[dovecot/core] 8f0265: systemd: Remove NoNewPrivileges and CAP_BOUNDING_S...
GitHub
noreply at github.com
Thu Jun 7 10:30:15 EEST 2018
Branch: refs/heads/master-2.3
Home: https://github.com/dovecot/core
Commit: 8f0265f98d3939c65f347ddf093bffc076cf00e4
https://github.com/dovecot/core/commit/8f0265f98d3939c65f347ddf093bffc076cf00e4
Author: Aki Tuomi <aki.tuomi at dovecot.fi>
Date: 2018-06-07 (Thu, 07 Jun 2018)
Changed paths:
M dovecot.service.in
Log Message:
-----------
systemd: Remove NoNewPrivileges and CAP_BOUNDING_SET
These break sieve by preventing SUID binary as
sendmail_path.
Commit: 5eae0e4df115f392b4b3745326fe005d5bd051ce
https://github.com/dovecot/core/commit/5eae0e4df115f392b4b3745326fe005d5bd051ce
Author: Aki Tuomi <aki.tuomi at dovecot.fi>
Date: 2018-06-07 (Thu, 07 Jun 2018)
Changed paths:
M dovecot.service.in
Log Message:
-----------
systemd: Allow writing to home by default
Commit: 4a87bf15bf19072ebb59c523cca08d51dbb1148a
https://github.com/dovecot/core/commit/4a87bf15bf19072ebb59c523cca08d51dbb1148a
Author: Aki Tuomi <aki.tuomi at dovecot.fi>
Date: 2018-06-07 (Thu, 07 Jun 2018)
Changed paths:
M dovecot.service.in
Log Message:
-----------
systemd: Increase file descriptors by default
Commit: 45bda19469bc99142704c3572055b3868dad2f2c
https://github.com/dovecot/core/commit/45bda19469bc99142704c3572055b3868dad2f2c
Author: Aki Tuomi <aki.tuomi at dovecot.fi>
Date: 2018-06-07 (Thu, 07 Jun 2018)
Changed paths:
M dovecot.service.in
Log Message:
-----------
systemd: Indicate where changes should be made
Commit: 19985774b07a683e13fa113a213e6e9f493ca5ca
https://github.com/dovecot/core/commit/19985774b07a683e13fa113a213e6e9f493ca5ca
Author: Timo Sirainen <timo.sirainen at dovecot.fi>
Date: 2018-06-07 (Thu, 07 Jun 2018)
Changed paths:
M src/lib-ssl-iostream/iostream-openssl.c
M src/lib-ssl-iostream/ostream-openssl.c
Log Message:
-----------
lib-ssl-iostream: Fix potential crash if istream is destroyed before ostream
This happened if o_stream_destroy() triggered flush, which attempted to read
from the ssl_io->ssl_input. If the istream-ssl was already destroyed, it was
NULL and that caused a crash.
Commit: a6ab9279274a93562b9ffbfb60c103b2df2f83c0
https://github.com/dovecot/core/commit/a6ab9279274a93562b9ffbfb60c103b2df2f83c0
Author: Timo Sirainen <timo.sirainen at dovecot.fi>
Date: 2018-06-07 (Thu, 07 Jun 2018)
Changed paths:
M src/lib/failures.c
Log Message:
-----------
lib: Fix potential crashes when writing to log fails with EAGAIN
The ioloop may nowadays call ioloop context switch callbacks. Since log
writing can happen just about anywhere, the callbacks may be confused
and cause crashes or other weird behavior.
Even if the callbacks aren't called, all the extra code in ioloop can cause
potential problems. Especially any error logging in it wouldn't work properly
since it would just recurse back. So replace the ioloop code with just setting
the log fd to be blocking until the write succeeds.
This commit also removes comments about writes to a blocking terminal fd
causing EAGAINs. This seems unlikely. Probably I was just somehow
confused when originally seeing it and writing the code. If it actually
does happen now, it's still not breaking anything, but it could get into
a busy-loop of write()s constantly returning EAGAIN until they succeed.
Commit: ca66aa9ed83abf7d238de3710024228421e65660
https://github.com/dovecot/core/commit/ca66aa9ed83abf7d238de3710024228421e65660
Author: Stephan Bosch <stephan.bosch at dovecot.fi>
Date: 2018-06-07 (Thu, 07 Jun 2018)
Changed paths:
M src/lib-http/http-client.c
Log Message:
-----------
lib-http: client: Drop the ioloop switch callback before freeing the global client context.
This removes the possibility of recursion when the client context object somehow
triggers an ioloop switch (e.g., when debug logging starts blocking at that
inopportune moment).
Compare: https://github.com/dovecot/core/compare/6472b5cc0677...ca66aa9ed83a
**NOTE:** This service been marked for deprecation: https://developer.github.com/changes/2018-04-25-github-services-deprecation/
Functionality will be removed from GitHub.com on January 31st, 2019.
More information about the dovecot-cvs
mailing list