Monday 9th March 2020
Fedora Project
Updated perl-Test-Simple to 1.302172 in F-32 and Rawhide:
- Fix transition documentation
- Fix warnings from info/debug tap
Local Packages
- Dropped most of the Gnome-1 stack from Fedora 32 too since Peter Robinson went and retired the F-32 branches in Fedora
Updated curl (7.69.0) to make Flatpak work again (Bug #1810989)
Updated dovecot:
Updated dovecot to 2.3.10:
- Disable retpoline mitigations by default, as they can cause severe performance regressions and so they should be only enabled when applicable
IMAP MOVE now commits transactions in batches of 1000 mails, which helps especially with lazy_expunge when moving a lot of mails, mainly avoiding situations where multiple IMAP sessions are running the same MOVE command and duplicating the mails in the lazy_expunge folder; with this change there can still be some duplication but the MOVE always progresses forward; also if the MOVE fails at some point, the changes up to the last 1000 mails are still committed instead of rolled back (note that the COPY command behaviour hasn't changed, because it is required by IMAP standard to be an atomic operation)
IMAP EXPUNGE and CLOSE now expunges mails in batches of 1000 mails, which helps especially with lazy_expunge when expunging a lot of mails (e.g. millions) to make sure that the progress always moves forward even if the process is killed
Autoexpunging now expunges mails in batches of 1000 mails, which helps especially with lazy_expunge when expunging a lot of mails (e.g. millions) to make sure that the progress always moves forward even if the process is killed
Add tool for generating sysreport, called dovecot-sysreport; this generates a bundle of information usually needed for support requests
Add support for the new IMAP \Important SPECIAL-USE flag (RFC 8457)
Add metric { group_by } setting, which allows automatically creating new metrics based on the fields you want to group statistics by (NOTE: this feature is considered experimental and syntax is subject to change in future releases)
auth: Support SCRAM-SHA-256 authentication mechanism
imap: Support the new IMAP STATUS=SIZE extension
Use TCP_QUICKACK to reduce latency for some TCP connections
quota-status: Made the service more robust against erroneous use with Postfix ACL policies other than smtpd_recipient_restrictions
Add "revision" field support to imap_id_send setting; using "revision *" will send in IMAP ID command response the short commit hash of the Dovecot git source tree HEAD (same as in dovecot --version)
IMAP ENVELOPE now includes all addresses when there are multiple headers (From, To, Cc, etc.); the standard way of having multiple addresses is just to list them all in a single header - it's non-standard to have multiple headers - however, since MTAs allow these mails to pass through and different software may handle them in different ways, it's better from a security point of view to show all the addresses
Event filters now support using "field_name=" to match a field that doesn't exist or has an empty value, for example use "error=" to match only events that didn't fail
acl: INBOX ACLs shouldn't apply for IMAP GETMETADATA/SETMETADATA commands
cassandra: CASS_ERROR_SERVER_WRITE_FAILURE error should also be treated as "uncertain write failure"
dict-redis: Using quota_clone configured with dict-redis could have crashed when Redis responded slowly
imap-hibernate: Communication trouble with imap-master lead to segfault
imap-hibernate: Unhibernation retrying wasn't working
imap: Fixed auth lookup privilege problem when imap process was reused and user was being un-hibernated
Fix potential crash when copying/moving mails within the same folder; this happened only when there were a lot of fields in dovecot.index.cache
lib-index: Recreating dovecot.index.cache file could have crashed when merging bitmask fields
lib-index: Using public/shared folders with INDEXPVT configured to use private \Seen flags, trying to search seen/unseen in an empty folder crashed with segfault
lib-mail: Large base64-encoded mails weren't decoded properly; this could have affected searching/indexing mails and message snippet generation
lib-mail: Message with only quoted text could have caused message snippet to ignore its 200 character limit and return the entire message; this was also added to dovecot.index.cache file, which increased disk space and memory usage unnecessarily (v2.3.9.2 regression; previous versions cached the quoted snippet as empty); in a large mail, quoted text could have incorrectly become added to the snippet, possibly mixed together with non-quoted text
lib-smtp: client could have assert-crashed if STARTTLS handshake finished earlier than usual
lib-ssl-iostream: remove -static flag for lib-ssl-iostream linking to prevent a compile issue
lib-storage: Mailbox synchronization may have assert-crashed in some rare situations
lib-storage: mdbox didn't preserve date.saved with dsync
lib: Don't require EAI_{ADDRFAMILY,NODATA}, breaks FreeBSD
master: Some services could respawn unthrottled if they crash during start-up
push-notification: Do not send push_notification_finished event if nothing was done; this happens when mail transaction is started and ended with no changes
- quota-status: Addresses with special characters in the local part caused problems in the interaction between Postfix and Dovecot; Postfix sent its own internal representation in the recipient field, while Dovecot expected a valid RFC5321 mailbox address
submission-login: SESSION was not correctly encoded field for the XCLIENT command; in particular, a '+' character introduced by the session ID's Base64 encoding caused problems
submission: Fix submission_max_mail_size to work correctly on 32-bit systems
submission: Trusted connections crashed in second connection's EHLO if submission-login { service_count } is something other than 1 (which is the default)
submission: XCLIENT command was never used in the protocol exchange with the relay MTA when submission_backend_capabilities is configured, even when the relay MTA was properly configured to accept the XCLIENT command
Updated pigeonhole to 0.5.10 (no changes)
Updated perl-File-Slurp to 9999.30:
Altered the atomic version of write_file to use temporary files that are also hidden files (CPAN RT#132064)
Updated perl-Hash-Util-FieldHash-Compat (0.11) to require perl(Hash::Util::FieldHash) unconditionally at both build time and run time since it's available in all supported distributions
Updated perl-PPIx-QuoteLike to 0.010:
- Remove redundant and poorly-performing code introduced in version 0.009
Updated perl-Test-Simple to 1.302172 as per the Fedora version
Updated xv (3.10a) so that builds for Fedora 32 also use libpng rather than libpng10