Tuesday 1st February 2022
Fedora Project
Updated perl-GD to 2.76 in Rawhide:
Fix broken TIFF and AVIF support (Bug #2048953, CPAN RT#140910, GH#43)
- Re-enable XBM support (always on)
Provide xbm magic support (a hack, for GD::Graph)
Updated perl-GDGraph (1.54) in Rawhide to fix logo_xbm_noext test (GH#1)
Updated perl-Math-BigInt-GMP to 1.6010 in F-35:
Add static gmp_version() function (GH#4)
Make t/01load.t display the output from gmp_version()
Sync test files with Math-BigInt
Branched and built libtomcrypt (1.18.2) for EPEL-9
Branched and built milter-greylist (4.6.4) for EPEL-9
Branched and built milter-regex (2.7) for EPEL-9
Branched and built perl-MetaCPAN-Client (2.029000) for EPEL-9
Branched and built perl-Pod-Strip (1.100) for EPEL-9
Branched and built perl-Test-Spelling (0.25) for EPEL-9
Wednesday 2nd February 2022
Fedora Project
Updated perl-PPI to 1.272 in Rawhide:
Drop prerequisite for IO::String on Perl 5.8+
Added a README.md to python-crypto to make it clear that it is deprecated and unmaintained upstream
Branched and built bluefish (2.2.12) for EPEL-9
Branched and built perl-Finance-Quote (1.51) for EPEL-8
Branched and built perl-Web-Scraper (0.38) for EPEL-8 and EPEL-9
Branched and built rbldnsd (0.998b) for EPEL-9
Cleaned up and rebuilt bluefish (2.2.12) for Rawhide
Local Packages
Updated perl-PPI to 1.272 as per the Fedora version
Cleaned up and rebuilt bluefish (2.2.12) as per the Fedora version
Friday 4th February 2022
Local Packages
Updated dovecot:
Updated dovecot to 2.3.18:
Removed mail_cache_lookup_finished event: this event wasn't especially useful, but it increased CPU usage significantly
- fts: Don't index inline base64 encoded content in FTS indexes using the generic tokenizer; this reduces the FTS index sizes by removing input that is very unlikely to be searched for
See https://doc.dovecot.org/configuration_manual/fts/tokenization for details on how base64 is detected
Only applies when using libfts
lmtp: Session IDs are now preserved through proxied connections, so LMTP sessions can be tracked; this slightly changes the LMTP session ID format by appending ":Tn" (transaction), ":Pn" (proxy connection) and ":Rn" (recipient) counters after the session ID prefix
Events now have "reason_code" field, which can provide a list of reasons why the event is happening (see https://doc.dovecot.org/admin_manual/event_reasons/)
New events are added (see https://doc.dovecot.org/admin_manual/list_of_events/)
fts: Added fts_header_excludes and fts_header_includes settings to specify which headers to index (see https://doc.dovecot.org/settings/plugin/fts-plugin#plugin-fts-setting-fts-header-excludes for configuration details)
fts: Initialize the textcat language detection library only once per process; this can reduce CPU usage if fts_languages setting has multiple languages listed and service indexer-worker { service_count } isn't 1
Only applies when using libfts
lib-storage: Reduced CPU usage significantly for some operations that accessed lots of emails (e.g. fetching all flags in a folder, SORT, ...)
