* SECURITY UPDATE: privilege escalation via multiple passdbs
- debian/patches/CVE-2022-30550.patch: fix handling passdbs with
identical driver/args but different mechanisms/username_filter in
src/auth/auth-request.c, src/auth/auth.c, src/auth/auth.h,
src/auth/passdb.c, src/auth/passdb.h.
- CVE-2022-30550
* No-change rebuild for icu soname change.
[ Bryce Harrington ]
* Merge with Debian unstable. (LP: #1946855)
Remaining changes:
- Package references hidden symbols during an LTO link. This needs further
investigation. Until then, disable LTO.
* Dropped:
- SECURITY UPDATE: incorrectly escapes kid and azp fields in JWT tokens
+ debian/patches/CVE-2021-29157.patch: improve escaping in
src/lib-dict-extra/dict-fs.c, src/lib-oauth2/oauth2-jwt.c,
src/lib-oauth2/test-oauth2-jwt.c.
[Included in Debian 1:2.3.13+dfsg1-2]
- SECURITY UPDATE: plaintext command injection before STARTTLS
+ debian/patches/CVE-2021-33515.patch: properly handle command queue in
src/lib-smtp/smtp-server-cmd-starttls.c,
src/lib-smtp/smtp-server-connection.c.
[Included in Debian 1:2.3.13+dfsg1-2]
* d/rules: Disable Debian's recent enablement of LTO as well, as it
FTBFS when building with gcc 11.
(LP: #1951325)
[ Simon Chopin ]
* d/p/OpenSSL3.patch: Workaround to fix EC key handling when building
with OpenSSL 3.0.
(LP: #1945763)
* [7b858b6] Fix FTBFS on mips(64)el. Stacktrace generation on these
architectures requires -funwind-tables, as with 32-bit arm.
[ Christian Göttsche ]
* [e1e9ece] d/patches: rework backtrace test patch
* [be404bf] d/patches: add big-endian patch
[ Christian Göttsche ]
* [ff4a227] New upstream version 2.3.14+dfsg1
* [963fa3b] New upstream version 2.3.15+dfsg1 (Closes: #991323, #983510)
* [5e0c898] d/watch: adjust dversionmangle for dfsg suffix
* [9ffb0f5] d/patches: update
* [850e1d6] New upstream version 2.3.16+dfsg1
* [7140b87] d/patches: rebase patches
* [fb1b77e] d/rules: enable LTO
* [ce7055d] d/control: add libsystemd-dev dependency
* [db93263] d/copyright: drop unused section
* [aeec1e8] d/rules: update how to set systemdsystemunitdir
* [ebe9709] d/patches: resolve compiler warnings
* [19b2bb0] d/changelog: bump to 1:2.3.16+dfsg1-1
* [58a4078] d/patches: update 32bit warnings patch
[ Noah Meyerhans ]
* [f217c2e] Fix indexer crash
* [b075317] Import upstream patch for indexer crash on client disconnect
* [36e8740] drop debian/dovecot-core.maintscript
* Import upstream fixes for security issues (Closes: #990566):
- CVE-2021-29157: Path traversal issue allowing an attacker with
access to the local filesystem can trick OAuth2 authentication into
using an HS256 validation key from an attacker-controlled location
- CVE-2021-33515: Sensitive information could be redirected to an
attacker-controlled address because of a STARTTLS command injection
bug in the submission service
* No-change rebuild due to OpenLDAP soname bump.
* SECURITY UPDATE: incorrectly escapes kid and azp fields in JWT tokens
- debian/patches/CVE-2021-29157.patch: improve escaping in
src/lib-dict-extra/dict-fs.c, src/lib-oauth2/oauth2-jwt.c,
src/lib-oauth2/test-oauth2-jwt.c.
- CVE-2021-29157
* SECURITY UPDATE: plaintext command injection before STARTTLS
- debian/patches/CVE-2021-33515.patch: properly handle command queue in
src/lib-smtp/smtp-server-cmd-starttls.c,
src/lib-smtp/smtp-server-connection.c.
- CVE-2021-33515
* Package references hidden symbols during an LTO link. This needs further
investigation. Until then, disable LTO.
* No change rebuild against clucene-core
[ Christian Göttsche ]
* [6829237] New upstream version 2.3.13 (Closes: #979363)
- CVE-2020-24386: IMAP hibernation allows accessing other peoples mail
- CVE-2020-25275: MIME parsing crashes with particular messages
* [6d25736] Add libzstd-dev to build-dependencies (Closes: #969165)
* [5956798] Rebase patches
* [2cb63c3] Bump to standards version 4.5.1 (no further changes)
* [548bac5] Drop unmatched copyright src/lib-ntlm/* wildcard
* [6f33f3f] Ignore package-contains-documentation-outside-usr-share-doc
false-positives
* [dde9c94] Handle removed configuration file in postinst
[ Pino Toscano ]
* [04a60e3] d/{control,rules}: disable apparmor support on !linux archs
(Closes: #951869)
[ Helmut Grohne ]
* [e5f9fcb] d/patches: improve cross-compile support (Closes: #979370)
[ Christian Göttsche ]
* [44770f6] Add patch for 32bit compiler warnings
* [053865a] Lintian: remove unused override
* [4ece2e1] Lintian: add forwarded header to Debian specific patches
* [67872b7] Lintian: ignore Debian only man page
* [d30bd7e] Lintian: tag manpage-without-executable got renamed to
spare-manual-page
* [3bdf952] Limit libcap-dev build-dependency to linux-any
* [28f6425] Drop acute accent in man page
* [8c15850] Add patch allowing GSSAPI containing NULL
* New upstream release fixes security issues (Closes: #968302)
- CVE-2020-12100 - Receiving mail with deeply nested MIME parts leads to
resource exhaustion as Dovecot attempts to parse it.
- CVE-2020-12673 - Dovecot's NTLM implementation does not correctly check
message buffer size, which leads to reading past allocation which can
lead to crash.
- CVE-2020-12674 - Dovecot's RPA mechanism implementation accepts
zero-length message, which leads to assert-crash later on.
* Add libcap-dev to build-dependencies to support dropping linux
capabilities.
