Upload page content

You can upload content for the page named below. If you change the page name, you can also upload content for another page. If the page name is empty, we derive the page name from the file name.

File to load page content from
Page name
Comment

    PaulHowarth/Blog/2022-06

Paul's Blog Entries for June 2022

Friday 3rd June 2022

Local Packages

  • Updated dovecot (2.3):

    • Updated dovecot to 2.3.19:

      • Added mail_user_session_finished event, which is emitted when the mail user session is finished (e.g. imap, pop3, lmtp); it also includes fields with some process statistics information (see https://doc.dovecot.org/admin_manual/list_of_events/ for more information)

      • Added process_shutdown_filter setting: when an event matches the filter, the process will be shut down after the current connection(s) have finished, which is intended to reduce memory usage of long-running imap processes that keep a lot of memory allocated instead of freeing it to the OS

      • auth: Add cache hit indicator to auth passdb/userdb finished events; see https://doc.dovecot.org/admin_manual/list_of_events/ for more information

      • doveadm deduplicate: Performance is improved significantly

      • imapc: COPY commands were sent one mail at a time to the remote IMAP server; now the copying is buffered, so multiple mails can be copied with a single COPY command

      • lib-lua: Add a Lua interface to Dovecot's HTTP client library; see https://doc.dovecot.org/admin_manual/lua/ for more information

      • auth: Cache lookup would use incorrect cache key after username change
      • auth: Improve handling unexpected LDAP connection errors/hangs; try to fix up these cases by reconnecting to the LDAP server and aborting LDAP requests earlier
      • auth: Process crashed if userdb iteration was attempted while auth-workers were already full handling auth requests

      • auth: db-oauth2: Using %{oauth2:name} variables caused unnecessary introspection requests

      • dict: Timeouts may have been leaked at deinit
      • director: Ring may have become unstable if a backend's tag was changed; it could also have caused director process to crash

      • doveadm kick: Numeric parameter was treated as IP address

      • doveadm: Proxying can panic when flushing print output; fixes: Panic: file ioloop.c: line 865 (io_loop_destroy): assertion failed: (ioloop == current_ioloop)

      • doveadm sync: BROKENCHAR was wrongly changed to '_' character when migrating mailboxes; this was set by default to %, so any mailbox names containing % characters were modified to "_25"

      • imapc: Copying or moving mails with doveadm to an imapc mailbox could have produced "Error: Syncing mailbox '[...]' failed" errors; the operation itself succeeded but attempting to sync the destination mailbox failed

      • imapc: Prevent index log synchronization errors when two or more imapc sessions are adding messages to the same mailbox index files, i.e. INDEX=MEMORY is not used

      • indexer: Process was slowly leaking memory for each indexing request

      • lib-fts: fts header filters caused binary content to be sent to the indexer with non-default configuration

      • doveadm-server: Process could hang in some situations when printing output to TCP client, e.g. when printing doveadm sync state

      • lib-index: dovecot.index.log files were often read and parsed entirely, rather than only the parts that were actually necessary; this mainly increased CPU usage

      • lmtp-proxy: Session ID forwarding would cause same session IDs being used when delivering the same mail to multiple backends

      • log: Log prefix update may have been lost if log process was busy; this could have caused log prefixes to be empty or in some cases reused between sessions, i.e. log lines could have been logged for the wrong user/session

      • mail_crypt: Plugin crashes if it's loaded only for some users: fixes Panic: Module context mail_crypt_user_module missing

      • mail_crypt: When LMTP was delivering mails to both recipients with mail encryption enabled and not enabled, the non-encrypted recipients may have gotten mails encrypted anyway; this happened when the first recipient was encrypted (mail_crypt_save_version=2) and the 2nd recipient was not encrypted (mail_crypt_save_version=0)

      • pop3: Session would crash if empty line was sent
      • stats: HTTP server leaked memory

      • submission-login: Long credentials, such as OAUTH2 tokens, were refused during SASL interactive due to submission server applying line length limits

