https://dovecot.org/releases/2.2/dovecot-2.2.29.1.tar.gzhttps://dovecot.org/releases/2.2/dovecot-2.2.29.1.tar.gz.sig
Mainly because I had missed one cherry-pick from the release, which caused unit tests to also fail. And I didn't notice that, because make distcheck had been broken for some years now when it ran clang static analyzer, although I had assumed it would have run make check already before it failed..
On a related note, we're looking for a test engineer :) http://avoimettyopaikat.monster.fi/v2/job/View?JobID=182881783
- imapc reconnection fix was forgotten from 2.2.29 release, which also
made "make check" fail in a unit test
- dict-sql: Merging multiple UPDATEs to a single statement wasn't
actually working.
- Fixed building with vpopmail
Hello Dovecot users,
Here's the definitive 0.4.18 release. There were no changes since the
release candidate.
Changelog v0.4.18:
+ imapsieve plugin: Implemented the copy_source_after rule action. When
this is enabled for a mailbox rule, the specified Sieve script is
executed for the message in the source mailbox during a "COPY" event.
This happens only after the Sieve script that is executed for the
corresponding message in the destination mailbox finishes running
successfully.
+ imapsieve plugin: Added non-standard Sieve environment items for the
source and destination mailbox.
- multiscript: The execution of the discard script had an implicit
"keep", rather than an implicit "discard".
The release is available as follows:
https://pigeonhole.dovecot.org/releases/2.2/dovecot-2.2-pigeonhole-0.4.18.t…https://pigeonhole.dovecot.org/releases/2.2/dovecot-2.2-pigeonhole-0.4.18.t…
Refer to http://pigeonhole.dovecot.org and the Dovecot v2.x wiki for
more information. Have fun testing this release and don't
hesitate to notify me when there are any problems.
Regards,
--
Stephan Bosch
stephan(a)rename-it.nl
CVSS: 6.5 (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H)
Vulnerable versions: 2.2.26 - 2.2.28
Fixed version(s): 2.2.29
Broken by a3783f8a3c9cd816b51e77a922f82301512fcf22
Fixed by 000030feb7a30f193197f1aab8a7b04a26b42735
Dovecot supports "dict" passdb and
userdb: https://wiki2.dovecot.org/AuthDatabase/Dict
When these were used for user authentication, the username sent by the
IMAP/POP3 client was sent through var_expand() to perform %variable
expansion. Sending specially crafted %variable fields could result in
excessive memory usage causing the process to crash (and restart), or
excessive CPU usage causing all authentications to hang.
Excessive memory usage could be done with e.g. %09999999999u as the
username. Because by default Dovecot limits the auth process's VSZ and
exits on any memory allocation failure, the auth process typically dies
afterwards and is immediately restarted. This may result in some user
authentications getting temporary internal failures.
Excessive CPU usage could be done with %{pkcs5;rounds=100000000:user}
variable introduced in v2.2.27.
Please use this
https://github.com/dovecot/core/commit/000030feb7a30f193197f1aab8a7b04a26b4…
to fix this issue, it should be applicable to older versions too.
Please let us know if you need assistance in patching.
---
Aki Tuomi
Dovecot oy
https://dovecot.org/releases/2.2/dovecot-2.2.29.tar.gzhttps://dovecot.org/releases/2.2/dovecot-2.2.29.tar.gz.sig
* passdb/userdb dict: Don't double-expand %variables in keys. If dict
was used as the authentication passdb, using specially crafted
%variables in the username could be used to cause DoS (CVE-2017-2669)
* When Dovecot encounters an internal error, it logs the real error and
usually logs another line saying what function failed. Previously the
second log line's error message was a rather uninformative "Internal
error occurred. Refer to server log for more information." Now the
real error message is duplicated in this second log line.
* lmtp: If a delivery has multiple recipients, run autoexpunging only
for the last recipient. This avoids a problem where a long
autoexpunge run causes LMTP client to timeout between the DATA
replies, resulting in duplicate mail deliveries.
* config: Don't stop the process due to idling. Otherwise the
configuration is reloaded when the process restarts.
* mail_log plugin: Differentiate autoexpunges from regular expunges
* imapc: Use LOGOUT to cleanly disconnect from server.
* lib-http: Internal status codes (>9000) are no longer visible in logs
* director: Log vhost count changes and HOST-UP/DOWN
+ quota: Add plugin { quota_max_mail_size } setting to limit the
maximum individual mail size that can be saved.
+ imapc: Add imapc_features=delay-login. If set, connecting to the
remote IMAP server isn't done until it's necessary.
+ imapc: Add imapc_connection_retry_count and
imapc_connection_retry_interval settings.
+ imap, pop3, indexer-worker: Add (deinit) to process title before
autoexpunging runs.
+ Added %{encrypt} and %{decrypt} variables
+ imap/pop3 proxy: Log proxy state in errors as human-readable string.
+ imap/pop3-login: All forward_* extra fields returned by passdb are
sent to the next hop when proxying using ID/XCLIENT commands. On the
receiving side these fields are imported and sent to auth process
where they're accessible via %{passdb:forward_*}. This is done only
if the sending IP address matches login_trusted_networks.
+ imap-login: If imap_id_retain=yes, send the IMAP ID string to
auth process. %{client_id} expands to it in auth process. The ID
string is also sent to the next hop when proxying.
+ passdb imap: Use ssl_client_ca_* settings for CA validation.