* Support sd_notify with systemd (Closes: #951722)
* Add necessary CFLAGS and LDFLAGS settings to ensure functional backtrace
generation. (Closes: #962630)
* Suppress additional library-not-linked-against-libc lintian warnings some
plugins as false-positives, observed on armel systems
[ Andreas Hasenack ]
* d/t/control, d/t/testmails: cherry-pick updated autopkgtests from
Ubuntu's 1:2.2.35-2ubuntu1:
- d/t/testmails: dropped the hardcoded "Ubuntu" name from the banner
text and made it distribution agnostic
- d/t/control: added lsb-release to test dependencies, used to get the
distribution name
* New upstream release addresses multiple security issues
- CVE-2020-10957
- CVE-2020-10958
- CVE-2020-10967
(Closes: #960963, #930919, #928492)
* Refresh patches
* Strip non-DFSG-compliant docs from .orig archives
* Incorporate a number of improvements to debian/ metadata contributed by
Christian Göttsche <cgzones@googlemail.com>
* Move pid file to /run (Closes: #925443)
* Add noahm@debian.org to Uploaders
* Work around flakiness in autopkgtest suite
* Suppress library-not-linked-against-libc lintian warnings some plugins as
false-positives
* [dcaf24e] New upstream version 2.3.7.2
- Fixes CVE-2019-11500 for dovecot-core
* [111beef] Update pigeonhole to 0.5.7.2
- Fixes CVE-2019-11500 for pigeonhole/managesieve
* [a422c4c] Bump Standards-Version to 4.4.0; no changes needed
* [56e37ed] Bump dh compat to 12; no changes needed.
- Drop d/compat in favor debhelper-compat B-D.
* [476edbd] Refresh dovecot_name.patch and ssl-cert-location.patch
* [9dc7904] Drop patches included in 2.3.7.2.
- CVE-2019-10691
- CVE-2019-11494
- CVE-2019-11499
- CVE-2019-7524
- avoid-double-closing-mysql.patch
- lib-master-test-event-stats-Use-PRIu64-format.patch
* [bd00402] Fix CVE-2019-11494 and CVE-2019-11499 (Closes: #928235)
- submission-login: fix null pointer dereference when client
disconnects during authentication (CVE-2019-11494)
- submission-login: fix assert-crash when receiving an invalid
authentication message over TLS (CVE-2019-11499)
* [d04d4ba] Fix assert-crash in JSON encoder (CVE-2019-10691)
* [07c9212] Fix two buffer overflows when reading oversized FTS headers
and/or oversized POP3-UIDL headers (CVE-2019-7524).
[ Laurent Bigonville ]
* [ac99918] Fix double-free crash in mysql driver
Fix double closing of the connection in the mysql driver, this should
fix the crash in the dovecot auth process, taken from upstream.
(Closes: #918339)
[ Apollon Oikonomopoulos ]
* [8a30446] Bump Standards-Version to 4.3.0; no changes needed
* [bebf0b4] New upstream version 2.3.4.1
+ Fixes CVE-2019-3814: TLS client auth username handling
* [51d1317] Fix FTBFS on 32-bit platforms.
Cherry-pick upstream commit de42b54, fixing the event-stats test on
32-bit platforms.
* [14c247f] New upstream version 2.3.4
* [7fed004] Update pigeonhole to 0.5.4
[ Jelmer Vernooij ]
* Trim trailing whitespace.
[ Apollon Oikonomopoulos ]
* [6591a99] New upstream version 2.3.3
* [3d718ec] Bump Standards-Version to 4.2.1; no changes needed
* [123bd32] Update pigeonhole to 0.5.3
* [40ba9f0] New upstream bugfix release 2.3.2.1
* [87045ac] Drop fix-ftbfs-on-32bit.patch; merged upstream
* [5bb22a4] Bump Standards-Version to 4.1.5; no changes needed
* [48067de] Fix FTBFS on 32-bit platforms by cherry-picking upstream commit
1e23986f.
* [bb03669] New upstream version 2.3.2
+ Upload to unstable
* [d29da3a] Merge 2.3 package changes from experimental. Important changes:
+ [b3d1e17] Enable AppArmor support, see
https://wiki2.dovecot.org/Plugins/Apparmor
• B-D on libapparmor-dev
+ [c0c55bd] Enable Lua scripting support for authdb/passdb.
• B-D on liblua5.3-dev
• New binary package, dovecot-auth-lua
+ [4f6792e] Build with sodium support, enabling the ARGON2I and ARGON2ID
password schemes.
• B-D on libsodium-dev
+ [54347e7] Build with ICU support enabling FTS unicode normalization
• B-D on libicu-dev
+ New dovecot-submissiond binary package for the dovecot submission agent;
see https://wiki2.dovecot.org/Submission.
* [4db4813] Change maintainer address to dovecot@packages.d.o
* [5118354] Update pigeonhole to 0.5.2
* [52a7af4] Drop murmur3-big-endian.patch; merged upstream
* [22a6eee] Refresh dovecot_name.patch
* [3af7568] dovecot_name.patch: apply to submissiond as well
* [19f2274] d/gbp.conf: set merge-mode to "merge" to preserve pigeonhole/
when importing new dovecot sources
* [6b9bf0d] New upstream version 2.2.36
* [be12f22] Bump pigeonhole version to 0.4.24
+ Remove new file under doc/rfc
+ Ship the new imap_filter_sieve module in dovecot-sieve
* [b77be59] Bump Standards-Version to 4.1.4; no changes needed
* [7665652] Use git-subtree to generate pigeonhole patch from git; add
single-debian-patch to d/source/local-options
* [bfa0f10] d/rules: specify libdir manually; previous upload moved modules
under /usr/lib/<triplet>, which was bound to break existing setups
* [982e826] d/copyright: adjust pigeonhole path and bump years
* [8108cba] New upstream version 2.2.35
* [6cbbaa1] Update pigeonhole to 0.4.23 (Closes: #892137)
* [9ace5f2] Switch Vcs-* URLs to salsa.d.o
* [ef40625] d/rules: call configure via dh_auto_configure.
Thanks to Helmut Grohne (Closes: #885854)
* [a459455] Drop B-D on libcurl4-gnutls-dev; removed upstream since 2.2
* [235af9d] Update upstream signing key
* [868dc65] Update pigeonhole to 0.4.22
* Set urgency to high due to the security fixes in 2.2.34-1
* [f53dc9a] New upstream version 2.2.34 (Closes: #921529)
Fixes the following security issues:
+ CVE-2017-15130: TLS SNI config lookups may lead to excessive memory
usage (Closes: #891820)
+ CVE-2017-14461: rfc822_parse_domain information leak vulnerability
(Closes: #891819)
+ CVE-2017-15132: auth client leaks memory if SASL authentication is
aborted (Closes: #888432)
* [0dc98c6] Do not patch all-settings.c; regenerate it at build time
instead. Thanks to Aki Tuomi!
