Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package dovecot23 for openSUSE:Factory
checked in at 2021-12-14 22:02:24
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/dovecot23 (Old)
and /work/SRC/openSUSE:Factory/.dovecot23.new.2520 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "dovecot23"
Tue Dec 14 22:02:24 2021 rev:42 rq:940573 version:2.3.17.1
Changes:
--------
--- /work/SRC/openSUSE:Factory/dovecot23/dovecot23.changes 2021-08-18
08:56:39.722921984 +0200
+++ /work/SRC/openSUSE:Factory/.dovecot23.new.2520/dovecot23.changes
2021-12-14 22:02:49.851169636 +0100
@@ -1,0 +2,132 @@
+Tue Dec 7 18:54:54 UTC 2021 - Michael Str??der <mich...@stroeder.com>
+
+- update to 2.3.17.1 and pigeonhole to 0.5.17.1
+- rebased dovecot-2.3.0-better_ssl_defaults.patch
+
+ Dovecot 2.3.17.1
+ - dsync: Add back accidentically removed parameters.
+ - lib-ssl-iostream: Fix assert-crash when OpenSSL returned syscall error
+ without errno.
+ - master: Dovecot failed to start if ssl_ca was too large.
+ Dovecot 2.3.17
+ * Dovecot now logs a warning if time seems to jump forward at least
+ 100 milliseconds.
+ * dict: Lines logged by the dict process now contain the dict name as
+ the prefix.
+ * lib-index: mail_cache_fields, mail_always_cache_fields and
+ mail_never_cache_fields now verifies that the listed header names are
+ valid. Especially the UTF8 "???" character has sometimes been wrongly
+ used instead of the ASCII "-".
+ + *-login: Added login_proxy_rawlog_dir setting to capture
+ rawlogs between proxy and backend.
+ + dict: The server process now keeps the last 10 idle dict backends
+ cached for maximum of 30 seconds. Practically this acts as a
+ connection pool for dict-redis and dict-ldap. Note that this doesn't
+ affect dict-sql, because it already had its own internal cache.
+ + doveadm: New stats add/remove commands added to support changing the
+ metrics configuration on runtime.
+ + lazy_expunge: Added lazy_expunge_exclude settings to disable
+ lazy_expunge for specific folders. \Special-use flags can be used as
+ folder names.
+ + lib-lua: Added a new helper function dovecot.restrict_global_variables()
+ to disable or enable defining new global variables.
+ - LAYOUT=index List index rebuild was missing.
+ - LAYOUT=index: Duplicate GUIDs were not detected.
+ - acl: When using acl_ignore_namespace Dovecot attempted to access or
+ create dovecot-acl-list even when the namespace should have been
+ ignored. For virtual namespaces this could have yielded errors about
+ "Read-only file system" or "Permission denied".
+ - auth: Setting the "master" passdb field to empty value would
+ cause proxying to fail with an authentication error.
+ Now an empty "master" field is ignored.
+ - doveadm-server: Duplicate error lines were sent for failed commands.
+ This didn't normally cause visible problems, except when using
+ wildcards in usernames or -A parameter to go through multiple users.
+ - doveadm-server: Logs written by doveadm-server were often missing log
+ prefixes, especially mail_log_prefix for mail commands. Logs sent to
+ doveadm TCP client were also missing log prefixes.
+ - doveadm: v2.3 regression: batch command always crashes.
+ - doveadm: v2.3.11 regression: Commands failed if ssl_cert or
+ ssl_key files weren't readable by the user running doveadm, even
+ though doveadm didn't actually use these settings
+ - imap-hibernate: Process may crash at deinit:
+ Panic: file ioloop.c: line 928 (io_loop_destroy): assertion failed:
+ (ioloop->cur_ctx == NULL).
+ - imap: Using imap_fetch_failure=no-after can cause assert-crash
+ with some IMAP commands if reading the mail fails (e.g. wrong cached
+ mail size). Fixes:
+ Panic: file index-mail-headers.c: line 198 (index_mail_parse_header_init):
+ assertion failed: (!mail->data.header_parser_initialized)
+ - imap: v2.3.10 regression: When using INDEXPVT to enable private
+ \Seen flags (for shared or public namespaces) the STORE command did
+ not send untagged replies for the \Seen flag changes.
+ - imap: v2.3.15 regression: If PREVIEW/SNIPPET is not the final FETCH
+ option in the command, the IMAP FETCH response is broken.
+ - imap: v2.3.15 regression: MOVE command leaks mailbox if it can't be
+ opened and crashes at deinit:
+ Panic: file mail-user.c: line 229 (mail_user_deinit): assertion failed:
+ ((*user)->refcount == 1).