lib: DOVECOT_PREREQ() - Add micro version that enables compiling external plugins against different versions of Dovecot
lmtp: Added new lmtp_verbose_replies setting that makes errors sent to the LMTP client much more verbose with details about why exactly backend proxy connections or commands are failing
submission: Support implicit SASL EXTERNAL with submission_client_workarounds=implicit-auth-external; this allows automatically logging in when SSL client certificate is present
*-login: Statistics were disabled if stats process connection was lost
auth: Authentication master user login fails with SCRAM-* SASL mechanisms
auth: With auth_cache_verify_password_with_worker=yes, passdb extra fields in the auth cache got lost
doveadm: Fixed crash if zlib_save_level setting was specified, but zlib_save was unset (v2.3.15 regression)
doveadm: Proxying can panic when flushing print output (v2.3.17 regression)
Fixes: Panic: file ioloop.c: line 865 (io_loop_destroy): assertion failed: (ioloop == current_ioloop)
doveadm: stats add --group-by parameter didn't work
fts: Using email-address fts tokenizer could result in excessive memory usage with garbage email input, which could cause the indexer-worker processes to fail due to reaching the VSZ memory size limit
Only applies when using libfts
imap: A SEARCH command timing out while fts returns indexes may timeout returning "NO [SERVERBUG]", while it should return "NO [INUSE]" instead
imap: LIST-EXTENDED doesn't return STATUS for all folders; sending LIST .. RETURN (SUBSCRIBED STATUS (...)) did not return STATUS for folders that are not subscribed when they have a child folder that is subscribed as mandated by IMAP RFCs
imapc: Mailbox vsize calculation crashed with Panic: file index-mailbox-size.c: line 344 (index_mailbox_vsize_hdr_add_missing): assertion failed: (mails_left > 0)
indexer: If indexer-worker crashes, the request it was processing gets stuck in the indexer process; this stops indexing for the folder until indexer process is restarted (v2.3.14 regression)
indexer: Process was slowly leaking memory for each indexing request
lib-event: Unnamed events were wrongly filtered out for event/metric filters like "event=abc OR something_independent_of_event_name"
lib-index: 64-bit big endian CPUs handle last_used field in dovecot.index.cache wrong
lib-ssl-iostream: Fix buggy OpenSSL error handling without assert-crashing; if there is no error available, log it as an error instead of crashing
- The previous fix for this in v2.3.11 was incomplete
Fixes: Panic: file istream-openssl.c: line 51 (i_stream_ssl_read_real): assertion failed: (errno != 0)
- lmtp: Out-of-memory issues can happen when proxying large messages to LMTP backend servers that accept the message data too slowly
master: HAProxy header parsing has read buffer overflow if provided header size is invalid; this happens only if inet_listener { haproxy=yes } is configured and only if the remote IP address is in haproxy_trusted_networks
old_stats: Plugin kept increasing memory usage, which became noticeable with long-running imap sessions
- stats: Dynamically adding same metric multiple times causes multiple stats
submission-login: Authentication does not accept OAUTH2 token (or other very long credentials) because it considers the line to be too long
submission-login: Process can crash if HELO is pipelined with an invalid domain
submission-proxy: Don't use SASL-IR if it would make the AUTH command line longer than 512 bytes
submission: Service would crash if relay server authentication failed
virtual: FTS search in a virtual folder could crash if there are duplicate mailbox GUIDs; this mainly happened when user had both INBOX and INBOX/INBOX folders and the namespace prefix was INBOX/
Fixes: Panic: file hash.c: line 252 (hash_table_insert_node): assertion failed: (opcode == HASH_TABLE_OP_UPDATE)
- virtual: If mailbox opening fails, the backend mailbox is leaked and process crashes when client disconnects
Fixes: Panic: file mail-user.c: line 232 (mail_user_deinit): assertion failed: ((*user)->refcount == 1)
virtual: Searching headers in virtual folders didn't always use full-text search indexes, if fts_enforced=no or body