      • submission-login: When proxying to remote host, authentication was not using interactive SASL when logging in using long credentials such as OAUTH2 tokens; this caused authentication to fail due to line length constraints in SMTP protocol

      • submission: Terminating the client connection with QUIT command after mail transaction is started with MAIL command and before it is finished with DATA/BDAT can cause a segfault crash

      • virtual: doveadm search queries with mailbox-guid as the only parameter crashes: Panic: file virtual-search.c: line 77 (virtual_search_get_records): assertion failed: (result != 0)

    • Updated pigeonhole to 0.5.19

      • No changes - release done to keep version numbers synced

Wednesday 8th June 2022

Local Packages

  • Updated perl-Type-Tiny to 1.012005:

    • Ensure coderefs returned by overload::Method are called with three parameters, as passing two parameters can break subs implemented in XS

    • Fix explanation message for NumRange/IntRange

    • Prevent stringification of Error::TypeTiny from clobbering $@

    • Fix typos in documentation for wrap_methods from Type::Params

Sunday 12th June 2022

Fedora Project

  • Updated perl-Specio to 0.48 in Rawhide:

    • Importing types into a class that inherited from another class that had imported types wouldn't work, leaving the child class with no 't()' sub

Local Packages

  • Updated perl-Specio to 0.48 as per the Fedora version

Monday 13th June 2022

Fedora Project

  • Updated perl-Package-Stash-XS to 0.30 in Rawhide:

    • Miscellaneous tooling updates

    • Fixed redundant argument in sprintf in tests (CPAN RT#143205)

  • Updated perltidy to 20220613 in Rawhide (see CHANGES.md for details)

Local Packages

  • Updated perl-Package-Stash-XS to 0.30 as per the Fedora version

  • Updated perl-Perl-Tidy to 20220613 as per the Fedora perltidy package

Tuesday 14th June 2022

Local Packages

  • Updated dovecot to 2.3.19.1:

    • doveadm deduplicate: Non-duplicate mails were deleted (v2.3.19 regression)

    • auth: Crash would occur when iterating multiple backends; fixes: Panic: file userdb-blocking.c: line 125 (userdb_blocking_iter_next): assertion failed: (ctx->conn != NULL)

  • Updated perl-File-Remove to 1.61:

    • Symlinks were broken in Windows/msys

Wednesday 15th June 2022

Fedora Project

  • Updated perl-Software-License to 0.104002 in Rawhide:

    • Add support for ISC license
    • Add guesser for Apache license and no license

Local Packages

  • Updated perl-Software-License to 0.104002 as per the Fedora version

  • Rebuilt bluefish (2.2.12) for Python 3.11 in Rawhide

Friday 17th June 2022

Fedora Project

  • Updated perl-Cpanel-JSON-XS to 4.30 in Rawhide:

    • Fix perl 5.37 utf8n_to_uvuni deprecation (GH#196)

  • Branched and built spamass-milter (0.4.0) for EPEL-9

Local Packages

  • Rebuilt libxslt (1.1.35) to sync with Rawhide

  • Updated perl-Cpanel-JSON-XS to 4.30 as per the Fedora version

  • Updated perl-Filter to 1.61:

    • perfilter.pod: Minor improvements (GH#16)

    • Remove runtime recommends META (GH#14)

    • "use strict" in all modules, fixes Test::Kwalitee

    • Add GitHub actions and cirrus CI's

    • Updated Copyright years

  • Updated xz (5.2.2) for EL-7 (clone of EL-7 package, fixes CVE-2022-1271)

Monday 20th June 2022

Local Packages

  • Rebuilt libxml2 (2.9.14) for Python 3.11 in Rawhide

  • Rebuilt python-passlib (1.7.4) for Python 3.11 in Rawhide

  • Rebuilt python2-xapian to sync with xapian-bindings-1.4.19-2 in Rawhide

Tuesday 21st June 2022

Local Packages

  • Rebuilt geoipupdate (4.9.0) for CVE-2022-1996, CVE-2022-24675, CVE-2022-28327, CVE-2022-27191, CVE-2022-29526, CVE-2022-30629 in golang

  • Updated libidn to 1.40:

    • lib: Code detecting current locale broken since 1.36
      • The code always returned ASCII; the precise cause is complicated to track down but likely boils down to the new autotools/gettext bootstrapping sequence introduced in release 1.36
    • maint: Java JAR archive no longer included in source tarball
    • Minor fixes: typos, makefiles, indentation, gnulib update, etc.