* [e678e3b] Bump dh compat to 11
+ B-D on debhelper (>= 11~)
+ Use dh_installsystemd instead of dh_systemd_enable
* [271b290] Bump Standards-Version to 4.1.3; no changes needed
* [3cd6715] d/copyright: bump upstream and debian years
* [380d1ac] Drop the ENABLED flag from /etc/default/dovecot (but let the
initscript handle it if it exists)
* [97d6fae] d/watch: switch upstream URL to https://
* [8216f38] New upstream version 2.2.33.2
* [dbd1132] New upstream version 2.2.33.1
+ [b3d1f2d] Refresh split-protocols.patch
+ [e0de123] Update pigeonhole to 0.4.21
* [ef6a1eb] Set mail_privileged_group to 'mail' by default (Closes: #711856)
* [aeb6cf3] d/copyright: convert to Format 1.0
* [5961f9d] Use dh-autoreconf for both, dovecot and pigeonhole.
* [85f1f0f] Bump Standards to 4.1.1; no changes needed
* [fa71c69] dovecot-core.postinst: remove dovecot-common's postrm
(Closes: #696382)
* [e835c67] Ship decode2text.sh as an example (Closes: #767313)
* [63fb486] Deprecate dovecot-dbg in favor of auto dbgsyms
* [36b44b9] Handle unsupported SSLv2/SSLv3 in the ssl_protocols setting
gracefully (Closes: #866752)
* [6652d9c] New upstream version 2.2.32.
* [c9cb096] Update pigeonhole to 0.4.20.
* [b499950] dovecot-core: remove SSL key/cert symlinks on purge
(Closes: #867157)
* [dbdcc66] dovecot-core.postinst: ignore adduser errors (Closes: #867849)
* [476c950] Bump Standards to 4.1.0; no changes needed.
* [2914efa] Drop B-D on autotools-dev, it is depended on by debhelper 10.
* [305d022] Remove Fabio, Joel and Marco from Uploaders. Thanks for your work!
* [9b058f3] New upstream version 2.2.31
+ [2b577c1] Bump pigeonhole version to 0.4.19
* Enable TLS by default:
+ [7ca4b1c] Update SSL cert location patch; cert/key should reside under
/etc/dovecot/private by default.
+ [05d3d0f] Use ssl-cert-snakeoil certificates to setup SSL by default
(Closes: #376146, #786570)
+ [862901f] dovecot-core.postinst: manage 10-ssl.conf using ucf
(Closes: #850538)
+ [418df05] README.Debian: document the new TLS setup
+ [47bade9] dovecot-core.NEWS: document TLS support
* [8356bc0] Handle /etc/dovecot/private mode using dpkg-statoverride
* dovecot-core.postinst: cleanup
+ [afbd33f] dovecot-core.postinst: always call adduser
+ [ee22dc5] dovecot-core.postinst: remove obsolete conffile handling
+ [7bb298b] dovecot-core.postinst: do not remove the imapd user/group
* [815a2d1] README.Debian: cleanup
* [91115a3] Use noawait dpkg triggers (lintian warning)
* [e845cec] Add basic usage DEP-8 test, doing end-to-end tests involving
LDA, IMAP and POP3.
* [71c73ef] systemd: convert service to Type=simple and start after
network-online.target (Closes: #865546, #825562)
* [1534fac] dovecot.service: enable ProtectSystem=full
* [d276c69] B-D only on default-libmysqlclient-dev
* [401e83d] New upstream version 2.2.30.2
* [1ea8321] Bump pigeonhole version to 0.4.18
* [97bf8ec] Drop CVE-2017-2669 patch
* [9c1bbe2] Drop fix-sha3-on-big-endian.patch
* [d3c607b] Refresh dovecot_name.patch
* [5c64268] Bump Standards to 4.0.0; no changes needed
* [0b884fc] Bump compat to 10
+ B-D on debhelper (>= 10)
+ Drop B-D on dh-systemd, now provided by debhelper
+ Run dh --without=autoreconf, since we use autotools-dev
* [117285a] Remove /etc/dovecot/README (Closes: #849290)
* [04e8ce3] auth: Do not double-expand key in passdb dict when
authenticating (CVE-2017-2669) (Closes: #860049)
* [30586e3] Fix SHA3 on big-endian architectures.
[ Jaldhar H. Vyas ]
* [b1e4693] Imported Upstream version 2.2.27
+ Includes fix for CVE-2016-8652 (Closes: #846605)
[ Apollon Oikonomopoulos ]
* [b25993a] Drop patches merged upstream:
+ call_openssl_cleanup_at_deinit.patch
+ disable_sslv23.patch
* [3015f35] Drop references to SSLv2 in the default SSL protocols (Closes: #844271)
* [b03027b] Call OPENSSL_cleanup() on dcrypt_openssl unload. Fixes FTBFS
with OpenSSL 1.1.0c.
* [9db7d1b] Fix upgrades from 2.2.25 (Closes: #843028)
[ Apollon Oikonomopoulos ]
* [18fc181] New upstream version 2.2.26.0 (Closes: #828286, #834837)
* [3ecfd3c] Update pigeonhole to 0.4.16
* [61ff825] Move libdovecot-ldap and libdict_ldap to dovecot-ldap (Closes:
#830135).
* [b3a1650] Ubuntu: disable -Bsymbolic-functions ld flag.
Thanks to Christian Ehrhardt <christian.ehrhardt@canonical.com>
(Closes: #842151) (LP: #1636781)
* [5828ab1] B-D on default-libmysqlclient-dev (but keep plain
libmysqlclient-dev as an alternative to ease backports).
* [0086110] Drop DRAC plugin.
Thanks to Christian Ehrhardt <christian.ehrhardt@canonical.com>
(Closes: #842153)
[ Jaldhar H. Vyas ]
* [60808eb] Move aclocal *.m4 files into -dev package.
* [52fd869] Move lib95_imap_sieve_plugin.so into dovecot-sieve (Closes:
#832046).