Updated pigeonhole to 0.5.18:
duplicate: Users without a home directory can crash with Sieve when using duplicate database (v2.3.17 regression)
imapsieve: When mail was expunged when processing imapsieve events, a crash could occur; fixes:
Panic: file mail-index-map.c: line 558 (mail_index_map_lookup_seq_range): assertion failed: (first_uid > 0)
managesieve-login: Proxy didn't support forwarding the forward_* passdb fields
redirect: Sieve would crash if redirect after keep-equivalent action failed
sieve: Interpreter crashes when the Sieve index extension is used with index zero
vnd.dovecot.filter: Envelope sender string may become corrupted when Sieve scripts are using vnd.dovecot.filter; this could end up corrupting mbox's From line and return wrong envelope sender string in Sieve tests
Sunday 6th February 2022
Fedora Project
Branched and built perl-Finance-Quote (1.51) for EPEL-9
Local Packages
Updated libxslt (1.1.34):
Fix build of tests/fuzz (Bug #2047653)
Fix DTD in tutorial XML (Bug #2047326)
Fix validity of tutorial XML (Bug #2047326)
Monday 7th February 2022
Fedora Project
Updated perl-Sereal to 4.019 in Rawhide:
- Bump encoder and decoder dependencies to 4.019
Updated perl-Sereal-Decoder to 4.019 in Rawhide:
- Fix build issue with latest perl
Update bundled zstd to 1.5.1 (note: this package uses system zstd)
Updated perl-Sereal-Encoder to 4.019 in Rawhide:
- Fix build issue with latest perl
Update bundled zstd to 1.5.1 (note: this package uses system zstd)
Branched and built perl-Crypt-Blowfish (2.14) for EPEL-9
Branched and built perl-Crypt-CBC (3.04) for EPEL-9
Wednesday 9th February 2022
Fedora Project
Updated gtkwave (3.3.111) in F-35, F-36 and Rawhide to address excessive CPU usage under Wayland (Bug #2052437, GH#117)
Local Packages
Updated gtkwave (3.3.111) as per the Fedora version
Updated libidn (1.38) to rebuild for java-17-openjdk as system JDK in Rawhide
Friday 11th February 2022
Fedora Project
Branched and built perl-Data-Buffer (0.04) for EPEL-9
Branched and built perl-Digest-BubbleBabble (0.02) for EPEL-9
Branched and built perl-Crypt-DSA (1.17) for EPEL-9
Branched and built perl-IO-Socket-Socks (0.74) for EPEL-9
Branched and built perl-Math-GMP (2.24) for EPEL-9
Branched and built perl-Net-SSH-Perl (2.14) for EPEL-9
Branched and built perl-String-CRC32 (2.100) for EPEL-9
Local Packages
Fedora 36 repo branched from development
Updated curl (7.81.0) to suggest libcurl-minimal in curl-minimal so as to reduce the chances of the full libcurl being pulled in
Tuesday 15th February 2022
Fedora Project
Updated perltidy to 20220217 in F-36 and Rawhide (see CHANGES.md for details)
Local Packages
Updated perl-Perl-Tidy to 20220217 as per the Fedora perltidy package
Wednesday 16th February 2022
Fedora Project
Updated geoipupdate to 4.9.0 in F-36 and Rawhide:
The client now sets the User-Agent header
- The error handling has been improved
Updated perl-Test-File to 1.992 in F-36 and Rawhide:
Fix race condition in tests for mtime (GH#29)
Local Packages
Updated geoipupdate to 4.9.0 as per the Fedora version
Updated perl-Test-File to 1.992 as per the Fedora version
Thursday 17th February 2022
Fedora Project
Updated perl-Sereal to 4.020 in F-36 and Rawhide:
- Bump encoder and decoder dependencies to 4.020
Updated perl-Sereal-Decoder to 4.020 in F-36 and Rawhide:
- Fix "panic: free from wrong pool" errors on threaded builds
Updated perl-Sereal-Encoder to 4.020 in F-36 and Rawhide:
- Fix "panic: free from wrong pool" errors on threaded builds
RPM Fusion Project
Updated xv (3.10a) in F-36 and Rawhide to fix compatibility with Jasper library version 3 (which is now in Rawhide)
Local Packages
Updated libxslt to 1.1.35
Includes fix for CVE-2021-30560: use-after-free in xsltApplyTemplates
See NEWS for full details
Updated xv (3.10a) to sync with RPM Fusion build
Friday 18th February 2022
Fedora Project
Updated perl-Sereal to 4.021 in F-36 and Rawhide:
- Bump encoder and decoder dependencies to 4.021
Updated perl-Sereal-Decoder to 4.021 in F-36 and Rawhide:
Make it possible to upgrade with passing tests when using Sereal::Decoder 4.019 on threaded debugging perls
Updated perl-Sereal-Encoder to 4.021 in F-36 and Rawhide:
