https://dovecot.org/releases/2.3/dovecot-2.3.2.tar.gz https://dovecot.org/releases/2.3/dovecot-2.3.2.tar.gz.sig
v2.3.2 is mainly a bugfix release. It contains all the changes in v2.2.36, as well as a bunch of other fixes (mainly for v2.3-only bugs). Binary packages are already in https://repo.dovecot.org/
- old-stats plugin: Don't temporarily enable PR_SET_DUMPABLE while opening /proc/self/io. This may still cause security problems if the process is ptrace()d at the same time. Instead, open it while still running as root.
- doveadm: Added mailbox cache decision&remove commands. See doveadm-mailbox(1) man page for details.
- doveadm: Added rebuild attachments command for rebuilding $HasAttachment or $HasNoAttachment flags for matching mails. See doveadm-rebuild(1) man page for details.
- cassandra: Use fallback_consistency on more types of errors
- lmtp proxy: Support outgoing SSL/TLS connections
- lmtp: Add lmtp_rawlog_dir and lmtp_proxy_rawlog_dir settings.
- submission: Add support for rawlog_dir
- submission: Add submission_client_workarounds setting.
- lua auth: Add password_verify() function and additional fields in auth request.
- doveadm-server: TCP connections are hanging when there is a lot of network output. This especially caused hangs in dsync-replication.
- Using multiple type=shared mdbox namespaces crashed
- mail_fsync setting was ignored. It was always set to "optimized".
- lua auth: Fix potential crash at deinit
- SSL/TLS servers may have crashed if client disconnected during handshake.
- SSL/TLS servers: Don't send extraneous certificates to client when alt certs are used.
- lda, lmtp: Return-Path header without '<' may have assert-crashed.
- lda, lmtp: Unencoded UTF-8 in email address headers may assert-crash
- lda: -f parameter didn't allow empty/null/domainless address
- lmtp, submission: Message size limit was hardcoded to 40 MB. Exceeding it caused the connection to get dropped during transfer.
- lmtp: Fix potential crash when delivery fails at DATA stage
- lmtp: login_greeting setting was ignored
- Fix to work with OpenSSL v1.0.2f
- systemd unit restrictions were too strict by default
- Fix potential crashes when a lot of log output was produced
- SMTP client may have assert-crashed when sending mail
- IMAP COMPRESS: Send "end of compression" marker when disconnecting.
- cassandra: Fix consistency=quorum to work
- dsync: Lock file generation failed if home directory didn't exist
- Snippet generation for HTML mails didn't ignore &entities inside blockquotes, producing strange looking snippets.
- imapc: Fix assert-crash if getting disconnected and after reconnection all mails in the selected mailbox are gone.
- pop3c: Handle unexpected server disconnections without assert-crash
- fts: Fixes to indexing mails via virtual mailboxes.
- fts: If mails contained NUL characters, the text around it wasn't indexed.
- Obsolete dovecot.index.cache offsets were sometimes used. Trying to fetch a field that was just added to cache file may not have always found it.
On 2018-06-29 14:51, Timo Sirainen wrote:
v2.3.2 is mainly a bugfix release. It contains all the changes in v2.2.36, as well as a bunch of other fixes (mainly for v2.3-only bugs). Binary packages are already in https://repo.dovecot.org/
A simple "yum update" will result in a ton of these errors:
Jun 29 15:02:19 stats: Error: stats: Socket supports major version 2, but we support only 3 (mixed old and new binaries?)
Should the yum update process perhaps not restart the dovecot service?
Tom
On 29 Jun 2018, at 15.05, Tom Sommer mail@tomsommer.dk wrote:
On 2018-06-29 14:51, Timo Sirainen wrote:
v2.3.2 is mainly a bugfix release. It contains all the changes in v2.2.36, as well as a bunch of other fixes (mainly for v2.3-only bugs). Binary packages are already in https://repo.dovecot.org/
A simple "yum update" will result in a ton of these errors:
Jun 29 15:02:19 stats: Error: stats: Socket supports major version 2, but we support only 3 (mixed old and new binaries?)
Should the yum update process perhaps not restart the dovecot service?
It sounds like you upgraded from v2.2.x to v2.3.2? The stats was completely changed.
On 2018-06-29 15:20, Timo Sirainen wrote:
On 29 Jun 2018, at 15.05, Tom Sommer mail@tomsommer.dk wrote:
On 2018-06-29 14:51, Timo Sirainen wrote:
v2.3.2 is mainly a bugfix release. It contains all the changes in v2.2.36, as well as a bunch of other fixes (mainly for v2.3-only bugs). Binary packages are already in https://repo.dovecot.org/
A simple "yum update" will result in a ton of these errors:
Jun 29 15:02:19 stats: Error: stats: Socket supports major version 2, but we support only 3 (mixed old and new binaries?)
Should the yum update process perhaps not restart the dovecot service?
It sounds like you upgraded from v2.2.x to v2.3.2? The stats was completely changed.