+ - imapc: Copying nonexistent mail via imapc could have crashed. Fixes:
+ Panic: file mail-storage.c: line 2385
(mailbox_transaction_commit_get_changes):
+ assertion failed: (ret < 0 || seq_range_count(&changes_r->saved_uids) ==
save_count ||
+ array_count(&changes_r->saved_uids) == 0).
+ - indexer: v2.3.15 regression: Process crashes if indexer-client
+ disconnects while it's waiting for command reply. This happened for
+ example if IMAP SEARCH triggered long fts indexing and the IMAP
+ client disconnected while waiting for the reply.
+ - indexer: v2.3.15 regression: Process may have crashed in some situations.
+ - indexer: v2.3.15 regression: indexer-worker processes may not have
+ reached the process_limit in some situations, possibly even using just
+ one indexer-worker process even though there were many indexing
+ requests queued.
+ - lib-compression: Reading lz4 compressed mdbox mails may crash. Fixes:
+ Panic: file istream.c: line 345 (i_stream_read_memarea):
+ assertion failed: (!stream->blocking).
+ - lib-compression: bench-compress crashes due to xz being read-only.
+ - lib-lua: Fix linking libdict_lua for non-GNU linkers when Lua support
+ is disabled.
+ - lib-mail: There was no limit on how large an email header name could be.
+ Processable header names are now limited to 1000 bytes.
+ - lib-oauth2: Dovecot disallowed JWT tokens if their validity time was
+ older than token creation time (nbf < iat).
+ - lib-storage: Reduce memory footprint of certain storage operations.
+ - lib-storage: When listing mailboxes with storage name escape
+ characters (^ or .) as part of the mailbox name, the listing could
+ show corrupted mailbox names. Due to an issue in handling escaped
+ parent folders, the listing of other mailbox names would become
+ corrupted by prepending parts of the previously listed mailboxes
+ parent folder as prefix to the actual mailbox names. The corruption
+ can occur when using LAYOUT=INDEX and maildir or obox, or when using
+ the listescape plugin.
+ - mail-crypt: Fix "-O" argument for "doveadm mailbox cryptokey password"
+ command to be a boolean, and not expect a string.
+ - submission-login: Add support for not authenticating to next hop in
+ submission proxying.
+ - submission-login: EHLO was not sent again after XCLIENT when doing
+ submission proxying.
+ - virtual: Mailboxes do not correctly detect underlying mailboxes
+ getting re-created even though they have a different UIDVALIDITY or
+ GUID.
+ Pigeonhole v0.5.17
+ - duplicate: The Sieve duplicate test is prone to false negatives when
+ the user receives many e-mails concurrently, meaning that duplicate
+ deliveries can still occur.
+ - fileinto: v2.3.16 regression: Sieve delivery crashes if mail is
+ delivered to non-existing and existing folder.
+ - imap-filter-sieve: v2.3.15 regression: The CPU limits on Sieve
+ execution are too easily exceeded in IMAP context (the IMAPSieve and
+ FILTER=SIEVE capabilities). Changed the default to unlimited CPU time
+ for IMAP context, since similar excessive resource usage can be caused
+ by other means as well. The CPU limits on Sieve scripts executed at
+ LDA/LMTP delivery are still enforced by default.
+ - redirect: The Sieve redirect action has protections against users
+ triggering mail loops. Unfortunately, the detection of a redirect mail
+ loop sometimes causes the message to get lost if no other Sieve action
+ is applied that delivers the message somewhere else.
+ - redirect: v2.3.16 regression: With certain Sieve scripts if redirect
+ fails due to temporary failure, the lmtp process may crash after the
+ delivery. Fixes:
+ Panic: file mail-user.c: line 229 (mail_user_deinit):
+ assertion failed: ((*user)->refcount == 1).
