Hi!
We arey happy to release Dovecot v2.4.1!
Some IMPORTANT things to notice (still):
- We have changed the signing key for 2.4 going forward, releases are signed with EF0882079FD4ED32BF8B23B2A1B09EF84EDC5219, which can be found at https://repo.dovecot.org/DOVECOT-REPO-GPG-2.4 and is signed with the previous key.
The old key has been renamed to https://repo.dovecot.org/DOVECOT-REPO-GPG-2.3.
New 2.4 packages **are not** compatible with old 2.3 configuration, please carefully review https://doc.dovecot.org/2.4.1/installation/upgrade/2.3-to-2.4.html before installing the new packages.
We are happy to provide experimental arm64 support in the form of a Docker image. There are now three kinds of images, latest, latest-dev and latest-root.
The latest docker image is now ran rootless, with UID 1000 as vmail. Please take this into consideration when upgrading. The latest-root image still runs as root. Latest 2.3 image can be used with tag 2.3-latest still
We won't be sending separate mail about Pigeonhole anymore as we will release one anyways when we release Dovecot, and Pigeonhole versioning has been changed to match Dovecot versioning.
Source codes available at
- https://www.dovecot.org/releases/2.4/dovecot-2.4.1.tar.gz
- https://www.dovecot.org/releases/2.4/dovecot-2.4.1.tar.gz.sig
- https://pigeonhole.dovecot.org/releases/2.4/dovecot-pigeonhole-2.4.1.tar.gz
- https://pigeonhole.dovecot.org/releases/2.4/dovecot-pigeonhole-2.4.1.tar.gz....
Binary packages in https://repo.dovecot.org/ Docker images in https://hub.docker.com/r/dovecot/dovecot
Kind regards, Aki Tuomi Open-Xchange oy
Dovecot Core NEWS
- auth: Change unix_listener/auth-userdb/group = $SET:default_internal_group This change needs dovecot_config_version=2.4.1.
- auth: lua - Remove support for single string result.
- imap: Unconditionally advertise SPECIAL-USE capability.
- lib-dcrypt: Install dcrypt_openssl.so into dovecot modules directory.
- lib-master: For glibc, default MALLOC_MMAP_THRESHOLD_=131072.
- lib-storage: Change default mail_cache_fields to: hdr.date hdr.subject hdr.from hdr.sender hdr.reply-to hdr.to hdr.cc hdr.bcc hdr.in-reply-to hdr.message-id date.received size.virtual imap.bodystructure mime.parts hdr.references hdr.importance hdr.x-priority hdr.x-open-xchange-share-url pop3.uidl pop3.order. This change needs dovecot_config_version=2.4.1.
- lib-var-expand: Use moduledir instead of pkglibdir for crypt.
- lmtp: Change the default lmtp_user_concurrency_limit to 10. This change needs dovecot_config_version=2.4.1.
- lmtp: Change the default service_restart_request_count to 1. This change needs dovecot_config_version=2.4.1.
- auth: Allow configuring passdb/userdb sql to use auth-workers.
- config: Add default group @mailbox_defaults = english.
- config: Improve "Unknown setting" error with more details and suggestions.
- doveconf: Add -U parameter to ignore unknown settings in config file.
- fts-flatcurve: Support lock files in VOLATILEDIR.
- imap-acl: Add support for the IMAP LIST-MYRIGHTS capability (RFC 8440).
- imap-client: Support ANONYMOUS authentication.
- imap: Implement support for the REPLACE capability.
- auth: ldap - Passdb fields were ignored with passdb_ldap_bind_userdn=yes.
- auth: lua - Fix error result handling in lua passdb/userdb.
- auth: oauth2 - When building oauth2 failure reply, memory would leak.
- config: local_name handling would work wrong with multiple names and wildcards.
- fts-flatcurve: A potential crash could occur when searching virtual mailboxes. Fixes: Panic: file fts-search.c: line 87 (level_scores_add_vuids): assertion failed: (array_count(&vuids_arr) == array_count(&br->scores))
- fts-flatcurve: Maybe queries were done wrong.
- fts-flatcurve: Non-selectable mailboxes were not ignored when doing optimize/rescan.
- fts-flatcurve: Signal 11 crash could happen with fts rescan.
- fts: Fix crash caused by event object lifecycle mishandling.
- imap-hibernate: Client counters would get reset on unhibernation, affecting imap_logout_format variables.
- imap: Crash would occur with Maildir when trying to send INPROGRESS during mailbox syncing.
- ldap: Dovecot could not be compiled without LDAP.
- lib-dcrypt: Output stream encryption can cause assert crash if attempting to encrypt over 64 GiB of data with GCM. This is still not supported with GCM, but it fails better.
- lib-http: HTTP client context memory usage was increasing.
- lib-http: Pipeline corruption could happen after 100 Continue response.
