Paul's Blog Entries for October 2021
Monday 4th October 2021
Local Packages
Updated perl-DateTime-TimeZone to 2.49:
- This release is based on version 2021c of the Olson database
Fix the zone links for Atlantic/Jan_Mayen and America/Virgin
Tuesday 5th October 2021
Fedora Project
Updated perl-Net-SSLeay (1.90) in Rawhide such that fixes for OpenSSL 3.0.0 are now entirely from upstream
Local Packages
Updated curl (7.79.1) to:
Disable more protocols and features in libcurl-minimal (Bug #2005874)
Run upstream tests for both curl-minimal and curl-full
Explicitly disable zstd while configuring curl
Updated perl-Net-SSLeay (1.90) as per the Fedora version
Monday 11th October 2021
Fedora Project
Updated perl-B-Hooks-EndOfScope to 0.25 in Rawhide:
Add test of dieing inside an on_scope_end() (GH#8)
Updated python-paramiko to 2.8.0 in Rawhide:
- Administrivia overhaul, including but not limited to:
- Migrate CI to CircleCI
Primary dev branch is now 'main' (renamed)
Many README edits for clarity, modernization etc.; including a bunch more (and consistent) status badges and unification with main project site index
PyPI page much more fleshed out (long_description is now filled in with the README; sidebar links expanded; etc.)
flake8, pytest configs split out of setup.cfg into their own files
- Invoke/invocations (used by maintainers/contributors) upgraded to modern versions
Newer server-side key exchange algorithms not intended to use SHA1 (diffie-hellman-group14-sha256, diffie-hellman-group16-sha512) were incorrectly using SHA1 after all, due to a bug causing them to ignore the 'hash_algo' class attribute; this has been corrected (GH#1452, GH#1882)
Add a 'prefetch' keyword argument to 'SFTPClient.get'/'SFTPClient.getfo' so that users who need to skip SFTP prefetching are able to conditionally turn it off (GH#1846)
- Administrivia overhaul, including but not limited to:
Local Packages
Updated perl-B-Hooks-EndOfScope to 0.25 as per the Fedora version
Tuesday 12th October 2021
Fedora Project
Updated perl-Return-MultiLevel to 0.06 in Rawhide:
Fixed test bug (CPAN RT#133221)
New caretaker maintainer, new repository: https://github.com/uperl/Return-MultiLevel
Friday 15th October 2021
Fedora Project
Updated perl-Cpanel-JSON-XS to 4.27 in Rawhide:
Local Packages
Updated perl-Cpanel-JSON-XS to 4.27 as per the Fedora version
Monday 18th October 2021
Local Packages
Updated check (0.15.2) to fix pkgconfig file on 64-bit systems (Bug #2014748)
Updated perl-DateTime-TimeZone to 2.50:
- This release is based on version 2021b of the Olson database
- Contemporary changes for Fiji
Wednesday 20th October 2021
Local Packages
Updated perl-Search-Elasticsearch to 7.715:
- Stable release for Elasticsearch 7.15
Friday 22nd October 2021
Fedora Project
Updated perl-PPIx-QuoteLike to 0.018 in Rawhide:
Argument postderef is now fatal
- Correct generation of 'provides' metadata
Local Packages
Updated perl-DateTime-TimeZone to 2.51:
- This release is based on version 2021e of the Olson database
- Contemporary changes for Palestine
Updated perl-Module-CoreList to 5.20211020:
- Updated for v5.35.5
Updated perl-PPIx-QuoteLike to 0.018 as per the Fedora version
Updated perl-PPIx-Regexp to 0.081:
Any use of the postderef argument is now fatal
- Correct generation of 'provides' metadata
Add YAPE::Regex to SEE ALSO
Monday 25th October 2021
Fedora Project
Updated perl-Path-Tiny to 0.120 in Rawhide:
The 'tempdir' and 'tempfile' methods may be called on a Path::Tiny object representing a directory, in which case the directory will be used as the container for the temporary object (as if the 'DIR' argument were used)
Local Packages
Updated perl-Path-Tiny to 0.120 as per the Fedora version
Tuesday 26th October 2021
Fedora Project
Updated perl-URI to 5.10 in Rawhide:
Local Packages
Updated c-ares to 1.18.0:
- Changes:
Add support for URI (Uniform Resource Identifier) records via ares_parse_uri_reply()
Provide ares_nameser.h as a public interface as needed by NodeJS
Update URLs from c-ares.haxx.se to c-ares.org
During a domain search, treat ARES_ENODATA as ARES_NXDOMAIN so that the search process will continue to the next domain in the search
Turn ares_gethostbyname() into a wrapper for ares_getaddrinfo() as they followed very similar code paths and ares_gethostbyaddr() has some more desirable features such as priority sorting and parallel queries for AF_UNSPEC
ares_getaddrinfo() now contains a name element in the address info structure as the last element; this is not an API or ABI break due to the structure always being internally allocated and it being the last element
ares_parse_a_reply() and ares_parse_aaaa_reply() were nearly identical; those now use the same helper functions for parsing rather than having their own code