From 2.3.1 to 2.3.2:
Installed: dovecot.x86_64 2:2.3.2-3 dovecot-mysql.x86_64 2:2.3.2-3
Updated: dovecot-pigeonhole.x86_64 2:2.3.2-3
Replaced: dovecot.x86_64 2:2.3.1-1 dovecot-mysql.x86_64 2:2.3.1-1
On 29 Jun 2018, at 15.28, Tom Sommer mail@tomsommer.dk wrote:
On 2018-06-29 15:20, Timo Sirainen wrote:
On 29 Jun 2018, at 15.05, Tom Sommer mail@tomsommer.dk wrote:
On 2018-06-29 14:51, Timo Sirainen wrote:
v2.3.2 is mainly a bugfix release. It contains all the changes in v2.2.36, as well as a bunch of other fixes (mainly for v2.3-only bugs). Binary packages are already in https://repo.dovecot.org/ A simple "yum update" will result in a ton of these errors: Jun 29 15:02:19 stats: Error: stats: Socket supports major version 2, but we support only 3 (mixed old and new binaries?) Should the yum update process perhaps not restart the dovecot service? It sounds like you upgraded from v2.2.x to v2.3.2? The stats was completely changed.
From 2.3.1 to 2.3.2:
Installed: dovecot.x86_64 2:2.3.2-3 dovecot-mysql.x86_64 2:2.3.2-3
Updated: dovecot-pigeonhole.x86_64 2:2.3.2-3
Replaced: dovecot.x86_64 2:2.3.1-1 dovecot-mysql.x86_64 2:2.3.1-1
That's weird. Something appears to be connecting to the stats socket with old protocol version. What your doveconf -n?
On 2018-06-29 16:00, Timo Sirainen wrote:
On 29 Jun 2018, at 15.28, Tom Sommer mail@tomsommer.dk wrote:
On 2018-06-29 15:20, Timo Sirainen wrote:
On 29 Jun 2018, at 15.05, Tom Sommer mail@tomsommer.dk wrote:
On 2018-06-29 14:51, Timo Sirainen wrote:
v2.3.2 is mainly a bugfix release. It contains all the changes in v2.2.36, as well as a bunch of other fixes (mainly for v2.3-only bugs). Binary packages are already in https://repo.dovecot.org/ A simple "yum update" will result in a ton of these errors: Jun 29 15:02:19 stats: Error: stats: Socket supports major version 2, but we support only 3 (mixed old and new binaries?) Should the yum update process perhaps not restart the dovecot service? It sounds like you upgraded from v2.2.x to v2.3.2? The stats was completely changed.
From 2.3.1 to 2.3.2:
Installed: dovecot.x86_64 2:2.3.2-3 dovecot-mysql.x86_64 2:2.3.2-3
Updated: dovecot-pigeonhole.x86_64 2:2.3.2-3
Replaced: dovecot.x86_64 2:2.3.1-1 dovecot-mysql.x86_64 2:2.3.1-1
That's weird. Something appears to be connecting to the stats socket with old protocol version. What your doveconf -n?
service stats { chroot = empty client_limit = 0 drop_priv_before_exec = no executable = stats extra_groups = group = idle_kill = 4294967295 secs privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener stats-reader { group = mode = 0600 user = } unix_listener stats-writer { group = $default_internal_group mode = 0660 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B }
This is the full error-log that happened after "yum update": https://pastebin.com/tUJaehdV
"Jun 29 15:02:20" is the "/etc/init.d/dovecot restart"
Maybe it was a one-time thing for only my setup, I don't know - Although I find it hard to understand how a stat-writer socket with an old version should be able to run in 2.3.1 with major version 2 for several months - and the same thing happened on all of my 22 director-backend-servers.
Oh well.
Le 29 juin 2018 à 14:51, Timo Sirainen tss@iki.fi a écrit :
https://dovecot.org/releases/2.3/dovecot-2.3.2.tar.gz https://dovecot.org/releases/2.3/dovecot-2.3.2.tar.gz.sig
v2.3.2 is mainly a bugfix release. It contains all the changes in v2.2.36, as well as a bunch of other fixes (mainly for v2.3-only bugs).
Binary packages are already in https://repo.dovecot.org/ https://repo.dovecot.org/
Is there any plan to add bionic version to the ubuntu repo ?
On 29 June 2018 at 23:39 Jean-Daniel jddupas@xooloo.com wrote:
Le 29 juin 2018 à 14:51, Timo Sirainen tss@iki.fi a écrit :
https://dovecot.org/releases/2.3/dovecot-2.3.2.tar.gz https://dovecot.org/releases/2.3/dovecot-2.3.2.tar.gz.sig
v2.3.2 is mainly a bugfix release. It contains all the changes in v2.2.36, as well as a bunch of other fixes (mainly for v2.3-only bugs).
Binary packages are already in https://repo.dovecot.org/ https://repo.dovecot.org/
Is there any plan to add bionic version to the ubuntu repo ?
Yes. It is on our roadmap.