- lib-settings: Variable expansion initialization could crash with Panic: file settings.c: line 1560 (settings_var_expand_init_add): assertion failed: (I_MAX(num_tables, num_provs) == num_ctx)
- lib-smtp: Pipelining initial SASL response after AUTH was broken.
- lib-var-expand: If filter failed, memory leak would occur.
- lib-var-expand: Older bison versions did not have error symbol for handling causing unexpected behaviour on the parser on error conditions.
- quota: Quota calculations had minor bugs causing small errors.
Pigeonhole NEWS
- global: Fix settings handling bugs. Especially %variables weren't working in various settings.
- ldap: Pigeonhole could not be built without LDAP.
And unfortunately a small typo crept in, due to the small change in filenames.
Please find files at
- https://www.dovecot.org/releases/2.4/dovecot-2.4.1-4.tar.gz
- https://www.dovecot.org/releases/2.4/dovecot-2.4.1-4.tar.gz.sig
- https://pigeonhole.dovecot.org/releases/2.4/dovecot-pigeonhole-2.4.1-4.tar.g...
- https://pigeonhole.dovecot.org/releases/2.4/dovecot-pigeonhole-2.4.1-4.tar.g...
Sorry!
Aki
On 28/03/2025 17:35 EET Aki Tuomi via Dovecot-news <dovecot-news@dovecot.org> wrote:
Hi!
We arey happy to release Dovecot v2.4.1!
Some IMPORTANT things to notice (still):
- We have changed the signing key for 2.4 going forward, releases are signed with EF0882079FD4ED32BF8B23B2A1B09EF84EDC5219, which can be found at https://repo.dovecot.org/DOVECOT-REPO-GPG-2.4 and is signed with the previous key.
The old key has been renamed to https://repo.dovecot.org/DOVECOT-REPO-GPG-2.3.
New 2.4 packages **are not** compatible with old 2.3 configuration, please carefully review https://doc.dovecot.org/2.4.1/installation/upgrade/2.3-to-2.4.html before installing the new packages.
We are happy to provide experimental arm64 support in the form of a Docker image. There are now three kinds of images, latest, latest-dev and latest-root.
The latest docker image is now ran rootless, with UID 1000 as vmail. Please take this into consideration when upgrading. The latest-root image still runs as root. Latest 2.3 image can be used with tag 2.3-latest still
We won't be sending separate mail about Pigeonhole anymore as we will release one anyways when we release Dovecot, and Pigeonhole versioning has been changed to match Dovecot versioning.
Source codes available at
- https://www.dovecot.org/releases/2.4/dovecot-2.4.1.tar.gz
- https://www.dovecot.org/releases/2.4/dovecot-2.4.1.tar.gz.sig
- https://pigeonhole.dovecot.org/releases/2.4/dovecot-pigeonhole-2.4.1.tar.gz
- https://pigeonhole.dovecot.org/releases/2.4/dovecot-pigeonhole-2.4.1.tar.gz....
Binary packages in https://repo.dovecot.org/ Docker images in https://hub.docker.com/r/dovecot/dovecot
Kind regards, Aki Tuomi Open-Xchange oy
Dovecot Core NEWS
- auth: Change unix_listener/auth-userdb/group = $SET:default_internal_group This change needs dovecot_config_version=2.4.1.
- auth: lua - Remove support for single string result.
- imap: Unconditionally advertise SPECIAL-USE capability.
- lib-dcrypt: Install dcrypt_openssl.so into dovecot modules directory.
- lib-master: For glibc, default MALLOC_MMAP_THRESHOLD_=131072.
- lib-storage: Change default mail_cache_fields to: hdr.date hdr.subject hdr.from hdr.sender hdr.reply-to hdr.to hdr.cc hdr.bcc hdr.in-reply-to hdr.message-id date.received size.virtual imap.bodystructure mime.parts hdr.references hdr.importance hdr.x-priority hdr.x-open-xchange-share-url pop3.uidl pop3.order. This change needs dovecot_config_version=2.4.1.
- lib-var-expand: Use moduledir instead of pkglibdir for crypt.
- lmtp: Change the default lmtp_user_concurrency_limit to 10. This change needs dovecot_config_version=2.4.1.
- lmtp: Change the default service_restart_request_count to 1. This change needs dovecot_config_version=2.4.1.
- auth: Allow configuring passdb/userdb sql to use auth-workers.
- config: Add default group @mailbox_defaults = english.
- config: Improve "Unknown setting" error with more details and suggestions.
- doveconf: Add -U parameter to ignore unknown settings in config file.
- fts-flatcurve: Support lock files in VOLATILEDIR.
- imap-acl: Add support for the IMAP LIST-MYRIGHTS capability (RFC 8440).
- imap-client: Support ANONYMOUS authentication.
