Date: Tue, 11 Apr 2017 00:23:52 +0000 (UTC) From: Adam Weinberger <adamw@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r438222 - in head/mail: dovecot2 dovecot2-antispam-plugin dovecot2-pigeonhole dovecot2/files Message-ID: <201704110023.v3B0Nq1s029243@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: adamw Date: Tue Apr 11 00:23:52 2017 New Revision: 438222 URL: https://svnweb.freebsd.org/changeset/ports/438222 Log: Update dovecot to 2.2.29, and bump PORTREVISION for the plugins. Add a warning to the pkg-message that security.bsd.see_other_uids/gids should not be enabled if dovecot is storing mail for multiple users concurrently (PR 218392, submitted by topical). * passdb/userdb dict: Don't double-expand %variables in keys. If dict was used as the authentication passdb, using specially crafted %variables in the username could be used to cause DoS (CVE-2017-2669) * When Dovecot encounters an internal error, it logs the real error and usually logs another line saying what function failed. Previously the second log line's error message was a rather uninformative "Internal error occurred. Refer to server log for more information." Now the real error message is duplicated in this second log line. * lmtp: If a delivery has multiple recipients, run autoexpunging only for the last recipient. This avoids a problem where a long autoexpunge run causes LMTP client to timeout between the DATA replies, resulting in duplicate mail deliveries. * config: Don't stop the process due to idling. Otherwise the configuration is reloaded when the process restarts. * mail_log plugin: Differentiate autoexpunges from regular expunges * imapc: Use LOGOUT to cleanly disconnect from server. * lib-http: Internal status codes (>9000) are no longer visible in logs * director: Log vhost count changes and HOST-UP/DOWN + quota: Add plugin { quota_max_mail_size } setting to limit the maximum individual mail size that can be saved. + imapc: Add imapc_features=delay-login. If set, connecting to the remote IMAP server isn't done until it's necessary. + imapc: Add imapc_connection_retry_count and imapc_connection_retry_interval settings. + imap, pop3, indexer-worker: Add (deinit) to process title before autoexpunging runs. + Added %{encrypt} and %{decrypt} variables + imap/pop3 proxy: Log proxy state in errors as human-readable string. + imap/pop3-login: All forward_* extra fields returned by passdb are sent to the next hop when proxying using ID/XCLIENT commands. On the receiving side these fields are imported and sent to auth process where they're accessible via %{passdb:forward_*}. This is done only if the sending IP address matches login_trusted_networks. + imap-login: If imap_id_retain=yes, send the IMAP ID string to auth process. %{client_id} expands to it in auth process. The ID string is also sent to the next hop when proxying. + passdb imap: Use ssl_client_ca_* settings for CA validation. - fts-tika: Fixed crash when parsing attachment without Content-Disposition header. Broken by 2.2.28. (fixed in FreeBSD ports) - trash plugin was broken in 2.2.28 (fixed in FreeBSD ports) - auth: When passdb/userdb lookups were done via auth-workers, too much data was added to auth cache. This could have resulted in wrong replies when using multiple passdbs/userdbs. - auth: passdb { skip & mechanisms } were ignored for the first passdb - oauth2: Various fixes, including fixes to crashes - dsync: Large Sieve scripts (or other large metadata) weren't always synced. - Index rebuild (e.g. doveadm force-resync) set all mails as \Recent - imap-hibernate: %{userdb:*} wasn't expanded in mail_log_prefix - doveadm: Exit codes weren't preserved when proxying commands via doveadm-server. Almost all errors used exit code 75 (tempfail). - ACLs weren't applied to not-yet-existing autocreated mailboxes. - Fixed a potential crash when parsing a broken message header. - cassandra: Fallback consistency settings weren't working correctly. - doveadm director status <user>: "Initial config" was always empty - imapc: Various reconnection fixes. Deleted: head/mail/dovecot2/files/patch-src_plugins_fts_fts-parser-tika.c head/mail/dovecot2/files/patch-trash_plugin Modified: head/mail/dovecot2-antispam-plugin/Makefile head/mail/dovecot2-pigeonhole/Makefile head/mail/dovecot2/Makefile head/mail/dovecot2/distinfo head/mail/dovecot2/files/pkg-message.in head/mail/dovecot2/pkg-plist Modified: head/mail/dovecot2-antispam-plugin/Makefile ============================================================================== --- head/mail/dovecot2-antispam-plugin/Makefile Tue Apr 11 00:03:50 2017 (r438221) +++ head/mail/dovecot2-antispam-plugin/Makefile Tue Apr 11 00:23:52 2017 (r438222) @@ -3,7 +3,7 @@ PORTNAME= dovecot2-antispam-plugin PORTVERSION= 20130429 -PORTREVISION= 25 +PORTREVISION= 26 CATEGORIES= mail MASTER_SITES= http://olgeni.olgeni.com/~olgeni/distfiles/ \ LOCAL/olgeni Modified: head/mail/dovecot2-pigeonhole/Makefile ============================================================================== --- head/mail/dovecot2-pigeonhole/Makefile Tue Apr 11 00:03:50 2017 (r438221) +++ head/mail/dovecot2-pigeonhole/Makefile Tue Apr 11 00:23:52 2017 (r438222) @@ -3,7 +3,7 @@ PORTNAME= dovecot-pigeonhole PORTVERSION= 0.4.17 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= mail MASTER_SITES= http://pigeonhole.dovecot.org/releases/${DOVECOTVERSION}/ DISTNAME= ${PORTNAME:C/-/-${DOVECOTVERSION}-/}-${PORTVERSION} Modified: head/mail/dovecot2/Makefile ============================================================================== --- head/mail/dovecot2/Makefile Tue Apr 11 00:03:50 2017 (r438221) +++ head/mail/dovecot2/Makefile Tue Apr 11 00:23:52 2017 (r438222) @@ -13,8 +13,7 @@ ###################################################################### PORTNAME= dovecot -PORTVERSION= 2.2.28 -PORTREVISION= 2 +PORTVERSION= 2.2.29 CATEGORIES= mail ipv6 MASTER_SITES= https://www.dovecot.org/releases/${PORTVERSION:R}/ PKGNAMESUFFIX= 2 Modified: head/mail/dovecot2/distinfo ============================================================================== --- head/mail/dovecot2/distinfo Tue Apr 11 00:03:50 2017 (r438221) +++ head/mail/dovecot2/distinfo Tue Apr 11 00:23:52 2017 (r438222) @@ -1,3 +1,3 @@ -TIMESTAMP = 1487948861 -SHA256 (dovecot-2.2.28.tar.gz) = e0288f59e326ab87cb3881fdabadafe542f4dc7ab9996db13863a439ebbc1f25 -SIZE (dovecot-2.2.28.tar.gz) = 5921992 +TIMESTAMP = 1491869176 +SHA256 (dovecot-2.2.29.tar.gz) = d939ea99126eb8a8c6955390b422b6e27ec0fa43a3b59b2b3218cb5ad67139a6 +SIZE (dovecot-2.2.29.tar.gz) = 5971883 Modified: head/mail/dovecot2/files/pkg-message.in ============================================================================== --- head/mail/dovecot2/files/pkg-message.in Tue Apr 11 00:03:50 2017 (r438221) +++ head/mail/dovecot2/files/pkg-message.in Tue Apr 11 00:23:52 2017 (r438222) @@ -15,6 +15,14 @@ dovecot_enable="YES" +--------------------------------------------------------------------- + +To avoid a risk of mailbox corruption, do not enable the +security.bsd.see_other_uids or .see_other_guids sysctls if Dovecot +is storing mail for multiple concurrent users (PR 218392). + +--------------------------------------------------------------------- + If you want to be able to search within attachments using the decode2text plugin, you'll need to install textproc/catdoc, and one of graphics/xpdf or graphics/poppler-utils. Modified: head/mail/dovecot2/pkg-plist ============================================================================== --- head/mail/dovecot2/pkg-plist Tue Apr 11 00:03:50 2017 (r438221) +++ head/mail/dovecot2/pkg-plist Tue Apr 11 00:23:52 2017 (r438222) @@ -179,6 +179,7 @@ include/dovecot/hex-dec.h include/dovecot/hmac-cram-md5.h include/dovecot/hmac.h include/dovecot/home-expand.h +include/dovecot/hook-build.h include/dovecot/hostpid.h include/dovecot/http-auth.h include/dovecot/http-client-private.h @@ -567,9 +568,12 @@ include/dovecot/userdb-vpopmail.h include/dovecot/userdb.h include/dovecot/utc-mktime.h include/dovecot/utc-offset.h +include/dovecot/var-expand-private.h include/dovecot/var-expand.h include/dovecot/wildcard-match.h include/dovecot/write-full.h +lib/dovecot/auth/lib20_auth_var_expand_crypt.a +lib/dovecot/auth/lib20_auth_var_expand_crypt.so lib/dovecot/auth/libauthdb_imap.a lib/dovecot/auth/libauthdb_imap.so lib/dovecot/doveadm/lib10_doveadm_acl_plugin.a @@ -627,6 +631,8 @@ lib/dovecot/lib20_quota_clone_plugin.a lib/dovecot/lib20_quota_clone_plugin.so lib/dovecot/lib20_replication_plugin.a lib/dovecot/lib20_replication_plugin.so +lib/dovecot/lib20_var_expand_crypt.a +lib/dovecot/lib20_var_expand_crypt.so lib/dovecot/lib20_virtual_plugin.a lib/dovecot/lib20_virtual_plugin.so lib/dovecot/lib20_zlib_plugin.a
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201704110023.v3B0Nq1s029243>