Friday 5th March 2021
Fedora Project
Updated perl-Test-File to 1.448 in F-34 and Rawhide:
Try handling all-numeric user and group names (GH#26)
Local Packages
Updated dovecot (2.3.x):
Updated dovecot to 2.3.14:
- Added new aliases for some variables; usage of the old ones is possible, but discouraged (these were partially added already to v2.3.13)
See https://doc.dovecot.org/configuration_manual/config_file/config_variables/ for more information
Optimize imap/pop3/submission/managesieve proxies to use less CPU at the cost of extra memory usage
Remove autocreate, expire, snarf and mail-filter plugins
Remove cydir storage driver
- Remove XZ/LZMA write support; read support will be removed in a future release
doveadm -D: add timestamps to debug output even when LOG_STDERR_TIMESTAMP environment variable is not set (timestamp format is taken from log_timestamp setting)
If BROKENCHAR or listescape plugin is used, the escaped folder names may be slightly different from before in some situations; this is unlikely to cause issues, although caching clients may redownload the folders
imapc: it now enables BROKENCHAR=~ by default to escape remote folder names if necessary; this also means that if there are any '~' characters in the remote folder names, they will be visible as "~7e"
imapc: when using local index files, folder names were escaped on the filesystem a bit differently (this has effect only if there are folder names that actually require escaping, which isn't so common); the old style folders will automatically be deleted from the filesystem
stats: update exported metrics to be compliant with OpenMetrics standard
doveadm: add an optional '-p' parameter to metadata list command; if enabled, "/private", and "/shared" metadata prefixes will be prepended to the keys in the list output
doveconf: support environment variables in config files; see https://doc.dovecot.org/configuration_manual/config_file/config_file_syntax/#environment-variables for more details
indexer-worker: change indexer to disconnect from indexer-worker after each request, which allows service indexer-worker's service_count and idle_kill settings to work; these can be used to restart indexer-worker processes once in a while to reduce their memory usage
auth: "nodelay" with various authentication mechanisms such as apop and digest-md5 crashed AUTH process if authentication failed
auth: auth lua script generating an error triggered an assertion failure:
Panic: file db-lua.c: line 630 (auth_lua_call_password_verify): assertion failed: (lua_gettop(script->L) == 0)
configure: fix libunwind detection to work on other than x86_64 systems
doveadm-server: process could crash if logging was done outside command handling; for example http-client could have done debug logging afterwards, resulting in either segfault or:
Panic: file http-client.c: line 642 (http_client_context_close): assertion failed: (cctx->clients_list == NULL)
dsync: folder name escaping with BROKENCHAR didn't work completely correctly, which particularly caused problems with dsync-migrations using imapc where some of the remote folder names may not have been accessible
dsync: doveadm sync + imapc doesn't always sync all mails when doing an incremental sync (-1), which could lead to mail loss when used for migration; this happens only when GUIDs aren't used (i.e. imapc without imapc_features=guid-forced)
fts-tika: when tika server returns error, some mails cause
Panic: file message-parser.c: line 802 (message_parser_deinit_from_parts): assertion failed: (ctx->nested_parts_count == 0 || i_stream_have_bytes_left(ctx->input))
lib-imap: imapc parsing illegal BODYSTRUCTUREs with NILs could have resulted in crashes, which exposed that Dovecot was wrongly accepting atoms in "nstring" handling; changed the IMAP parsing to be more strict about this now
lib-index: if dovecot.index.cache has corrupted message size, fetching BODY/BODYSTRUCTURE may cause assert-crash:
Panic: file index-mail.c: line 1140 (index_mail_parse_body_finish): assertion failed: (mail->data.parts != NULL)
lib-index: minor error handling and race condition fixes related to rotating dovecot.index.log; these didn't usually cause problems, unless the log files were rotated rapidly
lib-lua: Lua scripts using coroutines or lua libraries using coroutines (e.g., cqueues) panicked
Message PREVIEW handled whitespace wrong so first space would get eaten from between words
FTS and message PREVIEW (snippet) parsed HTML &entities case-sensitively
lib-mail: when max nested MIME parts were reached, IMAP BODYSTRUCTURE was written in a way that may have caused confusion for IMAP clients and also Dovecot itself when parsing it; the truncated part is now written out using application/octet-stream MIME type
lib-oauth2: HS512 and HS384 JWT token algorithms crash when you try to use them:
Panic: file hmac.c: line 26 (hmac_init): assertion failed: (meth->context_size <= MAC_MAX_CONTEXT_SIZE)
event filters: NOT keyword did not have the correct associativity: NOT a AND b were getting parsed as NOT (a AND b) instead of (NOT a) AND b
Ignore ECONNRESET when closing socket; this avoids logging useless errors on systems like FreeBSD
- event filters: event filter syntax error may lead to
Panic: file event-filter.c: line 137 (event_filter_parse): assertion failed: (state.output == NULL)
lib: timeval_cmp_margin() was broken on 32-bit systems, which could potentially have caused HTTP timeouts to be handled incorrectly
log: instance_name wasn't used as syslog ident by the log process
master: after a service reached process_limit and client_limit, it could have taken up to 1 second to realize that more client connections became available, during which time client connections could have been rejected unnecessarily and a warning logged: Warning: service(...): process_limit (...) reached, client connections are being dropped
stats: crash would occur when generating openmetrics data for metrics using aggregating functions
stats: event filters comparing against empty strings crash the stats process
Updated pigeonhole to 0.5.14:
IMAP FILTER command: cmd-filter-sieve - do not allow NIL as script name argument
Updated perl-Test-File to 1.448 as per the Fedora version