+
+-------------------------------------------------------------------
Old:
----
dovecot-2.3-pigeonhole-0.5.16.tar.gz
dovecot-2.3-pigeonhole-0.5.16.tar.gz.sig
dovecot-2.3.16.tar.gz
dovecot-2.3.16.tar.gz.sig
New:
----
dovecot-2.3-pigeonhole-0.5.17.1.tar.gz
dovecot-2.3-pigeonhole-0.5.17.1.tar.gz.sig
dovecot-2.3.17.1.tar.gz
dovecot-2.3.17.1.tar.gz.sig
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ dovecot23.spec ++++++
--- /var/tmp/diff_new_pack.wJZVVL/_old 2021-12-14 22:02:50.683170110 +0100
+++ /var/tmp/diff_new_pack.wJZVVL/_new 2021-12-14 22:02:50.687170113 +0100
@@ -19,11 +19,11 @@
%global _lto_cflags %{nil}
Name: dovecot23
-Version: 2.3.16
+Version: 2.3.17.1
Release: 0
%define pkg_name dovecot
-%define dovecot_version 2.3.16
-%define dovecot_pigeonhole_version 0.5.16
+%define dovecot_version 2.3.17.1
+%define dovecot_pigeonhole_version 0.5.17.1
%define dovecot_branch 2.3
%define dovecot_pigeonhole_source_dir
%{pkg_name}-%{dovecot_branch}-pigeonhole-%{dovecot_pigeonhole_version}
%define dovecot_pigeonhole_docdir %{_docdir}/%{pkg_name}/dovecot-pigeonhole
++++++ dovecot-2.3-pigeonhole-0.5.16.tar.gz ->
dovecot-2.3-pigeonhole-0.5.17.1.tar.gz ++++++
++++ 8327 lines of diff (skipped)
++++++ dovecot-2.3.0-better_ssl_defaults.patch ++++++
--- /var/tmp/diff_new_pack.wJZVVL/_old 2021-12-14 22:02:51.155170380 +0100
+++ /var/tmp/diff_new_pack.wJZVVL/_new 2021-12-14 22:02:51.159170382 +0100
@@ -1,13 +1,13 @@
-diff -ur dovecot-2.3.15.orig/doc/example-config/conf.d/10-ssl.conf
dovecot-2.3.15/doc/example-config/conf.d/10-ssl.conf
---- dovecot-2.3.15.orig/doc/example-config/conf.d/10-ssl.conf
-+++ dovecot-2.3.15/doc/example-config/conf.d/10-ssl.conf
+diff -ur dovecot-2.3.17.1.orig/doc/example-config/conf.d/10-ssl.conf
dovecot-2.3.17.1/doc/example-config/conf.d/10-ssl.conf
+--- dovecot-2.3.17.1.orig/doc/example-config/conf.d/10-ssl.conf
2021-12-03 12:48:47.000000000 +0100
++++ dovecot-2.3.17.1/doc/example-config/conf.d/10-ssl.conf 2021-12-07
20:09:55.575984341 +0100
@@ -9,8 +9,8 @@
# dropping root privileges, so keep the key file unreadable by anyone but
# root. Included doc/mkcert.sh can be used to easily generate self-signed
# certificate, just make sure to update the domains in dovecot-openssl.cnf
-ssl_cert = </etc/ssl/certs/dovecot.pem
-ssl_key = </etc/ssl/private/dovecot.pem
-+#ssl_cert = </etc/ssl/private/dovecot.crt
++#ssl_cert = </etc/ssl/certs/dovecot.pem
+#ssl_key = </etc/ssl/private/dovecot.pem
# If key file is password protected, give the password here. Alternatively
@@ -34,13 +34,13 @@
# no_ticket - Disable SSL session tickets.
#ssl_options =
+ssl_options = no_compression
-diff -ur dovecot-2.3.15.orig/src/lib-master/master-service-ssl-settings.c
dovecot-2.3.15/src/lib-master/master-service-ssl-settings.c
---- dovecot-2.3.15.orig/src/lib-master/master-service-ssl-settings.c
2021-06-14 15:40:37.000000000 +0200
-+++ dovecot-2.3.15/src/lib-master/master-service-ssl-settings.c
2021-06-21 14:09:29.663825041 +0200
-@@ -62,7 +62,7 @@
+diff -ur dovecot-2.3.17.1.orig/src/lib-master/master-service-ssl-settings.c
dovecot-2.3.17.1/src/lib-master/master-service-ssl-settings.c
+--- dovecot-2.3.17.1.orig/src/lib-master/master-service-ssl-settings.c
2021-12-03 12:48:47.000000000 +0100
++++ dovecot-2.3.17.1/src/lib-master/master-service-ssl-settings.c
2021-12-07 20:10:57.811653344 +0100
+@@ -49,7 +49,7 @@
+ .ssl_client_ca_dir = "",
.ssl_client_cert = "",
.ssl_client_key = "",
- .ssl_dh = "",
- .ssl_cipher_list =
"ALL:!kRSA:!SRP:!kDHd:!DSS:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK:!RC4:!ADH:!LOW@STRENGTH",
+ .ssl_cipher_list =
"ALL:!LOW:!SSLv2:!EXP:!aNULL:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK:!RC4:!ADH:!LOW@STRENGTH",
.ssl_cipher_suites = "", /* Use TLS library provided value */
++++++ dovecot-2.3-pigeonhole-0.5.16.tar.gz -> dovecot-2.3.17.1.tar.gz ++++++
/work/SRC/openSUSE:Factory/dovecot23/dovecot-2.3-pigeonhole-0.5.16.tar.gz
/work/SRC/openSUSE:Factory/.dovecot23.new.2520/dovecot-2.3.17.1.tar.gz differ:
char 5, line 1