  • Updated perl-Module-CoreList to 5.20220620:

    • Updated for v5.37.1

Wednesday 22nd June 2022

Local Packages

  • Updated perl-Compress-Raw-Zlib to 2.200:

    • Added zlib-ng support (GH#9)

    • Only set Z_SOLO when building zlib sources (GH#12)

  • I had to add a patch to fix the test count for t/07bufsize.t (GH#16)

Friday 24th June 2022

Fedora Project

  • Updated perl-JSON-PP to 4.10 in Rawhide:

    • Fix a regression of decode_error introduced at 4.08 (GH#75)

    • Convert all tests to use Test::More (GH#70)

  • Updated perl-JSON to 4.07 in Rawhide:

    • Updated backportPP with JSON::PP 4.10

Local Packages

  • Updated perl-JSON-PP to 4.10 as per the Fedora version

  • Updated perl-JSON to 4.07 as per the Fedora version

Sunday 26th June 2022

Fedora Project

  • Updated perl-Compress-Raw-Bzip2 to 2.201 in Rawhide (no functional changes)

  • Updated perl-Compress-Raw-Lzma to 2.201 in Rawhide (no functional changes)

  • Updated perl-Compress-Raw-Zlib to 2.201 in Rawhide:

    • More zlib-ng updates

    • Fix test count regression in t/07bufsize.t (GH#16)

  • Updated perl-IO-Compress to 2.201 in Rawhide:

    • Disable zlib header tests

    • Documentation update (GH#38)

    • Changes for zlib-ng

    • Add perl 5.36 to test matrix

    • Force streaming zip file when writing to stdout (GH#42)

    • Read zip timestamp in localtime

    • streamzip: Tighten up version tests for failing windows tests (GH#41)

    • streamzip: Update year

    • Use Time::Local instead of POSIX::mktime

  • Updated perl-IO-Compress-Lzma to 2.201 in Rawhide (no functional changes)

Local Packages

  • Updated perl-Compress-Raw-Bzip2 to 2.201 as per the Fedora version

  • Updated perl-Compress-Raw-Lzma to 2.201 as per the Fedora version

  • Updated perl-Compress-Raw-Zlib to 2.201 as per the Fedora version

  • Updated perl-IO-Compress to 2.201 as per the Fedora version

  • Updated perl-IO-Compress-Lzma to 2.201 as per the Fedora version

Monday 27th June 2022

Local Packages

  • Updated curl to 7.84.0:

    • curl: Add --rate to set max request rate per time unit

    • curl: Deprecate --random-file and --egd-file

    • curl_version_info: Add CURL_VERSION_THREADSAFE

    • CURLINFO_CAPATH/CAINFO: Get the default CA paths from libcurl

    • lib: Make curl_global_init() thread-safe when possible

    • libssh2: Add CURLOPT_SSH_HOSTKEYFUNCTION

    • opts: Deprecate RANDOM_FILE and EGDSOCKET

    • socks: Support unix sockets for socks proxy

    • aws-sigv4: Fix potential NULL pointer arithmetic

    • bindlocal: Don't use a random port if port number would wrap

    • c-hyper: Mark status line as status for Curl_client_write()

    • ci: Avoid 'cmake -Hpath'