- fts-tika: Fixed crash when parsing attachment without
Content-Disposition header. Broken by 2.2.28.
- trash plugin was broken in 2.2.28
- auth: When passdb/userdb lookups were done via auth-workers, too much
data was added to auth cache. This could have resulted in wrong
replies when using multiple passdbs/userdbs.
- auth: passdb { skip & mechanisms } were ignored for the first passdb
- oauth2: Various fixes, including fixes to crashes
- dsync: Large Sieve scripts (or other large metadata) weren't always
synced.
- Index rebuild (e.g. doveadm force-resync) set all mails as \Recent
- imap-hibernate: %{userdb:*} wasn't expanded in mail_log_prefix
- doveadm: Exit codes weren't preserved when proxying commands via
doveadm-server. Almost all errors used exit code 75 (tempfail).
- ACLs weren't applied to not-yet-existing autocreated mailboxes.
- Fixed a potential crash when parsing a broken message header.
- cassandra: Fallback consistency settings weren't working correctly.
- doveadm director status <user>: "Initial config" was always empty
- imapc: Various reconnection fixes.
Hello Dovecot users,
This is a rather small release. It fixes one important bug in the new
discard script feature. It also adds a couple of new features for IMAPSieve.
Changelog v0.4.18:
+ imapsieve plugin: Implemented the copy_source_after rule action. When
this is enabled for a mailbox rule, the specified Sieve script is
executed for the message in the source mailbox during a "COPY" event.
This happens only after the Sieve script that is executed for the
corresponding message in the destination mailbox finishes running
successfully.
+ imapsieve plugin: Added non-standard Sieve environment items for the
source and destination mailbox.
- multiscript: The execution of the discard script had an implicit
"keep", rather than an implicit "discard".
The release is available as follows:
http://pigeonhole.dovecot.org/releases/2.2/rc/dovecot-2.2-pigeonhole-0.4.18…http://pigeonhole.dovecot.org/releases/2.2/rc/dovecot-2.2-pigeonhole-0.4.18…
Refer to http://pigeonhole.dovecot.org and the Dovecot v2.x wiki for
more information. Have fun testing this release candidate and don't
hesitate to notify me when there are any problems.
Regards,
--
Stephan Bosch
stephan(a)rename-it.nl
http://dovecot.org/releases/2.2/rc/dovecot-2.2.29.rc1.tar.gzhttp://dovecot.org/releases/2.2/rc/dovecot-2.2.29.rc1.tar.gz.sig
Planning to release v2.2.29 on Monday. Please find and report any bugs before that.
* When Dovecot encounters an internal error, it logs the real error and
usually logs another line saying what function failed. Previously the
second log line's error message was a rather uninformative "Internal
error occurred. Refer to server log for more information." Now the
real error message is duplicated in this second log line.
* lmtp: If a delivery has multiple recipients, run autoexpunging only
for the last recipient. This avoids a problem where a long
autoexpunge run causes LMTP client to timeout between the DATA
replies, resulting in duplicate mail deliveries.
* config: Don't stop the process due to idling. Otherwise the
configuration is reloaded when the process restarts.
* mail_log plugin: Differentiate autoexpunges from regular expunges
* imapc: Use LOGOUT to cleanly disconnect from server.
* lib-http: Internal status codes (>9000) are no longer visible in logs
* director: Log vhost count changes and HOST-UP/DOWN
+ quota: Add plugin { quota_max_mail_size } setting to limit the
maximum individual mail size that can be saved.
+ imapc: Add imapc_features=delay-login. If set, connecting to the
remote IMAP server isn't done until it's necessary.
+ imapc: Add imapc_connection_retry_count and
imapc_connection_retry_interval settings.
+ imap, pop3, indexer-worker: Add (deinit) to process title before
autoexpunging runs.
+ Added %{encrypt} and %{decrypt} variables
+ imap/pop3 proxy: Log proxy state in errors as human-readable string.
+ imap/pop3-login: All forward_* extra fields returned by passdb are
sent to the next hop when proxying using ID/XCLIENT commands. On the
receiving side these fields are imported and sent to auth process
where they're accessible via %{passdb:forward_*}. This is done only
if the sending IP address matches login_trusted_networks.
+ imap-login: If imap_id_retain=yes, send the IMAP ID string to
auth process. %{client_id} expands to it in auth process. The ID
string is also sent to the next hop when proxying.
- fts-tika: Fixed crash when parsing attachment without
Content-Disposition header. Broken by 2.2.28.
- trash plugin was broken in 2.2.28
- auth: When passdb/userdb lookups were done via auth-workers, too much
data was added to auth cache. This could have resulted in wrong
replies when using multiple passdbs/userdbs.
- auth: passdb { skip & mechanisms } were ignored for the first passdb
- oauth2: Various fixes, including fixes to crashes
- dsync: Large Sieve scripts (or other large metadata) weren't always
synced.
- Index rebuild (e.g. doveadm force-resync) set all mails as \Recent
- imap-hibernate: %{userdb:*} wasn't expanded in mail_log_prefix
- doveadm: Exit codes weren't preserved when proxying commands via
doveadm-server. Almost all errors used exit code 75 (tempfail).
- ACLs weren't applied to not-yet-existing autocreated mailboxes.
- Fixed a potential crash when parsing a broken message header.
- cassandra: Fallback consistency settings weren't working correctly.
- doveadm director status <user>: "Initial config" was always empty
- imapc: Various reconnection fixes.