* [cc29a81] Imported Upstream version 2.2.25
* [d19bcca] Updated pigeonhole patch to 0.4.14
* [16db179] Merged in some features of the Ubuntu dovecot package.
+ dovecot-core: added lsb-base dependency.
+ dovecot-core: Added apport hook.
+ dovecot-imapd,dovecot-pop3d: Added ufw profiles.
Thanks to Christian Erhardt <christian.ehrhardt@canonical.com>
(Closes: #828864)
* [26020b6] Imported Upstream version 2.2.24 (Closes: #818652)
[ Jaldhar H. Vyas ]
* Drop missing-expunges.patch, merged upstream
[ Apollon Oikonomopoulos ]
* [8a01915] Imported Upstream version 2.2.23
[ Jaldhar H. Vyas ]
* [2321581] Imported Upstream version 2.2.22
* [3fa8a62] Updated pigeonhole patch to 0.4.13
[ Jaldhar H. Vyas ]
* [d9c0630] Imported Upstream version 2.2.21 (Closes: #809666, #708539,
#801346, 803223)
* [5360548] Updated pigeonhole patch to 0.4.12
* [5e6783f] Fixed typo in dovecot-core.README.Debian.
Thanks to Ingo Wichmann <iw-debian@linuxhotel.de> (Closes: #809717)
* [d00d0c7] Create /var/lib/dovecot in the package. (Closes: #801752)
* [6510373] Upstream patch for sync problem which could cause expunged
messages to keep reappearing. (Closes: #684499)
* [040f7fa] dovecot-core: dovecot.socket not enabled on installation
(Closes: #814999)
* [fc29003] /etc/dovecot/10-ssl.conf no longer managed by ucf or modified by
postinst. Thanks to Santiago Vila <sanvila@unex.es> (Closes: #773237)
* [0d16e16] Fixed some lintian warnings.
* [801ba7e] Added Apollon to uploaders
[ Apollon Oikonomopoulos ]
* [99ef3d8] Build with lz4 support (Closes: #784321)
* [92f68aa] Fix nss userdb (Closes: #712764)
* [41b9bde] Disable dovecot.socket in existing installations.
* [49c5b97] d/rules: specify systemd unit dir manually (Closes: #720854)
* [a377ccb] Convert to dh sequencer
* [48af954] B-D on debhelper >= 9
* [591c315] Bump standards to 3.9.7; no changes needed
* [ceb629e] Use dh_installinit --name
* [ef8d8ac] d/rules: refactor file installation
* [a899bcc] dovecot-core: use dh_installman
* [6159e00] d/rules: build in parallel if requested
* [51014e6] d/control: use HTTPS Vcs-* URLs
* [b385cf5] dovecot-sieve: replace Conflicts with Breaks
* [b4a9e68] Add basic DEP-8 tests
* [7452649] Add DEP-8 tests for systemd support
* [e5101aa] Re-enable PIE and bindnow
* [5717808] Fix invoke-rc.d calls and never call init.d directly
* [3504241] Drop debconf remains
* [68d5038] Imported Upstream version 2.2.20
* [146ef57] Imported Upstream version 2.2.19
* [3af7cad] Updated pigeonhole patch to 0.4.9
* [3f3bf71] Updated pigeonhole patch to 0.4.8 (Closes: #792669)
* [cce20a5] Imported Upstream version 2.2.18. Closes: #786760
* [36d2ec1] Refresh patch dovecot_name.patch.
* [109e6f8] Drop patch cve-2015-3420.patch: applied upstream.
* [6c59f09] Depend on krb5-multidev rather than libkrb5-dev.
* [e9d9193] Imported Upstream version 2.2.16
* [976c256] Remove gbp- prefix from section names in debian/gbp.conf.
* [762b9a6] Add Dutch translation. Thanks, Frans Spiesschaert. Closes: #766203
* [dea3dd6] Drop bye_logout_not_sent.patch: already included upstream.
* [48f6fe4] Add patch cve-2015-3420.patch: Fix SSL/TLS handshake failures
leading to a crash of the login process with newer versions of OpenSSL.
Closes: #783649 (CVE-2015-3420)
* [ebc0377] Don't allow install of dovecot-sieve without a new enough
dovecot-core. (Closes: #772885)
[ Jelmer Vernooij ]
* [93db7f0] Fix path to 90-sieve-extprograms.conf in dovecot-sieve.postinst.
Closes: #772703, #772711
[ Jaldhar H. Vyas ]
* [8c627a4] Add another db_stop this time for triggers. Die #770695 die!
* [5b689f6] Made some overlooked configuration files into conffiles;
deleted excess files from /usr/share/doc/dovecot-core.
* [83f2fc4] Explicitly stop debconf in dovecot-core postinst which hopefully
fixes the last of the install hangs.
Thanks to Chris Gilbert <zeke.gilbert@gmail.com> (Closes: #770695)
* [b2f652f] Turn off SSL by default and leave SSL cert locations commented
out. Hopefully this will be a satisfactory lowest common denominator for
new installs without messing with upgrades.
(Closes: #771334, #771407)
* [daea09a] Commented out cert locations so install doesn't bomb if the
certs haven't been created yet.
(Closes: #706216, #732263, #767154, #768253, #769461, #770697)
* [f7205c0] dovecot-dev: removed dependency on dovecot-core
* [e393868] Removed SSL certificate generation from postinst. From now on
you have to do this yourself. See dovecot-core's README.debian for
instructions. (Closes: #730828)
* Fix name of organizationName field in SSL configuration for self-
signed certs. Closes: #760653
* Add Provides with dovecot ABI version, for plugins to depend on.
Closes: #456021
* Build-depend on clucene 2.3 or later, which upstream lists as the
minimum version. Closes: #754141
* Use configuration file for openssl certificate configuration.
* Use canonical address for Vcs-Browser header.
* Remove unnecessary asterisk from NEWS entry; fixes lintian warning.
* Remove unused lintian override for usr/lib/dovecot/imap.
* dovecot-core: Ignore lintian warnings for empty directories.
* [bd5e34b] Patches from upstreams' hg repo to fix BYE and LOGOUT not being
sent. (Closes: #751682)
* [452e336] Czech translation for debconf.
