Release 0.87.0:
core:
* Fix crashes due to inconsistent vtables for Clang builds
* Fix leak in broken files
* Internal code improvements
qt5:
* Add option to get form choice for export value
* ArthurOutputDev: Avoid division by zero in updateLineDash. Issue #695
glib:
* Internal code improvements
utils:
* pdftohtml: Fix memory leak in HtmlOutputDev::getLinkDest
PR: 245150
Exp-run by: antoine
Add a patch to document --sslproto tls1.3+ and tls1.3 through the manpage,
which hasn't made 6.4.3-rc2 but works since 6.4.0 assuming that the SSL library
supports TLSv1.3.
Remove fetchmailconf patch that is now part of the upstream code.
Switch to .lz downloads, a tiny bit smaller.
Upstream changelog:
## BUGFIXES:
* Plug memory leaks when parts of the configuration (defaults, rcfile, command
line) override one another.
* fetchmail terminated the placeholder command string too late and included
garbage from the heap at the end of the string. Workaround: don't use place-
holders %h or %p in the --plugin string. Bug added in 6.4.0 when merging
Gitlab merge request !5 in order to fix an input buffer overrun.
Faulty commit 418cda65f752e367fa663fd13884a45fcbc39ddd.
Reported by Stefan Thurner, Gitlab issue #16.
* Fetchmail now checks for errors when trying to read the .idfile,
Gitlab issue #3.
## CHANGES:
* Fetchmail documentation was updated to require OpenSSL 1.1.1.
OpenSSL 1.0.2 reached End Of Life status at the end of the year 2019.
Fetchmail will tolerate, but warn about, 1.0.2 for now on the assumption that
distributors backport security fixes as the need arises.
Fetchmail will also warn if another SSL library that is API-compatible
with OpenSSL lacks TLS v1.3 support.
* If the trust anchor is missing, fetchmail refers the user to README.SSL.
PR: 245187
Submitted by: mandree@
Approved by: Corey Halpin (maintainer)
The interface has changed a bit on -current:
In file included from Unified_cpp_gfx_skia1.cpp:137:
/wrkdirs/usr/ports/www/firefox/work/firefox-71.0/gfx/skia/skia/src/core/SkCpu.cpp:81:13: error: use of undeclared identifier 'ID_AA64ISAR0_CRC32'
if (ID_AA64ISAR0_CRC32(id_aa64isar0) == ID_AA64ISAR0_CRC32_BASE) {
PR: 243653
Reviewed by: jbeich
Approved by: jbeich , manu (mentor, implicit)
By default, OpenSMTPd rely on OpenBSD defaults, /var/spool/mail, instead of /var/mail
Point it on /var/mail on all supported platforms != OpenBSD
Reported by: Denis Fortin via private mail
MFH: 2020Q1
Changelog:
- Reject invalid custom headers that are empty or contain breaks
- Various fixes for DKIM issues, especially when using mail() transport
- Drop the l= length tag from DKIM signatures; it's a mild security risk
- Ensure CRLF is used explicitly when needed, rather than static::$LE
- Add a method for trimming header content consistently
- Some minor tweaks to resolve static analyser complaints
- Check that attachment files are readable both when adding and when sending
- Work around Outlook bug in mishandling MIME preamble
- Danish translation improvements
Sponsored by: Netzkommune GmbH
3.3.0 to 3.3.3 in order to make fetchable again.
Assume maintainership.
PR: 244998
Submitted by: cy
Reported by: cy
Approved by: maintainer (Adam McDougall <mcdouga9 at egr.msu.edu>)
MFH: 2020Q1
lld needs -fPIC:
ld: error: relocation R_PPC64_TOC16_LO cannot be used against symbol _i_headers; recompile with -fPIC
>>> defined in email.o
>>> referenced by email.c
>>> email.o:(email_header_internal)
- bump PORTEPOCH
- remove deprecated ports from CONFLICTS_INSTALL
- add BLACKLISTD to OPTIONS_DEFAULT
- MYSQL_USES s/=/?=/ to allow testbuild without
defining XX MYSQL dedicated make.conf's in poudriere
- add postlogd to STRIP_LIBEXEC
- adjust PORTSCOUT to include 3.5.x
- remove deprecated ports from CONFLICTS_INSTALL
- add BLACKLISTD to OPTIONS_DEFAULT
- MYSQL_USES s/=/?=/ to allow testbuild without
defining XX MYSQL dedicated make.conf's in poudriere
ChangeLog:
* Disable retpoline migitations by default. These can cause severe
performance regressions, so they should be only enabled when
applicable.
* IMAP MOVE now commits transactions in batches of 1000 mails. This
helps especially with lazy_expunge when moving a lot of mails. It
mainly avoids situations where multiple IMAP sessions are running the
same MOVE command and duplicating the mails in the lazy_expunge folder.
With this change there can still be some duplication, but the MOVE
always progresses forward. Also if the MOVE fails at some point, the
changes up to the last 1000 mails are still committed instead of
rolled back. Note that the COPY command behavior hasn't changed,
because it is required by IMAP standard to be an atomic operation.
