Your message dated Sun, 18 May 2025 16:45:40 +0200
with message-id <[email protected]>
and subject line Re: Bug#1101757: unblock: dovecot/1:2.4.1+dfsg1-1
has caused the Debian Bug report #1101757,
regarding unblock: dovecot/1:2.4.1+dfsg1-1
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1101757: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1101757
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: [email protected]
Usertags: unblock
X-Debbugs-Cc: [email protected]
Control: affects -1 + src:dovecot
Hi release team. I opened a transition request for dovecot a couple of weeks
ago, but figure it might be ignored at the moment given the state of the
freeze [1]. Apologies for the redundancy.
I'd very much like to include dovecot 2.4.1 with the trixie release. The
version currently in testing is basically the same version as what's in
bookworm and is barely supported upstream as it is. Supporting it for the
full lifetime of trixie will be challenging.
The earlier transition was opened because dovecot upstream releases impact
dovecot-dev, which is a build-dep of dovecot-fts-xapian and dovecot-antispam.
The former simply needs a binNMU, as it fully supports 2.4.1 today. The
dovecot-antispam package, on the other hand, hasn't seen any commits to the
upstream git repository since 2017 and hasn't seen any maintainer activity in
Debian since 2018. It does not support dovecot 2.4, and IMO we should not
ship it with trixie. [2]
Note that the 32-bit build issues described in the transition request have
been fully resolved, and dovecot builds on all release architectures.
Risks associated with updating include:
* dovecot 2.4 is a major upgrade and was released early this year after
several years of upstream development. There is certainly the potential to
introduce new bugs.
* dovecot 2.4 introduces configuration file syntax changes that will cause
pain for admins during the upgrade process.
Responses to these risks:
* dovecot 2.4 will be supported by upstream for a longer period of time than
the 2.3 branch. They've already made one bug fix release (2.4.1, the
subject of this request) and will make more as needed.
* 2.3 is mature, but also not receiving signifant attention upstream. I
expect that we'd generally be on our own supporting this package during the
trixie lifetime
* The pain associated with the config file changes is unlikely to be mitigated
by avoiding this transition. We'd just be putting it off. There are no
plans to develop an automated configuration translation tool.
The proposed version is currently in experimental as 1:2.4.1+dfsg1-1~exp1 [3].
Prior to that, 2.4.0 had several revisions in experimental where various bugs
were identified and squashed.
The complete debdiff is at
https://people.debian.org/~noahm/dovecot_2.4.1+dfsg1-1~exp1.debdiff
The debian/changelog diff between testing and experimental is attached.
Thanks
noah
1. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1100698
2. https://git.sipsolutions.net/dovecot-antispam.git/
3. https://packages.debian.org/source/experimental/dovecot
unblock dovecot/1:2.4.1+dfsg1-1
diff --git a/debian/changelog b/debian/changelog
index b7ab4746f..606916cd8 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,76 @@
+dovecot (1:2.4.1+dfsg1-1~exp1) experimental; urgency=medium
+
+ * [18c4170] d/watch: handle suffixes in upstream release filenames
+ * [340250d] New upstream version 2.4.1+dfsg1
+ * [2fcd382] Ensure we don't try to download files from the internet during
build
+ * [4497016] refresh patches
+ * [af108c1] Remove obsolete patches
+ * [0ed2624] Fix 32-bit integer rollover in tests
+ * [528f075] d/rules: remove autogenerated sources on clean
+
+ -- Noah Meyerhans <[email protected]> Sun, 30 Mar 2025 11:48:57 -0400
+
+dovecot (1:2.4.0+dfsg1-1~exp6) experimental; urgency=medium
+
+ * [827f8b7] fix and re-enable 32-bit builds
+
+ -- Noah Meyerhans <[email protected]> Mon, 24 Mar 2025 15:16:57 -0400
+
+dovecot (1:2.4.0+dfsg1-1~exp5) experimental; urgency=medium
+
+ * [cea2f60] d/rules: remove additional files on clean
+ * [24e625b] ci: extend the timeout for the test-build-twice job
+ * [1df7d66] Fix ABI identification and add safety checking for it
+
+ -- Noah Meyerhans <[email protected]> Mon, 17 Mar 2025 09:56:33 -0400
+
+dovecot (1:2.4.0+dfsg1-1~exp4) experimental; urgency=medium
+
+ * [0806d3b] Move 90-sieve-extprograms back to dovecot-sieve where it belongs
+ (Closes: #1100146)
+
+ -- Noah Meyerhans <[email protected]> Thu, 13 Mar 2025 17:41:17 -0400
+
+dovecot (1:2.4.0+dfsg1-1~exp3) experimental; urgency=medium
+
+ * [4989934] Install a config file for flatcurve
+ * [baeb072] Add default lmtpd configuration
+ * [1d1d874] d/rules: drop some obsolete configure options
+ * [6bc7f0b] pigeonhole: enable ldap pluggin support
+ * [1998623] Enable experimental support for SMTPUTF8 and UTF8=ACCEPT
+ * [22abd27] enable cdb support
+ * [369d4a4] ci: disable i386 builds
+ * [e6ff65b] update autopkgtests
+ * [56dd0d6] debian/dovecot-core.NEWS: Document configuration changes
+ * [3d12c1e] d/rules: Update ABI detection
+
+ -- Noah Meyerhans <[email protected]> Tue, 11 Mar 2025 11:31:12 -0400
+
+dovecot (1:2.4.0+dfsg1-1~exp2) experimental; urgency=medium
+
+ * [ab636e4] Correct ucf handling of /etc/dovecot/dovecot.conf
+ * [ea5102c] Stop building for 32-bit architectures
+ * [88fecb4] fix shell error in dovecot-managesieved.postinst
+ * [68875fa] Fix some groff issues in manpages
+ * [b406a2f] drop stale lintian overrides
+ * [34e4a3b] lintian: ignore circular dependency between -core and -sieve
+ * [ee13475] d/copyright: Update or remove some attributions
+
+ -- Noah Meyerhans <[email protected]> Wed, 12 Feb 2025 16:39:17 -0500
+
+dovecot (1:2.4.0+dfsg1-1~exp1) experimental; urgency=medium
+
+ [ Michael Tokarev ]
+ * Update to 2.4.0
+
+ [ Noah Meyerhans ]
+ * Update default configuration from upstream example config bundle at
+
https://github.com/dovecot/tools/blob/main/dovecot-2.4.0-example-config.tar.gz
+ * Remove obsolete config files on upgrade if unmodified
+ * Update /usr/share/dovecot/protocols.d/* for 2.4
+
+ -- Noah Meyerhans <[email protected]> Tue, 11 Feb 2025 12:03:31 -0500
+
dovecot (1:2.3.21.1+dfsg1-1) unstable; urgency=medium
[ Noah Meyerhans ]
@@ -16,7 +89,7 @@ dovecot (1:2.3.21.1+dfsg1-1) unstable; urgency=medium
[ Noah Meyerhans ]
* [a212eb8] New upstream version 2.3.21.1+dfsg1
- - Fix CVE-2024-23185 (Closes: #1078877)
+ - Fix CVE-2024-23184 (Closes: #1078876)
- Fix CVE-2024-23185 (Closes: #1078877)
-- Noah Meyerhans <[email protected]> Sat, 17 Aug 2024 13:26:24 -0400
--- End Message ---
--- Begin Message ---
On Thu, 24 Apr 2025 18:20:28 +0200 Paul Gevers <[email protected]> wrote:
With both of the issues out of the way, go ahead.
It migrated.
Paul
OpenPGP_signature.asc
Description: OpenPGP digital signature
--- End Message ---