    • ci: Bump FreeBSD 13.0 to 13.1

    • ci: Update GitHub actions

    • cmake: Add libpsl support

    • cmake: Do not add libcurl.rc to the static libcurl library

    • cmake: Enable curl.rc for all Windows targets

    • cmake: Fix detecting libidn2

    • cmake: Support adding a suffix to the OS value

    • configure: Skip libidn2 detection when winidn is used

    • configure: Use the SED value to invoke sed

    • configure: Warn about rustls being experimental

    • content_encoding: Return error on too many compression steps (CVE-2022-32206)

    • cookie: Address secure domain overlay

    • cookie: Apply limits (CVE-2022-32205)

    • copyright.pl: Parse and use .reuse/dep5 for skips

    • copyright: Make repository REUSE compliant

    • curl.1: Add a few see also --tls-max

    • curl.1: Mention exit code zero too

    • curl: Re-enable --no-remote-name

    • curl_easy_pause.3: Remove explanation of progress function

    • curl_getdate.3: Document that some illegal dates pass through

    • Curl_parsenetrc: Don't access local pwbuf outside of scope

    • curl_url_set.3: Clarify by default using known schemes only

    • CURLOPT_ALTSVC.3: Document the file format

    • CURLOPT_FILETIME.3: Fix the protocols this works with

    • CURLOPT_HTTPHEADER.3: Improve comment in example

    • CURLOPT_NETRC.3: Document the .netrc file format

    • CURLOPT_PORT.3: We discourage using this option

    • CURLOPT_RANGE.3: Remove ranged upload advice

    • digest: Added detection of more syntax errors in server headers
    • digest: Tolerate missing "realm"
    • digest: Unquote realm and nonce before processing

    • DISABLED: Disable 1021 for hyper again

    • docs/cmdline-opts: Add copyright and license identifier to each file

    • docs/CONTRIBUTE.md: Document the 'needs-votes' concept

    • docs: Clarify data replacement policy for MIME API

    • doh: Remove UNITTEST macro definition

    • examples/crawler.c: Use the curl license

    • examples: Remove fopen.c and rtsp.c

    • FAQ: Clarify Windows double quote usage

    • fopen: Add Curl_fopen() for better overwriting of files (CVE-2022-32207)

    • ftp: Restore protocol state after http proxy CONNECT

    • ftp: When failing to do a secure GSSAPI login, fail hard
    • GHA/hyper: Enable debug in the build

    • gssapi: Improve handling of errors from gss_display_status

    • gssapi: Initialize gss_buffer_desc strings

    • headers API: Remove EXPERIMENTAL tag

    • http2: Always debug print stream id in decimal with %u

    • http2: Reject overly many push-promise headers
    • http: Restore header folding behaviour

    • hyper: Use 'alt-used'

    • krb5: Return error properly on decode errors (CVE-2022-32208)

    • lib: Make more protocol specific struct fields #ifdefed

    • libcurl-security.3: Add "Secrets in memory"

    • libcurl-security.3: Document CRLF header injection

    • libssh: Skip the fake-close when libssh does the right thing

    • links: Update dead links to the curl-wiki

    • log2changes: Do not indent empty lines

    • macos9: Remove partial support

    • Makefile.am: Fix portability issues

    • Makefile.m32: Delete obsolete options, improve -On

    • Makefile.m32: Delete two obsolete OpenSSL options

    • Makefile.m32: Stop forcing XP target with ipv6 enabled

    • max-time.d: Clarify max-time sets max transfer time

    • mprintf: Ignore clang non-literal format string

    • netrc: Check %USERPROFILE% as well on Windows

    • netrc: Support quoted strings

    • ngtcp2: Allow curl to send larger UDP datagrams

    • ngtcp2: Correct use of ngtcp2 and nghttp3 signed integer types

    • ngtcp2: Enable Linux GSO

    • ngtcp2: Extend QUIC transport parameters buffer

    • ngtcp2: Fix alert_read_func return value

    • ngtcp2: Fix typo in preprocessor condition

    • ngtcp2: Handle error from ngtcp2_conn_submit_crypto_data

    • ngtcp2: Send appropriate connection close error code

    • ngtcp2: Support boringssl crypto backend

    • ngtcp2: Use helper funcs to simplify TLS handshake integration

    • ntlm: Provide a fixed fake host name
    • projects: Fix third-party SSL library build paths for Visual Studio