* IMAP EXPUNGE and CLOSE now expunges mails in batches of 1000 mails.
This helps especially with lazy_expunge when expunging a lot of mails
(e.g. millions) to make sure that the progress always moves forward
even if the process is killed.
* Autoexpunging now expunges mails in batches of 1000 mails. This helps
especially with lazy_expunge when expunging a lot of mails
(e.g. millions) to make sure that the progress always moves forward
even if the process is killed.
+ Add tool for generating sysreport called dovecot-sysreport.
This generates a bundle of information usually needed for support
requests.
+ Add support for the new IMAP \Important SPECIAL-USE flag (RFC 8457).
+ Add metric { group_by } setting. This allows automatically creating
new metrics based on the fields you want to group statistics by.
NOTE: This feature is considered experimental and syntax is subject
to change in future release.
+ auth: Support SCRAM-SHA-256 authentication mechanism.
+ imap: Support the new IMAP STATUS=SIZE extension.
+ Use TCP_QUICKACK to reduce latency for some TCP connections.
+ quota-status: Made the service more robust against erroneous use with
Postfix ACL policies other than smtpd_recipient_restrictions.
+ Add "revision" field support to imap_id_send setting. Using
"revision *" will send in IMAP ID command response the short commit
hash of the Dovecot git source tree HEAD (same as in dovecot --version).
+ IMAP ENVELOPE includes now all addresses when there are multiple
headers (From, To, Cc, etc.) The standard way of having multiple
addresses is to just list them all in a single header. It's
non-standard to have multiple headers. However, since MTAs allow these
mails to pass through and different software may handle them in
different ways, it's better from security point of view to show all
the addresses.
+ Event filters now support using "field_name=" to match a field that
doesn't exist or has an empty value. For example use "error=" to match
only events that didn't fail.
- acl: INBOX ACLs shouldn't apply for IMAP GETMETADATA/SETMETADATA
commands.
- cassandra: CASS_ERROR_SERVER_WRITE_FAILURE error should also be
treated as "uncertain write failure".
- dict-redis: Using quota_clone configured with dict-redis could have
crashed when Redis responded slowly.
- imap-hibernate: Communication trouble with imap-master leads to
segfault.
- imap-hibernate: Unhibernation retrying wasn't working.
- imap: Fixed auth lookup privilege problem when imap process was reused
and user was being un-hibernated.
- Fix potential crash when copying/moving mails within the same folder.
This happened only when there were a lot of fields in dovecot.index.cache.
- lib-index: Recreating dovecot.index.cache file could have crashed when
merging bitmask fields.
- lib-index: Using public/shared folders with INDEXPVT configured to use
private \Seen flags, trying to search seen/unseen in an empty folder
crashes with segfault.
- lib-mail: Large base64-encoded mails weren't decoded properly.
This could have affected searching/indexing mails and message snippet
generation.
- lib-mail: Message with only quoted text could have caused message
snippet to ignore its 200 character limit and return the entire
message. This was added also to dovecot.index.cache file, which
increased disk space and memory usage unnecessarily.
v2.3.9.2 regression (previous versions cached the quoted snippet as
empty). In a large mail quoted text could have become wrongly added
to the snippet, possibly mixed together with non-quoted text.
- lib-smtp: client could have assert-crashed if STARTTLS handshake
finished earlier than usually.
- lib-ssl-iostream: remove -static flag for lib-ssl-iostream linking to
prevent a compile issue.
- lib-storage: Mailbox synchronization may have assert-crashed in some
rare situations.
- lib-storage: mdbox didn't preserve date.saved with dsync.
- lib: Don't require EAI_{ADDRFAMILY,NODATA}, breaks FreeBSD
- master: Some services could respawn unthrottled if they crash during
startup.
- push-notification: Do not send push_notification_finished event if
nothing was done. This happens when mail transaction is started and
ended with no changes.
- quota-status: Addresses with special characters in the local part caused
problems in the interaction between Postfix and Dovecot. Postfix sent
its own internal representation in the recipient field, while Dovecot
expected a valid RFC5321 mailbox address.
- submission-login: SESSION was not correctly encoded field for the
XCLIENT command. Particularly, a '+' character introduced by the
session ID's Base64 encoding causes problems.
- submission: Fix submission_max_mail_size to work correctly on 32-bit
systems.
- submission: Trusted connections crashed in second connection's EHLO
if submission-login { service_count } is something else than 1 (which
is the default).
- submission: XCLIENT command was never used in the protocol exchange
with the relay MTA when submission_backend_capabilities is configured,
even when the relay MTA was properly configured to accept the XCLIENT
command.
- fts-solr: The XML response parser fails to parse large/chunked responses
correctly. This leads to spurious parse errors, most notably:
"Error: fts_solr: received invalid uid '0'".
Bumping PORTREVISION on dovecot-pigeonhole (explicitly ignoring 0.5.10, as
there are compile/configure/hang issues), and dovecot-fts-xapian.
