Fedora 21 Update: dovecot-2.2.18-2.fc21

updates at fedoraproject.org updates at fedoraproject.org
Tue Jun 2 15:15:28 UTC 2015 

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2015-8485
2015-05-19 11:38:12
--------------------------------------------------------------------------------

Name        : dovecot
Product     : Fedora 21
Version     : 2.2.18
Release     : 2.fc21
URL         : http://www.dovecot.org/
Summary     : Secure imap and pop3 server
Description :
Dovecot is an IMAP server for Linux/UNIX-like systems, written with security
primarily in mind.  It also contains a small POP3 server.  It supports mail
in either of maildir or mbox formats.

The SQL drivers and authentication plug-ins are in their subpackages.

--------------------------------------------------------------------------------
Update Information:

- pigeonhole updated to 0.4.8
- Fixed problem in address test: erroneously decoded mime-encoded words in
  address headers.
- extprograms plugin: Fixed failure occurring when connecting to script
  service without the need to read back the output from the external program.
- Fixed bug in script storage path normalization occurring with relative
  symbolic links below root.

- dovecot updated to 2.2.18
- director: Login UNIX sockets were normally detected as doveadm or
  director ring sockets, causing it to break in existing installations.
- sdbox: When copying a mail in alt storage, place the destination to
  alt storage as well.

--------------------------------------------------------------------------------
ChangeLog:

* Mon May 18 2015 Michal Hlavinka <mhlavink at redhat.com> - 1:2.2.18-2
- update pigeonhole to 0.4.8
- Fixed problem in address test: erroneously decoded mime-encoded words in
  address headers.
- extprograms plugin: Fixed failure occurring when connecting to script
  service without the need to read back the output from the external program.
- Fixed bug in script storage path normalization occurring with relative
  symbolic links below root.
* Fri May 15 2015 Michal Hlavinka <mhlavink at redhat.com> - 1:2.2.18-1
- director: Login UNIX sockets were normally detected as doveadm or
  director ring sockets, causing it to break in existing installations.
- sdbox: When copying a mail in alt storage, place the destination to
  alt storage as well.
* Thu May 14 2015 Michal Hlavinka <mhlavink at redhat.com> - 1:2.2.17-1
- dovecot updated to 2.2.17
- pigeonhole updated to 0.4.7
- auth: If auth_master_user_separator was set, auth process could be
  crashed by trying to log in with empty master username.
- imap-login, pop3-login: Fixed crash on handshake failures with new
  OpenSSL versions (v1.0.2) when SSLv3 was disabled.
- auth: If one passdb fails allow_nets check, it shouldn't have failed
  all the other passdb checks later on.
- imap: Server METADATA couldn't be accessed
- imapc: Fixed \Muted label handling in gmail-migration.
- imapc: Various bugfixes and improvements.
- Trash plugin fixes by Alexei Gradinari
- mbox: Fixed crash/corruption in some situations
* Tue Apr 28 2015 Michal Hlavinka <mhlavink at redhat.com> - 1:2.2.16-2
- fix CVE-2015-3420: SSL/TLS handshake failures leading to a crash of the login process
* Mon Mar 16 2015 Michal Hlavinka <mhlavink at redhat.com> - 1:2.2.16-1
- dovecot updated to 2.2.16
- auth: Don't crash if master user login is attempted without
  any configured master=yes passdbs
- Parsing UTF-8 text for mails could have caused broken results
  sometimes if buffering was split in the middle of a UTF-8 character.
  This affected at least searching messages.
- String sanitization for some logged output wasn't done properly:
  UTF-8 text could have been truncated wrongly or the truncation may
  not have happened at all.
- fts-lucene: Lookups from virtual mailbox consisting of over 32
  physical mailboxes could have caused crashes.
* Thu Feb  5 2015 Michal Hlavinka <mhlavink at redhat.com> - 1:2.2.15-3
- fix mbox istream crashes (#1189198, #1186504)
* Mon Jan  5 2015 Michal Hlavinka <mhlavink at redhat.com> - 1:2.2.15-2
- fix crash related to logging BYE notifications (#1176282)
- update pigeonhole to 0.4.6
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use
su -c 'yum update dovecot' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

More information about the package-announce mailing list