RFC6761 Section 6.3 says "localhost" lookups need to be special cased to return loopback addresses, and not forward queries to recursive dns servers; on Windows this now returns all loopback addresses, whilst on other systems it returns 127.0.0.1 or ::1 always, and will never forward a request for "localhost" to outside DNS servers
- Haiki: port
- Bug fixes:
Add build to .gitignore
z/OS minor update, add missing semicolon in ares_init.c
Fix building when latest ax_code_coverage.m4 is imported
Work around autotools 'error: too many loops' and other newer autotools import related bugs
MinGW cross builds need advapi32 link as lower case
Cygwin build fix due to containing both socket.h and winsock2.h
ares_expand_name should allow underscores (_) as SRV records legitimately use them
Allow '/' as a valid character for a returned name for CNAME in-addr.arpa delegation
ares_getaddrinfo() was not honouring HOSTALIASES
ares_getaddrinfo() had some test cases disabled due to a bug in the test framework itself that has now been resolved
- Due to Travis-CI becoming unfriendly to open-source, Cirrus-CI has now been brought online for automated unit testing
Wednesday 27th October 2021
Local Packages
Updated c-ares to 1.18.1:
ares_getaddrinfo() would return ai_addrlen of 16 for ipv6 addresses rather than sizeof(struct sockaddr_in6)
Updated curl (7.79.1) to re-enable HSTS in libcurl-minimal as a security feature (Bug #2005874)
Thursday 28th October 2021
Fedora Project
Updated perl-MIME-Types to 2.22 in Rawhide:
webm keeps on producing unexpected results (GH#13)
- IANA updates
Local Packages
Updated perl-MIME-Types to 2.22 as per the Fedora version
Friday 29th October 2021
Fedora Project
Updated perltidy to 20211029 (see CHANGES.md for details)
Local Packages
Updated dovecot:
Updated dovecot to 2.3.17:
- Dovecot now logs a warning if time seems to jump forward at least 100 milliseconds
dict: Lines logged by the dict process now contain the dict name as the prefix
lib-index: mail_cache_fields, mail_always_cache_fields and mail_never_cache_fields now verify that the listed header names are valid; in particular, the UTF8 "–" character has sometimes been wrongly used instead of the ASCII "-"
*-login: Added login_proxy_rawlog_dir setting to capture rawlogs between proxy and back-end
dict: The server process now keeps the last 10 idle dict back-ends cached for a maximum of 30 seconds; practically this acts as a connection pool for dict-redis and dict-ldap (note that this doesn't affect dict-sql, because it already had its own internal cache)
- doveadm: New stats add/remove commands added to support changing the metrics configuration at runtime
lazy_expunge: Added lazy_expunge_exclude settings to disable lazy_expunge for specific folders; \Special-use flags can be used as folder names
lib-lua: Added a new helper function dovecot.restrict_global_variables() to disable or enable defining new global variables
LAYOUT=index List index rebuild was missing
LAYOUT=index: Duplicate GUIDs were not detected
acl: When using acl_ignore_namespace Dovecot attempted to access or create dovecot-acl-list even when the namespace should have been ignored; for virtual namespaces this could have yielded errors about "Read-only file system" or "Permission denied"
- auth: Setting the "master" passdb field to empty value would cause proxying to fail with an authentication error; now, an empty "master" field is ignored
doveadm-server: Duplicate error lines were sent for failed commands; this didn't normally cause visible problems, except when using wildcards in usernames or -A parameter to go through multiple users
doveadm-server: Logs written by doveadm-server were often missing log prefixes, especially mail_log_prefix for mail commands; logs sent to doveadm TCP client were also missing log prefixes
- doveadm: v2.3 regression: batch command always crashes
doveadm: v2.3.11 regression: Commands failed if ssl_cert or ssl_key files weren't readable by the user running doveadm, even though doveadm didn't actually use these settings
imap-hibernate: Process may crash at deinit: Panic: file ioloop.c: line 928 (io_loop_destroy): assertion failed: (ioloop->cur_ctx == NULL)
imap: Using imap_fetch_failure=no-after can cause assert-crash with some IMAP commands if reading the mail fails (e.g. wrong cached mail size); fixes: Panic: file index-mail-headers.c: line 198 (index_mail_parse_header_init): assertion failed: (!mail->data.header_parser_initialized)
imap: v2.3.10 regression: When using INDEXPVT to enable private \Seen flags (for shared or public namespaces) the STORE command did not send untagged replies for the \Seen flag changes
