FEDORA-2017-c85cffed90 created by mhlavink 7 years ago for Fedora 24
  • auth: Use timing safe comparisons for everything related to passwords. It's unlikely that these could have been used for practical attacks, especially because Dovecot delays and flushes all failed authentications in 2 second intervals. Also it could have worked only when passwords were stored in plaintext in the passdb.
  • master process sends SIGQUIT to all running children at shutdown, which instructs them to close all the socket listeners immediately. This way restarting Dovecot should no longer fail due to some processes keeping the listeners open for a long time.
  • auth: Add passdb { mechanisms=none } to match separate passdb lookup
  • auth: Add passdb { username_filter } to use passdb only if user matches the filter. See https://wiki2.dovecot.org/PasswordDatabase
  • dsync: Add dsync_commit_msgs_interval setting. It attempts to commit the transaction after saving this many new messages. Because of the way dsync works, it may not always be possible if mails are copied or UIDs need to change.
  • imapc: Support imapc_features=search without ESEARCH extension.
  • imapc: Add imapc_features=fetch-bodystructure to pass through remote server's FETCH BODY and BODYSTRUCTURE.
  • imapc: Add quota=imapc backend to use GETQUOTA/GETQUOTAROOT on the remote server.
  • passdb imap: Add allow_invalid_cert and ssl_ca_file parameters.
  • If dovecot.index.cache corruption is detected, reset only the one corrupted mail instead of the whole file.
  • doveadm mailbox status: Add "firstsaved" field.
  • director_flush_socket: Add old host's up/down and vhost count as parameters
  • More fixes to automatically fix corruption in dovecot.list.index
  • dsync-server: Fix support for dsync_features=empty-header-workaround
  • imapc: Various bugfixes, including infinite loops on some errors
  • IMAP NOTIFY wasn't working for non-INBOX if IMAP client hadn't enabled modseq tracking via CONDSTORE/QRESYNC.
  • fts-lucene: Fix it to work again with mbox format
  • Some internal error messages may have contained garbage in v2.2.29
  • mail-crypt: Re-encrypt when copying/moving mails and per-mailbox keys are used. Otherwise the copied mails can't be opened.

This update has been submitted for testing by mhlavink.

7 years ago

This update has been pushed to testing.

7 years ago

This update has been obsoleted by dovecot-

7 years ago

Please login to add feedback.

Content Type
Test Gating
Unstable by Karma
Stable by Karma
Stable by Time
7 years ago
in testing
7 years ago

Automated Test Results