    • quic: Add Curl_quic_idle

    • quiche: Support ca-fallback

    • rand: Stop detecting /dev/urandom in cross-builds

    • remote-name.d: Mention --output-dir

    • runtests.pl: Add the --repeat parameter to the --help output

    • runtests: Fix skipping tests not done event-based

    • runtests: Skip starting the ssh server if user name is lacking

    • scripts/copyright.pl: fix the exclusion to not ignore man pages

    • sectransp: Check for a function defined when __BLOCKS__ is undefined

    • select: Return error from "lethal" poll/select errors

    • server/sws: Support spaces in the HTTP request path

    • speed-limit/time.d: Mention these affect transfers in either direction

    • strcase: Some optimizations

    • test2081: Add a valid reply for the second request
    • test675: Add missing CR so the test passes when run through Privoxy

    • test414: Add the '--resolve' keyword

    • test681: Verify --no-remote-name

    • tests 266, 116 and 1540: Add a small write delay

    • tests/data/test1501: Kill ftp server after slow LIST response

    • tests/getpart: Fix getpartattr to work with "data" and "data2"

    • tests/server/sws.c: Change the HTTP writedelay unit to milliseconds

    • test{440,441,493,977}: Add "HTTP proxy" keywords

    • tool_getparam: Fix --parallel-max maximum value constraint

    • tool_operate: Make sure --fail-with-body works with --retry

    • transfer: Fix potential NULL pointer dereference

    • transfer: Maintain --path-as-is after redirects

    • transfer: Upload performance; avoid tiny send
    • url: Free old conn better on reuse

    • url: Remove redundant #ifdefs in allocate_conn()

    • url: URL encode the path when extracted, if spaces were set

    • urlapi: Make curl_url_set(url, CURLUPART_URL, NULL, 0) clear all parts

    • urlapi: Support CURLU_URLENCODE for curl_url_get()

    • urldata: Reduce size of a few struct fields

    • urldata: Remove three unused booleans from struct UserDefined

    • urldata: Store tcp_keepidle and tcp_keepintvl as ints

    • version: Allow stricmp() for sorting the feature list

    • vtls: Make curl_global_sslset thread-safe

    • wolfssh.h: Removed

    • wolfSSL: Correct the failf() message when a handle can't be made

    • wolfSSL: Explicitly use compatibility layer

    • x509asn1: Mark msnprintf return as unchecked

  • I had to disable flaky test 3026 for now

  • Updated libidn update to 1.41:

    • Bump LT_REVISION for new release; it was mistakenly left at the same value since 1.38

    • Add version number related self-checks

  • Updated perl-Compress-Raw-Zlib to 2.202:

    • Z_NULL should be 'UV' rather than 'PV' (GH#17)

Tuesday 28th June 2022

Fedora Project

  • Branched and built perl-Authen-DigestMD5 (0.04) for EPEL-9

Local Packages

  • Updated curl (7.84.0) to improve the workaround for test3026 issues

  • Updated perl-Type-Tiny to 1.014000:

  • Documentation:
    • Update copyright dates to 2022
    • Various minor documentation improvements
  • Test Suite:
    • Eliminate some warnings and other noise from the test suite
    • Rename some directories in the test suite to better reflect their contents
  • Other:

    • Added: $Type::Tiny::SafePackage variable

    • Added: Error::TypeTiny now has a 'throw_cb' method that acts like 'throw' but takes an initial callback parameter

    • Added: Type::Params 'compile', 'compile_named', and 'compile_named_oo' functions now support an 'on_die' callback

    • Eliminate warnings while generating deep explanations for type constraint check fails under some circumstances (mostly affects StrMatch when Regexp::Util isn't installed)

Previous Month: May 2022
Next Month: July 2022

Recent