Thanks to Michal Šimůnek (Closes: #751389)
* [0680040] Imported Upstream version 2.2.13
* [7751508] Imported Upstream version 2.2.13~rc1
+ Fixes denial of service vulnerability (CVE-2014-3430). Closes: #747549
* [0383db0] Break long line.
* [c961b6a] Fix installation of sieve plugins. Closes: #742770, #684271
* [388d2bf] Strip body.rfc5173.txt from the pigeonhole patch, as it is
non-free. Closes: #745398
* [c882a38] Add build dependencies libstemmer-dev and libexttextcat-dev,
used by dovecot-lucene.
* [67762d4] Use autotools-dev to update config.guess and config.sub.
* [33e79b7] Update Japenese po file. Thanks, victory. Closes: #730171
* [cbf213b] Add non-standard-dir-perm override for /etc/dovecot/private.
* [52b67de] Update watch file for 2.2 series.
* [c4eac1f] Verify upstream tarball signature in watch file.
* [3a81ff9] Imported Upstream version 2.2.12
* [8950a86] Bump standards version to 3.9.5 (no changes).
* [cd82417] Add myself to uploaders.
* [0496c52] Imported Upstream version 2.2.10
* [515dd61] Added new package for Lucene full text search support.
Thanks to Jelmer Vernooij <jelmer@debian.org> for the patch.
(Closes: #685979)
* [718a68e] Fix old private key location in README.Debian.
Thanks to Jelmer Vernooij <jelmer@debian.org> for the patch.
(Closes: #702385)
* [42da568] dovecot-solr: Make sure solr-schema.xml gets installed.
(In /usr/share/dovecot)
(Closes: #695185)
* [77acbf7] Added /usr/share/dovecot/dovecot-abi file in dovecot-dev to
document -- you guessed it! -- the dovecot ABI version.
* [feb597a] Added support for xz compression.
[ Jaldhar H. Vyas ]
* [77468cf] Imported Upstream version 2.2.9
* [43e08f3] Place dovenull user in its own group. (Closes: #725164)
* [e1a3e9c] Handled the fact that dovecot-db.conf.ext is no longer used.
(Closes: #728107, #730403)
[Debconf translation updates]
* Russian (Yuri Kozlov). (Closes: #729106)
* German (Chris Leick). (Closes: #729358)
* Danish (Joe Hansen). (Closes: #729425)
* French (Julien Patriarca). (Closes: #729966)
* Portuguese (Américo Monteiro). (Closes: #730006)
* Polish (Michał Kułach). (Closes: #730061)
* Italian (Beatrice Torracca). (Closes: #730136)
* Japanese (victory). (Closes: #73017)
* Swedish (Martin Bagge / brother). (Closes: #730188)
* Spanish; (Camaleón). (Closes: #730354)
* [6157a2b] New upstream version 2.2.8
[ Micah Anderson ]
* [a0035bf] New upstream version 2.2.5
* [a053c49] Update pigeonhole patch to 0.4.1
* [689cd67] refreshed patches
[ Jaldhar H. Vyas ]
* Caused bugs and then fixed them again.
* [e8286e0] New version of drac patch taken from Ubuntu which works better
with 2.x (Closes: #716764)
* [23acb40] Add a patch from Ubuntu to report the distro name in the login
banner why not.
* [f8d566e] Don't need dovecot-common package anymore; get rid of it.
[ Jaldhar H. Vyas ]
* [fa0d6aa] Re-enable mbox write locking patch to comply with policy 11.6
(Closes: #720502)
* [38691fb] New upstream version (Closes: #719021)
* [1361144] prompts in dovecot-core postinst debconfiscated.
* IN MEMORIAM: Goldy the Goldfish (2000-2013) You were a prince (or
perhaps princess?) among fish and we shall all miss you dearly.
May your karmas merit much punya in future lives.
* [9741bd8] New Upstream version
* [3476489] Updated pigeonhole patch to 0.3.5
* [d4f236f] Removed some patches which are no longer required.
* This version is not actually intended for upload. It merely undoes
some changes made for the the wheezy release. Namely, the following
features are back:
- TCP Wrappers support
- Hurd compatibility support
- Triggers.
* If you are upgrading from stable or earlier versions of this package
from testing/unstable please carefully read
/usr/share/doc/dovecot-core/README.Debian.gz for important information
about changes.
* [0d74b31] Move Breaks/Replaces mailavenger from dovecot-common to
dovecot-core (Closes: #694376)
* [a8030a1] Revamped dovecot-cores README.Debian by adding any info I could
think of in order to ease upgrade problems. (Closes: #696820)
* [04798d3] Don't touch 10-ssl.conf at all. Eventually I will DTRT with
regards to the default generated ssl certificates but in the mean time
this will do the least mischief. (Closes: #696817)
* [fde17d1] Patch to make /etc/dovecot/readme point to the right place for
the example configuration. (Closes: #698941)
* WARNING: in order to get this package into wheezy some functionality
from the previous release had to be removed. Namely:
- TCP Wrappers support
- Hurd compatibility support
- Triggers
All this will be coming back in the next version but for now, if you need
any of it, stick with -5.
* [1f869e0] NEWS.Debian was not getting added to the package (Closes: #693621)
* [564c5e2] Add breaks and replaces mailavenger for debian-common
(Closes: #694376)
* [132bc3b] Remove call to ntp-wait in init script. Dovecot handles a
skewed clock much better now. (Closes: #693225)
* [68ef7ad] piuparts complained /etc/dovecot/private was left unowned on
purge which is against policy (Closes: #692944)
[ Jaldhar H. Vyas ]
* [03d5499] Do not generate new dovecot cert if key or cert is already
present (Closes: #685896,#631257) Thanks to Alexander Ufimtsev
<alexu@ucd.ie> and Jörg-Volker Peetz <jvpeetz@web.de> for patches.
* [5be6c2a] You should be able to upgrade and remove dovecot-managesieved
without errors (Closes: #665487)
* [1a9ad5c] Fixes instances where UTF-8 was misused instead of mUTF-7
(Closes: #680035)
* [c0ac3ba] Backport of fix for failure to autocreate mailboxes
(Closes: #623440) This also requires setting the default mail_location.
* [ba1d3f5] Fix FTBS on Hurd (Closes: #686931) via upstream patch backported
from mercurial.