Aki
On 29.06.2018 15:51, Timo Sirainen wrote:
https://dovecot.org/releases/2.3/dovecot-2.3.2.tar.gz https://dovecot.org/releases/2.3/dovecot-2.3.2.tar.gz.sig
v2.3.2 is mainly a bugfix release. It contains all the changes in v2.2.36, as well as a bunch of other fixes (mainly for v2.3-only bugs). Binary packages are already in https://repo.dovecot.org/
Has something been changed in the CentOS package, especially with SELinux? I just updated from 2.3.1 and now I'm having to add SELinux rules for Dovecot to be able to read files in /etc. I've an sqlite user database in /etc/mail and sieve scripts in /etc/dovecot/sieve, neither are accessible anymore without adding extra SELinux rules.
Thanks, Reio
On 30.06.2018 10:55, Reio Remma wrote:
On 29.06.2018 15:51, Timo Sirainen wrote:
https://dovecot.org/releases/2.3/dovecot-2.3.2.tar.gz https://dovecot.org/releases/2.3/dovecot-2.3.2.tar.gz.sig
v2.3.2 is mainly a bugfix release. It contains all the changes in v2.2.36, as well as a bunch of other fixes (mainly for v2.3-only bugs). Binary packages are already in https://repo.dovecot.org/
Has something been changed in the CentOS package, especially with SELinux? I just updated from 2.3.1 and now I'm having to add SELinux rules for Dovecot to be able to read files in /etc. I've an sqlite user database in /etc/mail and sieve scripts in /etc/dovecot/sieve, neither are accessible anymore without adding extra SELinux rules.
# This one is now needed to use the sqlite database in /etc/mail #
module selinux-dovecot-etc 1.0;
require {
type dovecot_auth_t;
type etc_mail_t;
class dir search;
class file { getattr lock open read write };
}
#============= dovecot_auth_t ==============
allow dovecot_auth_t etc_mail_t:dir search;
allow dovecot_auth_t etc_mail_t:file { getattr lock open read write };
# This module is needed for Dovecot to be able to execute sieve scripts in /etc/dovecot/sieve #
module selinux-dovecot-etc-execute 1.0;
require {
type dovecot_etc_t;
type dovecot_t;
class file { execute execute_no_trans };
}
#============= dovecot_t ==============
allow dovecot_t dovecot_etc_t:file { execute execute_no_trans };
# This module is needed for my spamc scripts to access what it needs #
module selinux-dovecot-sieve-execute 1.0;
require {
type var_log_t;
type dovecot_t;
type spamc_exec_t;
type tmpfs_t;
class lnk_file read;
class file { execute execute_no_trans getattr open read };
}
#============= dovecot_t ==============
allow dovecot_t spamc_exec_t:file { execute execute_no_trans getattr open read };
allow dovecot_t tmpfs_t:lnk_file read;
allow dovecot_t var_log_t:file open;
None of these modules were needed before upgrade from 2.3.1 on my Centos 7.5 system.
Good luck, Reio
Timo Sirainen tss@iki.fi wrote:
- lmtp, submission: Message size limit was hardcoded to 40 MB.
I only want to clarify if ...
mail> doveconf -d | grep size
submission_max_mail_size = 0… this setting stands for 'unlimited'?
Thanks in advance and regards, Michael
v2.3.2 is mainly a bugfix release.
Please push a tag into the git repository.
Thanks, Heiko
Heiko Schlichting Freie Universität Berlin heiko.schlichting@fu-berlin.de Zentraleinrichtung für Datenverarbeitung Telefon +49 30 838-54327 Fabeckstraße 32 Telefax +49 30 838454327 14195 Berlin
On 04/07/2018 9:44, Heiko Schlichting wrote:
v2.3.2 is mainly a bugfix release.
Please push a tag into the git repository.
Yes, thanks for doing it, and I will be gratefull also, if the dovecot master-2.3 and pigeonhole master-0.5 branchs would include the commits of the last dovecot and pigeonhole releases.
Thanks Juan C.
Thanks, Heiko
Heiko Schlichting Freie Universität Berlin heiko.schlichting@fu-berlin.de Zentraleinrichtung für Datenverarbeitung Telefon +49 30 838-54327 Fabeckstraße 32 Telefax +49 30 838454327 14195 Berlin
-- +-------------------------------------------------------------------+ | Juan C. Blanco | | | | Centro de Calculo | | | E.T.S. Ingenieros Informáticos | E-mail: jcblanco@fi.upm.es | | Universidad Politécnica de Madrid | | | Campus de Montegancedo | | | Boadilla del Monte | Tel.: (+34) 91 067 2771 | | 28660 MADRID (Spain) | Fax : (+34) 91 336 7412 | +-------------------------------------------------------------------+
participants (8)
-
Aki Tuomi
-
Heiko Schlichting
-
Jean-Daniel
-
Juan C. Blanco
-
Michael Grimm
-
Reio Remma
-
Timo Sirainen
-
Tom Sommer