- use target helpers
ChangeLog:
20150903
Workaround: disable DNSSEC support for AIX 7x and earlier.
The AIX 6/7 resolver(5) API defines RES_USE_DNSSEC without
defining the "ad" bit. Viktor Dukhovni. Files: makedefs,
proto/INSTALL.html, dns/dns.h.
20150923
Bugfix (introduced: 20120531-617): the Postfix SMTP server
used a larger-than-1 VSTREAM buffer to read the HAProxy
connection hand-off information. This broke TLS wrappermode,
as the TLS helo packet would end up in the plaintext VSTREAM
buffer. Reported by Lukas Erlacher. File: smtpd/smtpd_haproxy.c.
20150924
Bugfix (introduced: 20090216-24): incorrect postmulti error
message. Reported by Patrik Koetter. Fix by Viktor Dukhovni.
File: postmulti/postmulti.c.
Workaround: don't create a new instance when the template
main.cf and master.cf files are missing, as happens on
Debian-like systems. Viktor Dukhovni. File: conf/postmulti-script.
20150925
Bugfix (introduced: 19970309, fixed 20150421 in development
release): reset errno before calling readdir(), in order
to distinguish between an end-of-directory and an error
condition. File: scandir.c.
20150930
Bugfix (introduced: 20040124): Milter client panic while
adding a header, because the PREPEND action used the same
output function for header_checks and body_checks. Viktor
Dukhovni and Wietse. File: cleanup/cleanup_message.c.
Bugfix (introduced: 20031128): xtext_unquote() did not
propagate error reports from xtext_unquote_append(), causing
the decoder to return partial ouput, instead of rejecting
malformed input. Fix by Krzysztof Wojta. File: global/xtext.c.
- use target helpers
ChangeLog:
20150722
The COMPATIBILITY_README text and HTML files were not
installed. File: conf/postfix-files.
20150903
Workaround: disable DNSSEC support for AIX 7x and earlier.
The AIX 6/7 resolver(5) API defines RES_USE_DNSSEC without
defining the "ad" bit. Viktor Dukhovni. Files: makedefs,
proto/INSTALL.html, dns/dns.h.
20150923
Bugfix (introduced: 20120531-617): the Postfix SMTP server
used a larger-than-1 VSTREAM buffer to read the HAProxy
connection hand-off information. This broke TLS wrappermode,
as the TLS helo packet would end up in the plaintext VSTREAM
buffer. Reported by Lukas Erlacher. File: smtpd/smtpd_haproxy.c.
20150924
Bugfix (introduced: 20090216-24): incorrect postmulti error
message. Reported by Patrik Koetter. Fix by Viktor Dukhovni.
File: postmulti/postmulti.c.
Workaround: don't create a new instance when the template
main.cf and master.cf files are missing, as happens on
Debian-like systems. Viktor Dukhovni. File: conf/postmulti-script.
20150925
Bugfix (introduced: 19970309, fixed 20150421 in development
release): reset errno before calling readdir(), in order
to distinguish between an end-of-directory and an error
condition. File: scandir.c.
20150930
Bugfix (introduced: 20040124): Milter client panic while
adding a header, because the PREPEND action used the same
output function for header_checks and body_checks. Viktor
Dukhovni and Wietse. File: cleanup/cleanup_message.c.
Bugfix (introduced: 20031128): xtext_unquote() did not
propagate error reports from xtext_unquote_append(), causing
the decoder to return partial ouput, instead of rejecting
malformed input. Fix by Krzysztof Wojta. File: global/xtext.c.
20151003
Bugfix (copied from xtext): uxtext_unquote() did not propagate
error reports from uxtext_unquote_append(), causing the
decoder to return partial output, instead of rejecting
malformed input. Found by searching the code for similar
error patterns as with xtext_unquote(). File: global/uxtext.c.
Bugfix (introduced: 20141130, fixed around 20150607 in
development release): the DNS multi-query clients forgot
to save and restore h_errno when evaluating the aggregate
result. File: dns/dns_lookup.c.
upgrade to follow mail/dovecot2
* Properly implemented checking of ABI version for Sieve interpreter
plugins, much like Dovecot itself does for plugins. This will prevent
plugin ABI mismatches.
+ Implemented a vnd.dovecot.environment extension. This builds upon the
standard environment extension and adds a few more environment items,
such as username and default mailbox. It also creates a variables
namespace so that environment items can be accessed directly. I am
still thinking about more environment items that can be added.
+ Sieve extprograms plugin: Made line endings of the input passed to the
external programs configurable. This can be configured separately for
each of the three extensions.
