Thursday 31st March 2016
Fedora Project
Updated proxytunnel to 1.9.1 and added upstream patch to enable TLS (rather than old, insecure SSL) protocols necessary to work with default-configured mod_ssl (Bug #1284776) in F-23, F-24 and Rawhide; this also fixed FTBFS issues since F-23 - it appears that the package was never updated since it was introduced in Fedora back in 2010
Local Packages
Updated dovecot:
Updated dovecot to 2.2.23:
Various fixes to doveadm; in particular, running commands via doveadm-server was broken
director: Fixed user weakness getting stuck in some situations
director: Fixed a situation where directors keep re-sending different states to each other and never becoming synced
director: Fixed assert-crash related to a slow "user killed" reply
Fixed assert-crash related to istream-concat, which could have been triggered at least by a Sieve script
Updated pigeonhole to 0.4.13:
redirect action: Added the list-id header to the duplicate ID for mail loop prevention; this means that the message sent directly to the user and the message coming through the mailing list itself are treated as different messages by the loop detection of the redirect command, even though their Message-ID may be identical
Changed the Sieve number type to uint64_t, which means that Sieve numbers can now technically range up to 2^64; some other Sieve implementation allowed this, making this change necessary for successful migration
Implemented the sieve_implicit_extensions setting; the extensions listed in this setting do not need to be enabled explicitly using the Sieve "require" command (this behavior directly violates the standard, but can be necessary for compatibility with some existing implementations of Sieve - do not use this setting unless you really need to!)
redirect action: Made mail loop detection more robust by forcibly adding a Message-ID header if it is missing
Prevent logging a useless "script not found" error message for LDAP scripts for which the entry exists but no attribute containing a script; this is not necessarily an error
extprograms plugin: Changed the communication channel between parent and child process for a directly forked program from a socketpair to a double pipe; Linux does not support /dev/stdin, /dev/stdout and friends for sockets, which for some shell program authors may be confusing, so that is why it is changed - when using the script service, these device nodes are still not usable though