* [cfa92b5] Upgrade pigeonhole page to 0.3.1 (Closes: #688407)
* [58f01c2] Generated certificates will now be created in /etc/dovecot
(Closes: #608719)
* [8e40ea5] Patch to build with PIE and bindnow
by intrigeri@debian.org (Closes: #679017)
* [87d982b] Use libwrap (Closes: #685850)
* [ebb5421] Start after nslcd (Closes: #692632)
* [2db5c1a] Add support for dpkg triggers. This means dovecot will not be
repeatedly restarted when installing or removing lots of plugins
(Closes: #601744)
* [bc66629] Patch to document -k in dsync.1
by Luca Capello <luca@pca.it> (Closes: #680992)
* [ba67766] Add lintian overrides.
[ Marco Nenciarini ]
* [ffba408] Updated watch file
* [9777434] Install missing default configuration files from upstream
* [9496828] Backport fix for segfault in managesieve triggered by
CHECKSCRIPT command. (Closes: #688197)
* [e23a136] Just a quick upload to make dovecot buildable on non-linux
platforms again. (Closes: #676817) I did it by removing the systemd
build-dep altogether. sd-daemon.[ch] is included in the source so if
systemd is installed on a system, it should be detected and socket
activation should happen. That is, assuming I've got everything right
(and documented) which is something I'll be looking into for the next
version.
* [7668742] Imported upstream 2.1.7 (Closes: #663243)
+ doveadm.1 documents the move command. (Closes: #641750)
* [4db927a] Patch to enable systemd support. (Closes: #672266)
Thanks Riku Voipio.
* [e17ac86] Previous attempt at setting hardening flags did not include the
drac plugin. Simon Ruderich provided an extra patch.
(Closes: #653530)
* [6cc1e7d] Imported upstream 2.1.4
* [49ecc33] Imported upstream 2.1.3
* [70c3f6e] Imported upstream 2.1.2
* Add missing dependency on dpkg-dev 1.16.1
* [e113636] Imported upstream 2.1.1
* Updated pigeonhole patch to 0.3.0, supporting 2.1
* [85ae320] Imported Upstream version 2.0.18
* [9cfd1da] Upped standards version to 3.9.3
* [afb4164] Patch to dovecot-core/postinst so that permissions of symlinked
certificates aren't modified. (Closes: #646508)
Thanks Michael Kuhn.
* [bf642ee] Patch to enable hardened build flags. (Closes: #653530)
Thanks Moritz Muehlenhoff.
* [00b0d0c] Updated pigeonhole to 0.2.6
* [a22575a] New upstream version 2.0.15: (Closes: #642045)
+ doveadm altmove: Added -r parameter to move mails back to primary
storage.
- v2.0.14: Index reading could have eaten a lot of memory in some
situations
- doveadm index no longer affects future caching decisions
- mbox: Fixed crash during mail delivery when mailbox didn't yet have
GUID assigned to it.
- zlib+mbox: Fetching last message from compressed mailboxes crashed.
- lib-sql: Fixed load balancing and error
* [8ce5abc] Update pigeonhole to release 0.2.4
* [87658d2] Add dovecot-solr to dovecot-core's Suggests line.
* [f37a9ec] Enable solr full text search plugin. (LP: #620959)
* [cdd8b84] Build dovecot-common as architecture-all package.
* [af90444] Fix mail_plugin_dir default value in conf.d/10-mail.conf
(Closes: #624294)
* [61347cb] Bump debhelper build-depends to (>= 7.2.3~) because we use
dh_bugfiles.
* [4b757b6] Fix wrong configuration files path in sieve manpages.
[ Marco Nenciarini ]
* [a6896d6] Rename dovecot-common to dovecot-core. (Closes: #624835)
* [c36ca96] Manage protocols during package configuration and
deconfiguration phases.
* [599b55b] Update pigeonhole to release 0.2.3.
* [c654db0] Add a bug-script which will append doveconf -n output to bug
reports.
* [5270323] Add notes about upgrading from 1.2 to README.Debian.
(Closes: #635351)
* [5cd77a3] Add build-arch and build-indep target to debian/rules as
required by lintian.
* [be05d2a] Avoid ucf question when upgrading from squeeze and the only
difference in dovecot.conf is at the "protocols" line.
* [3c73782] Remove ucf backups during purge.
* [3ccf508] Make /etc/dovecot/*.ext readable by dovecot group members.
(Closes: #639005)
* [665bcc5] Use -c ${CONF} when calling doveconf to determine PIDBASE.
Thanks to Jonathan Hall (Closes: #627794)
* [325042c] Purge obsolete unmodified config files from /etc.
(Closes: #629397)
* [a9b9afb] Modified init script to report failures. (Closes: #629654)
* [d4622fd] Make dovecot-core suggesting all other packages containing
additional features.
* [50a947e] New upstream version 2.0.14: (Closes: #640143)
+ doveadm: Added support for running mail commands by proxying to
another doveadm server.
+ Added "doveadm proxy list" and "doveadm proxy kick" commands to
list/kick proxy connections (via a new "ipc" service).
+ Added "doveadm director move" to assign user from one server to
another, killing any existing connections.
+ Added "doveadm director ring status" command.
+ userdb extra fields can now return name+=value to append to an
existing name, e.g. "mail_plugins+= quota".
- script-login attempted an unnecessary config lookup, which usually
failed with "Permission denied".
- lmtp: Fixed parsing quoted strings with spaces as local-part for
MAIL FROM and RCPT TO.
- imap: FETCH BODY[HEADER.FIELDS (..)] may have crashed or not
returned all data sometimes.
- ldap: Fixed random assert-crashing with with sasl_bind=yes.
- Fixes to handling mail chroots
- Fixed renaming mailboxes under different parent with FS layout when
using separate ALT, INDEX or CONTROL paths.
- zlib: Fixed reading concatenated .gz files.
* [0297425] Use xz compression for dbg packages.
* [4464ccf] Support parallel builds in debian/rules
* [19667f0] Acknowledge NMU 1:2.0.13-1.1.
Thanks to Luk Claes
* Non-maintainer upload.
* Don't ship .la files (Closes: #621297).
[ Marco Nenciarini ]
* [8af9e4d] New upstream version 2.0.13:
+ Added "doveadm index" command to add unindexed messages into
index/cache. If full text search is enabled, it also adds unindexed
messages to the fts database.
+ added "doveadm director dump" command.