+ ManageSieve: Implemented proxy XCLIENT support. This allows the proxy
to pass client information to the back-end.
- ManageSieve: Fixed an assert failure occurring when a client
disconnects during the GETSCRIPT command.
- doveadm sieve plugin: Fixed incorrect initialization of mail user.
This caused a few memory leaks.
- sieve-filter command line tool: Fixed handling of failure-related
implicit keep when there is an explicit default destination folder.
This caused message duplication.
- lib-sieve: Fixed bug in RFC5322 header folding. Words longer than the
optimal line length caused empty lines in the output, which would
break the resulting message header. This surfaced in References:
headers with very long message IDs.
PR: 203526
Submitted by: Larry Rosenman <ler@lerctr.org> (maintainer)
- Add LICENSE and LICENSE_FILE
- Add NO_ARCH
- Fix PID_FILE using an undefined variable (resulting PID was /var/run/.pid)
- Fix .include lines post staging support
- Actually use the version number from PLIST_SUB in pkg-plist
- Overhaul rc script
- Add PROVIDE/REQUIRE/KEYWORD to header
- Remove "geronimo" references from when the port was originally copied
- Remove %%JAMES_VERSION%% in rc variable names. Every port version bump
in the past came with a POLA issue as james231_enable=YES would now
have to be james2321_enable=YES. Provide a shim to translate the old
variable names and provide a warning to update rc.conf syntax.
- Match start routine to embedded start-up script (which enables stop
command to work without a java.lang.IllegalThreadStateException)
- Add working status routine
- Standardize indentation
PR: 203461
Security: CVE-2015-7611
Security: be3069c9-67e7-11e5-9909-002590263bf5
MFH: 2015Q4
and pigeonhole.
Changes:
* pop3_deleted_flag has been broken since v2.2.10. Using it would
cause buffer overflows, which could be exploitable. However, this
bug would have become visible quite soon after users had deleted
some POP3 mails, because the pop3 processes would have started
crashing all the time even in normal use.
* "doveadm director flush" command has a changed meaning now:
It safely moves users to their wanted backends, instead of simply
forgetting the mapping entirely and leaving the existing connections
untouched. Use -F parameter to get the original unsafe behavior.
+ Added imap-hibernate processes (see imap_hibernate_timeout setting).
IDLEing IMAP connections can be hibernated, which saves memory.
+ Optimized tracking mailboxes' vsizes (= sum of all messages' sizes).
If mailbox_list_index=yes, it's also stored in there. This makes it
very efficient to look up vsizes for all mailboxes.
+ Added a quota "count" backend, which uses the mailbox vsizes to get
the current quota usage. It requires using the new quota_vsizes=yes
setting, which tracks the messages' "virtual sizes" rather than
"physical sizes". Their distiction is minor and mostly irrelevant
nowadays (if mail sizes should be counted with LF or CRLF newlines).
+ "doveadm director up/down" commands added. The monitoring script
should be using these commands instead of changing the vhost count.
This allows admin to manually disable a server by changing the vhost
count to 0 without the monitoring script changing it back.
+ Added support for HAProxy protocol: http://wiki2.dovecot.org/HAProxy
+ Added push-notification plugin framework, which can be used to
easily implement push notifications to various backends. Implemented
"ox" backend for notifying Open-Xchange via HTTP/json.
+ imap_logout_format supports more variables now, e.g. number of
deleted messages.
+ pop3: Added pop3_delete_type setting (related to pop3_deleted_flag).
+ plugin { fts_enforced=yes } setting now fails body searches unless
it can be done via the full text search engine.
+ Added %{passdb:*} and %{userdb:*} variables to various places
+ auth: Added ":protected" suffix for passdb and userdb fields. If
used, the field doesn't overwrite an existing field.
+ IMAP/POP3 proxy: If a backend server dies, avoid client reconnection
spikes by slowly disconnecting clients over time. This is enabled by
setting login_proxy_max_disconnect_delay=secs passdb extra field.
+ imap: Added new read-only METADATA entries: /private/specialuse,
/shared/comment, /shared/admin
+ imap: If client disconnects in the middle of a command, log how long
the command had been running.
- mdbox: Rebuilding could have caused message's reference count to
overflow the 16bit number in some situations, causing problems when
trying to expunge the duplicates.
- Various search fixes (fts, solr, tika, lib-charset, indexer)
- Various virtual plugin fixes
- Various fixes and optimizations to dsync, imapc and pop3-migration
- imap: Various RFC compliancy and crash fixes to NOTIFY