imap: v2.3.15 regression: If PREVIEW/SNIPPET is not the final FETCH option in the command, the IMAP FETCH response is broken
imap: v2.3.15 regression: MOVE command leaks mailbox if it can't be opened and crashes at deinit: Panic: file mail-user.c: line 229 (mail_user_deinit): assertion failed: ((*user)->refcount == 1)
imapc: Copying non-existent mail via imapc could have crashed. Fixes: Panic: file mail-storage.c: line 2385 (mailbox_transaction_commit_get_changes): assertion failed: (ret < 0 || seq_range_count(&changes_r->saved_uids) == save_count || array_count(&changes_r->saved_uids) == 0)
indexer: v2.3.15 regression: Process crashes if indexer-client disconnects while it's waiting for command reply; this happened for example if IMAP SEARCH triggered long fts indexing and the IMAP client disconnected whilst waiting for the reply
- indexer: v2.3.15 regression: Process may have crashed in some situations
indexer: v2.3.15 regression: indexer-worker processes may not have reached the process_limit in some situations, possibly even using just one indexer-worker process even though there were many indexing requests queued
lib-compression: Reading lz4 compressed mdbox mails may crash; fixes: Panic: file istream.c: line 345 (i_stream_read_memarea): assertion failed: (!stream->blocking)
lib-compression: bench-compress crashes due to xz being read-only
lib-lua: Fix linking libdict_lua for non-GNU linkers when Lua support is disabled
lib-mail: There was no limit on how large an email header name could be; processable header names are now limited to 1000 bytes
lib-oauth2: Dovecot disallowed JWT tokens if their validity time was older than token creation time (nbf < iat)
lib-storage: Reduce memory footprint of certain storage operations
lib-storage: When listing mailboxes with storage name escape characters (^ or .) as part of the mailbox name, the listing could show corrupted mailbox names; the corruption can occur when using LAYOUT=INDEX and maildir or obox, or when using the listescape plugin
mail-crypt: Fix "-O" argument for "doveadm mailbox cryptokey password" command to be a boolean, and not expect a string
submission-login: Add support for not authenticating to next hop in submission proxying
submission-login: EHLO was not sent again after XCLIENT when doing submission proxying
virtual: Mailboxes do not correctly detect underlying mailboxes getting re-created even though they have a different UIDVALIDITY or GUID
Updated pigeonhole to 0.5.17:
duplicate: The Sieve duplicate test is prone to false negatives when the user receives many e-mails concurrently, meaning that duplicate deliveries can still occur
fileinto: v2.3.16 regression: Sieve delivery crashes if mail is delivered to non-existing and existing folder
imap-filter-sieve: v2.3.15 regression: The CPU limits on Sieve execution are too easily exceeded in IMAP context (the IMAPSieve and FILTER=SIEVE capabilities); changed the default to unlimited CPU time for IMAP context, since similar excessive resource usage can be caused by other means as well (the CPU limits on Sieve scripts executed at LDA/LMTP delivery are still enforced by default)
redirect: The Sieve redirect action has protections against users triggering mail loops; unfortunately, the detection of a redirect mail loop sometimes causes the message to get lost if no other Sieve action is applied that delivers the message somewhere else
redirect: v2.3.16 regression: With certain Sieve scripts if redirect fails due to temporary failure, the lmtp process may crash after the delivery; Fixes: Panic: file mail-user.c: line 229 (mail_user_deinit): assertion failed: ((*user)->refcount == 1)
Updated perl-Perl-Tidy to 20211029 as per the Fedora perltidy package
Sunday 31st October 2021
Fedora Project
Updated perl-B-Keywords to 1.23 in Rawhide:
- Relax bogus blead test failures
Add reverse test: if @Barewords are covered on keywords.h
Move some @Barewords not in keywords.h to @BarewordsExtra
Add %main, %CORE, %CORE::GLOBAL:: to @Hashes
Fixed versions for EQ, CORE, state, break, given, when, default, UNITCHECK
Updated perl-Getopt-Long-Descriptive to 0.110 in Rawhide:
- Just small packaging updates
Local Packages
Updated perl-B-Keywords to 1.23 as per the Fedora version
Updated perl-DateTime-Locale to 1.33:
- Rebuilt all locale data with the data from CLDR 40.0.0; there are some notable data changes in CLDR 40.0.0
Data change: The root locale is now named "und", not "root"
Data change: The "en-US-POSIX" locale has been removed from CLDR; if you load this locale you will now get the "en-US" locale
Previous Month: September 2021
Next Month: November 2021