Make it possible to upgrade with passing tests when using Sereal::Decoder 4.019 on threaded debugging perls
Saturday 19th February 2022
Fedora Project
Updated perl-Sereal to 4.022 in F-36 and Rawhide:
- Bump encoder and decoder dependencies to 4.022
Updated perl-Sereal-Decoder to 4.022 in F-36 and Rawhide:
Better logic to make it possible to upgrade with passing tests when using Sereal::Decoder 4.019 on threaded debugging perls
Updated perl-Sereal-Encoder to 4.022 in F-36 and Rawhide:
Better logic to make it possible to upgrade with passing tests when using Sereal::Decoder 4.019 on threaded debugging perls
Sunday 20th February 2022
Fedora Project
Updated perl-MCE to 1.878 in F-36 and Rawhide:
- Improved suppressing the PDL CLONE warning; piddles should not be naively copied into new threads
- Added fast channel implementations optimized for non-Unicode strings:
MCE::Channel::MutexFast
MCE::Channel::SimpleFast
MCE::Channel::ThreadsFast
- The main difference is that these lack freeze-thaw serialization
Updated perl-MCE-Shared to 1.876 in F-36 and Rawhide:
- Improved suppressing the PDL CLONE warning; piddles should not be naively copied into new threads
Updated perl-Sereal to 4.023 in F-36 and Rawhide:
- Bump encoder and decoder dependencies to 4.023
Updated perl-Sereal-Decoder to 4.023 in F-36 and Rawhide:
Make it possible to upgrade with passing tests when using Sereal::Decoder 4.015-4.019 on threaded debugging perls
Updated perl-Sereal-Encoder to 4.023 in F-36 and Rawhide:
Make it possible to upgrade with passing tests when using Sereal::Decoder 4.015-4.019 on threaded debugging perls
Local Packages
Updated perl-MCE to 1.878 as per the Fedora version
Updated perl-MCE-Shared to 1.876 as per the Fedora version
Updated perl-Module-CoreList to 5.20220220:
- Updated for v5.35.9
Monday 21st February 2022
Fedora Project
Updated perl-B-Hooks-EndOfScope to 0.26 in F-36 and Rawhide (no changes)
Updated perl-Package-Stash to 0.40 in F-36 and Rawhide:
Update bundled version of ExtUtils::HasCompiler, for new new Apple include paths
Local Packages
Updated libxml2 to 2.9.13:
See https://mail.gnome.org/archives/xml/2022-February/msg00009.html for release announcement
Includes fix for CVE-2022-23308: Use-after-free of ID and IDREF attributes
Updated perl-B-Hooks-EndOfScope to 0.26 as per the Fedora version
Updated perl-Package-Stash to 0.40 as per the Fedora version
Tuesday 22nd February 2022
Fedora Project
Retired tidyp from F-36 and Rawhide:
The upstream maintainer has stopped work on tidyp, and has archived the upstream repository in a read-only state: https://github.com/petdance/tidyp
The tidyp package existed to be a back-end of perl-HTML-Tidy, which has also stopped development upstream: https://github.com/petdance/html-tidy
The perl-HTML-Tidy package has also been retired in Fedora
Updated perl-Math-Pari to 2.030519 in F-36 and Rawhide (see Changes for details)
Wednesday 23rd February 2022
Fedora Project
Updated perl-B-Keywords to 1.24 in F-36 and Rawhide:
Fix for broken <archlibexp>/CORE/keywords.h test on system macOS (GH#5)
'finally' added with 5.35.8 (CPAN RT#141406)
Branched and built perl-Validation-Class (7.900057) for EPEL-9
Did the final post-bootstrap rebuild of perl-Type-Tiny (1.012004) for EPEL-9
Local Packages
Updated perl-B-Keywords to 1.24 as per the Fedora version
Updated unrar to 6.11 beta 1
Thursday 24th February 2022
Local Packages
Updated curl (7.81.0) to enable IDN support in libcurl-minimal, not only in libcurl (full version)
Rebuilt perl-Net-DNS (1.33) to sync with Rawhide
Friday 25th February 2022
Fedora Project
Updated perl-Test-Simple to 1.302189 in F-36 and Rawhide:
Local Packages
Updated perl-Test-Simple to 1.302189 as per the Fedora version
Monday 28th February 2022
RPM Fusion Project
Updated xv (3.10a) in F-36 and Rawhide to apply a number of patches from the multi-vendor collaboration effort at https://github.com/jasper-software/xv
Ignore multiple APP1 data structs; libjpeg can't write them
Fix segfault seen with some corrupt GIF file
Report errors from libjpeg
In file selection box, do not move cursor if no filename is there
Local Packages
Updated xv (3.10a) as per the RPM Fusion version
Previous Month: January 2022
Next Month: March 2022