+ pop3: Added support for showing messages in "POP3 order", which can
be different from IMAP message order. This can be useful for
migrations from other servers. Implemented it for Maildir as 'O'
field in dovecot-uidlist.
- doveconf: Fixed a wrong "subsection has ssl=yes" warning.
- mdbox purge: Fixed wrong warning about corrupted extrefs.
- sdbox: INBOX GUID changed when INBOX was autocreated, leading to
trouble with dsync.
- script-login binary wasn't actually dropping privileges to the
user/group/chroot specified by its service settings.
- Fixed potential crashes and other problems when parsing header names
that contained NUL characters. (CVE-2011-1929)
(Closes: #627443)
[ Jaldhar H. Vyas ]
* [66cbb94] New upstream major release. Imported Upstream version 2.0.12
* [a48c7fd] Updated standards version
[ Marco Nenciarini ]
* [5c6b334] Updated watch file
* [0ba683e] Updated init script to new configuration scheme. (Closes: #593527)
* [8370be4] Fix upgrading from rename-it.nl packages
* [ae804e3] Update changelog
* [a4764a4] New upstream major release (Closes: #573889, #580929,
#597476, #603951, #606089, #606646, #606649, #608075, #612369, #610919)
* [461f667] Updated copyright and package descriptions. Thanks Stephan
Bosch.
* [7fbd92a] Drop all patches but drac support. Update pigeonhole to
release 0.2.1
* [05a5a1e] Update debian/rules to work with dovecot 2.0. Thanks
Stephan Bosch.
* [a36193e] Update debian/dovecot-common.{postinst,postrm} to handle
the new config file layout. Thanks Stephan Bosch.
* [3589afd] Remove debian/dovecot.1 manpage because is provided by
upstream.
* [f1703e1] Remove debian/dovecotpw.1 manpage as there is no dovecotpw
executable in dovecot 2.0. Same feature is provided through 'doveadm
pw' command.
* [e30283d] Remove expire-tool.sh wrapper as there is no expire-tool
in dovecot 2.0. Same feature is provided through 'doveadm expunge'
command.
* [3385061] Remove daily cron script and the related configuration
from the default file.
* [bec19a0] Update debian/dovecot-common.NEWS.Debian with upgrading
instructions
* [1e56f1c] Call dh_makeshlibs with --no-script option to avoid
{postinst,postrm}-has-useless-call-to-ldconfig lintian errors.
* [325f055] Disable numbers in patches (requires git-buildpackage >=0.5.13)
* [74d6ebe] Added debian/source/local-options with "unapply-patches".
* [0edef17] Set default protocols value as empty and enable each
protocol in its own configuration file in
/usr/share/dovecot/protocols.d (LP: #661453)
* [e88860c] Removed code about upgrading from pre-etch packages.
* [95c5d47] Removed obsolete Build-Conflict (Closes: #614053)
* [41dddf4] Move configurations for imapd and pop3d to the appropriate
packages. (Closes: #606648)
* [b8b66dc] Removed obsolete README.Debian and NEWS.Debian from
dovecot-pop3d and dovecot-imapd packages
* [0bda8ac] Added packages dovecot-lmtpd and dovecot-managesieved.
* [9a954f1] Build databases, ldap and gssapi support as plugins
* [1a3f323] Deregister obsolete configuration files from ucf in
dovecot-common postinst on upgrades.
* [fae4b76] Added packages dovecot-pgsql, dovecot-mysql, dovecot-sqlite,
dovecot-ldap, dovecot-gssapi and dovecot-sieve (Closes: #251433)
* [aa8983d] Imported Upstream version 2.0.11
* [096c373] Fix file overwrite error when upgrading from lenny
(Closes: #601980)
* [37b3220] Add --no-create-home to adduser invocation in dovecot-
common.postinst script (Closes: #601767)
* [b00b527] Fall back to `hostname` if `hostname -f` invocation fails
(Closes: #562780)
* [9102fec] Make self-generated certificates key length 2048 bits.
* [a0744a5] Switch vcs fields to git
* [d8a1bd4] Add debian/gbp.conf to make easy the usage of git-
buildpackage
* [c0dc21f] Warn that the generated SSL certificate will expire in 10
years instead of 365 days, as it's the lifetime of of self-generated
certificates since 1:1.2.13-1
* [6472d63] Switch to gbp-pq patch management.
* [bf2fc17] Upgraded sieve plugin to version 0.1.18
* [6b9809d] Upgraded managesieve plugin to version 0.11.12
* [d67cd17] Upgraded dovecot-managesieve.patch to version 0.11.12
[ Marco Nenciarini ]
* New upstream release (Closes: #587036,#597529)
* Updated policy version to 3.9.1.0 (no changes needed)
[ Jaldhar H. Vyas ]
* [SECURITY] Fixes two bugs with acls which could have allowed a user to
gain improper access or admin rights to shared mailboxes.
(Closes: #599521)
* Warn that the generated SSL certificate will expire in 365 days. Thanks
Phillip Weis. (Closes: #576455)
* Wherever the path to sendmail is given as /usr/lib/sendmail, change to
/usr/sbin/sendmail. (Closes: #570814,#595671)
[ Jaldhar H. Vyas ]
* dovecot-common: Upped expiration date of self-generated certificates to
10 years from 1 year. (Closes: #587371)
[ Marco Nenciarini ]
* New upstream release:
- Fixed iconv() crash when it was processing several kilobytes of
broken continuous input. This mainly could have caused a problem
with IMAP SEARCH. Possibly also with some Sieve checks.
- If MIME encoded-words contained line feeds, Dovecot logged
cache corruption errors.
- mbox: Renaming mailbox under newly created dir didn't move index
directory.
- mbox: When generating envelope to From_-line, don't append a second
@owndomain if username already has one.
* Updated policy version to 3.9.0.0 (no changes needed)
* New upstream release
* Upgraded sieve plugin to version 0.1.17
* Refreshed dovecot-managesieve.patch
* debian/patches/sieve-fix-imapflags.patch: Removed. Fixed upstream.
* New upstream release
* urgency set to high, because under particular circumstances you could
cause a DoS by sending a message with a huge header.