- imap: Implement support for the REPLACE capability.
- auth: ldap - Passdb fields were ignored with passdb_ldap_bind_userdn=yes.
- auth: lua - Fix error result handling in lua passdb/userdb.
- auth: oauth2 - When building oauth2 failure reply, memory would leak.
- config: local_name handling would work wrong with multiple names and wildcards.
- fts-flatcurve: A potential crash could occur when searching virtual mailboxes. Fixes: Panic: file fts-search.c: line 87 (level_scores_add_vuids): assertion failed: (array_count(&vuids_arr) == array_count(&br->scores))
- fts-flatcurve: Maybe queries were done wrong.
- fts-flatcurve: Non-selectable mailboxes were not ignored when doing optimize/rescan.
- fts-flatcurve: Signal 11 crash could happen with fts rescan.
- fts: Fix crash caused by event object lifecycle mishandling.
- imap-hibernate: Client counters would get reset on unhibernation, affecting imap_logout_format variables.
- imap: Crash would occur with Maildir when trying to send INPROGRESS during mailbox syncing.
- ldap: Dovecot could not be compiled without LDAP.
- lib-dcrypt: Output stream encryption can cause assert crash if attempting to encrypt over 64 GiB of data with GCM. This is still not supported with GCM, but it fails better.
- lib-http: HTTP client context memory usage was increasing.
- lib-http: Pipeline corruption could happen after 100 Continue response.
- lib-settings: Variable expansion initialization could crash with Panic: file settings.c: line 1560 (settings_var_expand_init_add): assertion failed: (I_MAX(num_tables, num_provs) == num_ctx)
- lib-smtp: Pipelining initial SASL response after AUTH was broken.
- lib-var-expand: If filter failed, memory leak would occur.
- lib-var-expand: Older bison versions did not have error symbol for handling causing unexpected behaviour on the parser on error conditions.
- quota: Quota calculations had minor bugs causing small errors.
Pigeonhole NEWS
- global: Fix settings handling bugs. Especially %variables weren't working in various settings.
- ldap: Pigeonhole could not be built without LDAP.
Dovecot-news mailing list -- dovecot-news@dovecot.org To unsubscribe send an email to dovecot-news-leave@dovecot.org
On 29/03/25 04:45, Aki Tuomi via Dovecot-news wrote:
And unfortunately a small typo crept in, due to the small change in filenames.
Please find files at
What's the purpose of the -4 in the filename? It's going to cause issues with packaging.
Peter
On 30/03/2025 11:49 EEST Bjoern Franke via dovecot <dovecot@dovecot.org> wrote:
Hey,
What's the purpose of the -4 in the filename? It's going to cause issues with packaging.
Yes, this is really annoying for packaging.
Regards Bjoern
Hi,
the -4 comes from our build system.
Aki
On Mar 31, 2025, at 04:34, Bjoern Franke via dovecot <dovecot@dovecot.org> wrote:
Hi
Hi, the -4 comes from our build system.
Regardless where it comes from, "-" is usually used for the package version.
Yes, which is why a build system is attaching it. It’s a build number or version of the package being built. I don’t know the history here, but it sounds like the problem might be that you’re building something and then trying to take the built assets and repackage then with another build system. Normally, the solution is to not build twice. Aki, is the “build system” you mention producing builds, or is it a system that is used to tag sources? Maybe this is what I’m missing.
- ChrisOn Mon, Mar 31, 2025 at 02:01:23PM -0400, Chris Ross via dovecot wrote:
the -4 comes from our build system.
Regardless where it comes from, "-" is usually used for the package version.
Yes, which is why a build system is attaching it. It’s a build number or version of the package being built. I don’t know the history here, but it sounds like the problem might be that you’re building something and then trying to take the built assets and repackage then with another build system. Normally, the solution is to not build twice. Aki, is the “build system” you mention producing builds, or is it a system that is used to tag sources? Maybe this is what I’m missing.
FWIW, in the Debian packaging world the uscan tool can be configured to
transform the upstream version string as needed to cope with things like
this. For Debian itself, I simply stripped the trailing -4 with the
following change: https://salsa.debian.org/debian/dovecot/-/commit/18c417079ce1df831f860e20ae0...
But yeah, it was a surprise to see it show up, and it did force me to deal with uscan's arcane configuration syntax. It would certainly not upset me if future releases didn't append such a suffic to the version string in the published artifacts.
noah
On 31/03/25 18:42, Aki Tuomi via dovecot wrote:
What's the purpose of the -4 in the filename? It's going to cause issues with packaging.
Yes, this is really annoying for packaging.
the -4 comes from our build system.
That's fine, but then why are you tagging the *sources* with it?
Peter
participants (5)
-
Aki Tuomi
-
Bjoern Franke
-
Chris Ross
-
Noah Meyerhans
-
Peter