERSION_NOREV:R}/ +MASTER_SITES= https://www.dovecot.org/releases/2.2/ MAINTAINER= adam@NetBSD.org HOMEPAGE= http://www.dovecot.org/ diff --git a/mail/dovecot2/PLIST b/mail/dovecot2/PLIST index dcf9ca3eb58..1557840216e 100644 --- a/mail/dovecot2/PLIST +++ b/mail/dovecot2/PLIST @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.52 2017/03/18 07:14:46 adam Exp $ +@comment $NetBSD: PLIST,v 1.53 2017/04/13 01:59:08 taca Exp $ bin/doveadm bin/doveconf bin/dsync @@ -150,6 +150,7 @@ include/dovecot/hex-dec.h include/dovecot/hmac-cram-md5.h include/dovecot/hmac.h include/dovecot/home-expand.h +include/dovecot/hook-build.h include/dovecot/hostpid.h include/dovecot/http-auth.h include/dovecot/http-client-private.h @@ -538,9 +539,11 @@ include/dovecot/userdb-vpopmail.h include/dovecot/userdb.h include/dovecot/utc-mktime.h include/dovecot/utc-offset.h +include/dovecot/var-expand-private.h include/dovecot/var-expand.h include/dovecot/wildcard-match.h include/dovecot/write-full.h +lib/dovecot/auth/lib20_auth_var_expand_crypt.la lib/dovecot/auth/libauthdb_imap.la lib/dovecot/doveadm/lib10_doveadm_acl_plugin.la lib/dovecot/doveadm/lib10_doveadm_expire_plugin.la @@ -570,6 +573,7 @@ lib/dovecot/lib20_mailbox_alias_plugin.la lib/dovecot/lib20_push_notification_plugin.la lib/dovecot/lib20_quota_clone_plugin.la lib/dovecot/lib20_replication_plugin.la +lib/dovecot/lib20_var_expand_crypt.la lib/dovecot/lib20_virtual_plugin.la lib/dovecot/lib20_zlib_plugin.la lib/dovecot/lib21_fts_squat_plugin.la diff --git a/mail/dovecot2/distinfo b/mail/dovecot2/distinfo index ac20f3b3cf1..069a85ae797 100644 --- a/mail/dovecot2/distinfo +++ b/mail/dovecot2/distinfo @@ -1,9 +1,9 @@ -$NetBSD: distinfo,v 1.71 2017/03/18 07:14:46 adam Exp $ +$NetBSD: distinfo,v 1.72 2017/04/13 01:59:08 taca Exp $ -SHA1 (dovecot-2.2.28.tar.gz) = ca417ebbfea30f71311a239e082adac81e989543 -RMD160 (dovecot-2.2.28.tar.gz) = 7d70d97e28fe5a4916b37278effabdaf3a7ecd03 -SHA512 (dovecot-2.2.28.tar.gz) = 3f40eb52413130dd47da98470d797ede63db3296923c2888b48f1a021e473cfcad064671ad804037d101990457ee57def30f2c27010ede2d758f3d3cfd8ef741 -Size (dovecot-2.2.28.tar.gz) = 5921992 bytes +SHA1 (dovecot-2.2.29.1.tar.gz) = b9fab821e50337919ac617f1bb9d72e9aa9e8778 +RMD160 (dovecot-2.2.29.1.tar.gz) = 3fcfb72df0debe90fe7b7bd7bb98e8bba210857d +SHA512 (dovecot-2.2.29.1.tar.gz) = 1e5ea6080ebe7dd4afe6fcfe8e98ed6d2ad2735655a18cc96e439dd044ccc3a1a6a80428bc746b4d6250820895d6a62121562e97e4b46c8b1cf88a19443bc111 +Size (dovecot-2.2.29.1.tar.gz) = 5972119 bytes SHA1 (patch-aa) = ea185011f0c1ee3aa1ff528e61f6f356fe385666 SHA1 (patch-ab) = d637a64feec8e4eafacda149cf0193aa1b70a054 SHA1 (patch-ae) = 51d8cb998cc2ded8bfc767710e465b752c50e656 |