26 Jun
2024
26 Jun
'24
9:48 p.m.
for anyone interested, for dovecot v2.3.14+ @ Fedora,
https://src.fedoraproject.org/rpms/dovecot/blob/rawhide/f/dovecot-2.3.14-opensslv3.patch
afaics, _not_ submitted to upstream ...
>>> We can already see that the Debian/RedHat patched 2.3 which is
>>> offered is broken because there is more than just "making it
>>> compile" with things like OpenSSL3, and yes, I can appreciate
>>> that it's not fully broken, but it's not fully working either.
>> could you please elaborate on this? are there any security issues with
>> using the debian version? what are the problems you are implicating with
>> your above statement, that it's 'not fully working either'?
> It can sometimes crash
here
rpm -qa | grep dovecot-2
dovecot-2.3.21-7.fc40.x86_64
ldd /usr/sbin/dovecot | grep -E "ssl|crypto"
libssl.so.3 => /lib64/libssl.so.3 (0x00007f3aad8a4000)
libcrypto.so.3 => /lib64/libcrypto.so.3 (0x00007f3aad200000)
rpm -q --whatprovides /lib64/libssl.so.3 /lib64/libcrypto.so.3
openssl-libs-3.2.1-2.fc40.x86_64
openssl-libs-3.2.1-2.fc40.x86_64
rpm -qa | grep openssl
openssl-3.2.1-2.fc40.x86_64
openssl-libs-3.2.1-2.fc40.x86_64
openssl-perl-3.2.1-2.fc40.x86_64
openssl-pkcs11-0.4.12-8.fc40.x86_64
dovecot hums along nicely. i've not seen a _crash_ in _many_ moons (quick looking thru ~ 18mos of logs) ...
that said, our usage is undoubtedly lighter than many a large enterprise. and Fedora's not going to work for everyone.