#acl PaulHowarth:read,write,admin,revert,delete All:read

=== Friday 3rd June 2022 ===

==== Local Packages ====

 * Updated `dovecot` (2.3):
  * Updated `dovecot` to 2.3.19:
   * Added `mail_user_session_finished` event, which is emitted when the mail user session is finished (e.g. imap, pop3, lmtp); it also includes fields with some process statistics information (see https://doc.dovecot.org/admin_manual/list_of_events/ for more information)
   * Added `process_shutdown_filter` setting: when an event matches the filter, the process will be shut down after the current connection(s) have finished, which is intended to reduce memory usage of long-running imap processes that keep a lot of memory allocated instead of freeing it to the OS
   * auth: Add cache hit indicator to auth passdb/userdb finished events; see https://doc.dovecot.org/admin_manual/list_of_events/ for more information
   * `doveadm deduplicate`: Performance is improved significantly
   * imapc: `COPY` commands were sent one mail at a time to the remote IMAP server; now the copying is buffered, so multiple mails can be copied with a single `COPY` command
   * `lib-lua`: Add a Lua interface to Dovecot's HTTP client library; see https://doc.dovecot.org/admin_manual/lua/ for more information
   * auth: Cache lookup would use incorrect cache key after username change
   * auth: Improve handling unexpected LDAP connection errors/hangs; try to fix up these cases by reconnecting to the LDAP server and aborting LDAP requests earlier
   * auth: Process crashed if userdb iteration was attempted while auth-workers were already full handling auth requests
   * auth: `db-oauth2`: Using `%{oauth2:name}` variables caused unnecessary introspection requests
   * dict: Timeouts may have been leaked at deinit
   * director: Ring may have become unstable if a backend's tag was changed; it could also have caused director process to crash
   * `doveadm kick`: Numeric parameter was treated as IP address
   * `doveadm`: Proxying can panic when flushing print output; fixes: `Panic: file ioloop.c: line 865 (io_loop_destroy): assertion failed: (ioloop == current_ioloop)`
   * `doveadm sync`: `BROKENCHAR` was wrongly changed to '`_`' character when migrating mailboxes; this was set by default to `%`, so any mailbox names containing `%` characters were modified to "`_25`"
   * imapc: Copying or moving mails with `doveadm` to an imapc mailbox could have produced "`Error: Syncing mailbox '[...]' failed`" errors; the operation itself succeeded but attempting to sync the destination mailbox failed
   * imapc: Prevent index log synchronization errors when two or more imapc sessions are adding messages to the same mailbox index files, i.e. `INDEX=MEMORY` is not used
   * indexer: Process was slowly leaking memory for each indexing request
   * `lib-fts`: fts header filters caused binary content to be sent to the indexer with non-default configuration
   * `doveadm-server`: Process could hang in some situations when printing output to TCP client, e.g. when printing `doveadm sync` state
   * `lib-index`: `dovecot.index.log` files were often read and parsed entirely, rather than only the parts that were actually necessary; this mainly increased CPU usage
   * `lmtp-proxy`: Session ID forwarding would cause same session IDs being used when delivering the same mail to multiple backends
   * log: Log prefix update may have been lost if log process was busy; this could have caused log prefixes to be empty or in some cases reused between sessions, i.e. log lines could have been logged for the wrong user/session
   * `mail_crypt`: Plugin crashes if it's loaded only for some users: fixes `Panic: Module context mail_crypt_user_module missing`
   * `mail_crypt`: When LMTP was delivering mails to both recipients with mail encryption enabled and not enabled, the non-encrypted recipients may have gotten mails encrypted anyway; this happened when the first recipient was encrypted (`mail_crypt_save_version=2`) and the 2nd recipient was not encrypted (`mail_crypt_save_version=0`)
   * pop3: Session would crash if empty line was sent
   * stats: HTTP server leaked memory
   * `submission-login`: Long credentials, such as `OAUTH2` tokens, were refused during SASL interactive due to submission server applying line length limits
   * `submission-login`: When proxying to remote host, authentication was not using interactive SASL when logging in using long credentials such as `OAUTH2` tokens; this caused authentication to fail due to line length constraints in SMTP protocol
   * `submission`: Terminating the client connection with `QUIT` command after mail transaction is started with `MAIL` command and before it is finished with `DATA`/`BDAT` can cause a segfault crash
   * virtual: `doveadm search` queries with `mailbox-guid` as the only parameter crashes: `Panic: file virtual-search.c: line 77 (virtual_search_get_records): assertion failed: (result != 0)`
  * Updated `pigeonhole` to 0.5.19
   * No changes - release done to keep version numbers synced

----