Package: dovecot-core Version: 1:2.2.27-3+deb9u2 Severity: important Tags: patch upstream
Please cherry-pick this change from dovecot-2.3.31: https://github.com/dovecot/core/commit/2e9153d5d7ee1ad7aecacdc72db5b181565af88e Background: We have at least one email on our servers, that causes the message-parser to run over the end of parsed data at the point modified by the patch because the symbol at 'parser.data+1' is a comma (',') and the 2.2.27 code does not check that 'parser.data+1' is behind 'parser.end'. This causes the asserting failure file rfc822-parser.h: line 23 (rfc822_parser_deinit): assertion failed: (ctx->data <= ctx->end) (at least when trying to index the mail with an FTS plugin) Best regards, Patrick Cernko -- Package-specific info: dovecot configuration --------------------- # 2.2.27 (c0f36b0): /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.16 (fed8554) # OS: Linux 4.14.89.1.amd64-smp x86_64 Debian 9.6 auth_verbose = yes default_vsz_limit = 2 G doveadm_password = # hidden, use -P to show it doveadm_port = 12345 listen = * login_log_format_elements = pid=%p user=<%u> method=%m rip=%r lip=%l mpid=%e %c mail_attachment_dir = /IMAP/mail/attachments mail_attachment_fs = sis-queue /IMAP/mail/attachments/queue:posix mail_home = /IMAP/mail/mailboxes/%u mail_location = mdbox:~/mdbox mail_log_prefix = "%s(%u)<%{pid}><%{session}>: " mail_max_userip_connections = 0 mail_plugins = " notify replication zlib fts fts_lucene" maildir_stat_dirs = yes managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = separator = . } passdb { args = /etc/dovecot/passdb.deny deny = yes driver = passwd-file } passdb { args = /etc/dovecot/ldap.conf driver = ldap } plugin { fts = lucene fts_autoindex = yes fts_lucene = whitespace_chars=@. fts_solr = url=http://localhost:8080/solr/ fts_squat = partial=4 full=10 sieve = file:~/sieve;active=~/.dovecot.sieve zlib_save = gz zlib_save_level = 3 } postmaster_address = <> protocols = " imap lmtp sieve" service aggregator { fifo_listener replication-notify-fifo { mode = 0666 } unix_listener replication-notify { mode = 0666 } } service anvil { client_limit = 2250 } service auth { client_limit = 2447 } service doveadm { inet_listener doveadm-server { port = 12345 } } service imap-login { inet_listener imap { port = 0 } process_limit = 2047 } service imap { process_limit = 2047 } service lmtp { inet_listener lmtp { port = 24 } } service pop3-login { inet_listener pop3 { port = 0 } inet_listener pop3s { port = 0 } } service replicator { process_min_avail = 1 unix_listener replicator-doveadm { mode = 0666 } } ssl = required ssl_cert = </etc/ssl/anonymized-for-privacy.pem ssl_key = # hidden, use -P to show it userdb { args = /etc/dovecot/userdb.overrides driver = passwd-file } userdb { args = /etc/dovecot/ldap.conf driver = ldap override_fields = mail_replica=tcp:anonymized-for-privacy } verbose_proctitle = yes protocol lmtp { auth_username_format = %n mail_plugins = " notify replication zlib fts fts_lucene sieve" } protocol lda { mail_plugins = " notify replication zlib fts fts_lucene sieve" } -- System Information: Debian Release: 9.6 APT prefers proposed-updates APT policy: (500, 'proposed-updates'), (500, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.14.89.1.amd64-smp (SMP w/48 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages dovecot-core depends on: ii adduser 3.115 ii init-system-helpers 1.48 ii libbz2-1.0 1.0.6-8.1 ii libc6 2.24-11+deb9u3 ii libexttextcat-2.0-0 3.4.4-2+b1 ii liblz4-1 0.0~r131-2+b1 ii liblzma5 5.2.2-1.2+b1 ii libpam-runtime 1.1.8-3.6 ii libpam0g 1.1.8-3.6 ii libssl1.1 1.1.0j-1~deb9u1 ii libstemmer0d 0+svn585-1+b2 ii libwrap0 7.6.q-26 ii lsb-base 9.20161125 ii openssl 1.1.0j-1~deb9u1 ii ucf 3.0036 ii zlib1g 1:1.2.8.dfsg-5 dovecot-core recommends no packages. Versions of packages dovecot-core suggests: pn dovecot-gssapi <none> ii dovecot-imapd 1:2.2.27-3+deb9u2 ii dovecot-ldap 1:2.2.27-3+deb9u2 ii dovecot-lmtpd 1:2.2.27-3+deb9u2 ii dovecot-lucene 1:2.2.27-3+deb9u2 ii dovecot-managesieved 1:2.2.27-3+deb9u2 pn dovecot-mysql <none> pn dovecot-pgsql <none> pn dovecot-pop3d <none> ii dovecot-sieve 1:2.2.27-3+deb9u2 ii dovecot-solr 1:2.2.27-3+deb9u2 pn dovecot-sqlite <none> ii ntp 2:4.2.8p10+dfsg-3+deb9u2+mpi1 Versions of packages dovecot-core is related to: ii dovecot-core [dovecot-common] 1:2.2.27-3+deb9u2 pn dovecot-dbg <none> pn dovecot-dev <none> pn dovecot-gssapi <none> ii dovecot-imapd 1:2.2.27-3+deb9u2 ii dovecot-ldap 1:2.2.27-3+deb9u2 ii dovecot-lmtpd 1:2.2.27-3+deb9u2 ii dovecot-managesieved 1:2.2.27-3+deb9u2 pn dovecot-mysql <none> pn dovecot-pgsql <none> pn dovecot-pop3d <none> ii dovecot-sieve 1:2.2.27-3+deb9u2 pn dovecot-sqlite <none> -- no debconf information