* sieve: Fix addflags command in deprecated imapflags extension
(Closes: #570058)
* Include a daily expire script with a setting in /etc/default/dovecot
to enable it. The new script is disabled by default as it requires
some configurations by the system administrator. Thanks to Hans Spaans
* Mark expire-tool.sh as a bash script
* Bump Standards-Version to 3.8.4, no changes needed
* New upstream release (Closes: #566796)
* Upgraded sieve plugin to version 0.1.15
* Upgraded managesieve plugin to version 0.11.11
* Upgraded dovecot-managesieve.patch to version 0.11.11
* Upgraded sieve plugin to version 0.1.14
* Upgraded managesieve plugin to version 0.11.10
* Upgraded dovecot-managesieve.patch to version 0.11.10
* debian/patches/dovecot-example.patch: Refreshed.
* Added expire-tool wrapper script (Closes: #565538)
* Added ${misc:Depends} to the dependencies of each binary package,
to make lintian happy (debhelper-but-no-misc-depends)
* New upstream release.
* debian/patches/gold-fix.patch: Removed. Fixed upstream.
* Moved libexec to lib corrections in dovecot-managesieve.patch and
dovecot-managesieve-dist.patch to dovecot-example.patch
* debian/patches/dovecot-mboxlocking.patch: Regenerated to avoid FTBFS
when quilt isn't installed.
* debian/patches/quota-mountpoint.patch: Removed. Not needed anymore.
* debian/patches/dovecot-quota.patch: Removed. Quotas aren't properly
enabled unless mail_plugins = quota imap_quota.
* debian/patches/gold-fix.patch: Fixed configure script to build even
with binutils-gold or --no-add-needed linker flag (Closes: #554306)
* debian/dovecot-common.init: fixed LSB headers. Thanks to Pascal Volk.
(Closes: #558040)
* debian/changelog: added CVE references to previous changelog entry.
* debian/rules: checked up the build system. It's not fragile anymore.
(Closes: 493803)
* debian/dovecot-common.postinst: Now invoking dpkg-reconfigure
on dovecot-common is enough to generate new certificates
if the previous ones were removed. (Closes: #545582)
* debian/rules: No longer install convert-tool in /usr/bin.
It isn't an user utility and it should stay in /usr/lib/dovecot
like all other similar tool.
[ Marco Nenciarini ]
* New upstream release. (Closes: #557601)
* [SECURITY] Fixes local information disclosure and denial of service.
(see: http://www.dovecot.org/list/dovecot-news/2009-November/000143.html
and CVE-2009-3897)
* Added myself to uploaders.
* Switched to the new source format "3.0 (quilt)":
- removed dpatch from build-depends
- removed debian/README.source because now we use only standard
dpkg features
- regenerated all patches
* Prepared to switch to multi-origin source:
- recreated dovecot-libsieve.patch and dovecot-managesieve-dist.patch
starting from the upstream tarball
- removed all autotools related build-depends and build-conflict
- renamed dovecot-libsieve and dovecot-managesieve directories
to libsieve and managesieve.
* debian/rules: Moved the configuration of libsieve and managesieve from
the build phase to the configuration phase
[ Jaldhar H. Vyas ]
* Added dovecot-dbg package with debugging symbols. Thanks Stephan Bosch.
(Closes: #554710)
* Fixed some stray libexec'isms in the default configuration.
* New upstream release.
* debian/dovecot-common.init:
- use $CONF when starting the daemon. (Closes: #549944)
- always output start/stop messages. (Closes: #523810)
* New upstream release.
* debian/patches/v1.2.5-exec-mail_fix.dpatch: removed, merged upstream.
* debian/dpatches/v1.2.5-exec-mail_fix.dpatch: added.
(Closes: #546694, #546695)
* debian/dovecot-common.dirs: removed /etc, /etc/ssl/{private,certs}, they
are handled by openssl; this should fix the piuparts test.
* New upstream release.
* debian/patches/dovecot-libsieve.dpatch: updated to 0.1.12.
(Closes: #539527)
* New upstream release. (Closes: #537186, #540058)
* Bumped Standards-Version to 3.8.3, no changes needed.
* debian/control: only suggests ntp. (Closes: #542152)
* debian/patches/dovecot-managesieve-dist.dpatch: updated to the 0.11.9
release. (Closes: #539527)
* debian/rules: dovecot should be started with sequence number 20.
(Closes: #543473)
* Er that should be fcntl not fnctl. (Closes: #539474, #539486)
* For the sake of completeness, fixed some errors in the example config file.
(They are in the !include statements which are commented out by default
so it is unlikely that most users will actually be affected.)
(Closes: #539391)
[Joel Johnson]
* New upstream version, updated ManageSieve patch
- fixes index corruption condition (Closes: #537388)
* Set default for mbox_write_locks to "fnctl dotlock" according to
Debian Policy (Closes: #537326)
* Set MySQL build dependency to use version-agnostic -dev package
* Drop postgres-configure patch, functionality included upstream
* Updated dovecot-libsieve to version 0.1.9
- fixes subaddress matching (Closes: #537386)
- check additional address-list headers (Closes: #537379)
[Jaldhar H. Vyas]
* Remove unneeded build-dependencies on byacc and flex now that we no longer
use cmusieve.
* Update to use default automake (Closes: #536880) now that current upstream
successfully builds with 1.10 (was previously a problem in bug 473754.
* Updated Standards-Verson to 3.8.2 (no action required)
* Remove ./var/run directories to fix lintian warnings.
* Updated dovecot-libsieve patch to version 0.1.8, removed autogen.sh,
tests, and doc/rfc
* Updated dovecot-managesieve patch to version 0.11.7
* Updated dovecot-managesieve-dist patch to Mercurial revision 12b9733ee8b0
(0.11.7+), removed lib-cmusieve, doc/rfs, autogen.sh
* Add additional upgrading note to README.Debian to clarify the ManageSieve
configuration changes needed - existing configurations break if not
updated! (Closes: #537158)
* Include the ChangeLog and README for sieve and ManageSieve
[ Joel Johnson ]
* New upstream release
* Update packaging for 1.2 release
- update SIEVE patch to use Dovecot rewrite (version 0.1.7,
removed RFCs and tests for a DFSG patch)
- update ManageSieve patch and software to hg revision 2c9b4b4ab6a8
(0.11.6+) for 1.2.1 support
+ removed lib-cmusieve since building against newer sieve
+ removed doc/rfc for DFSG compliance
+ removed autogen.sh since we run autotools during the build
- updated other misc patches
* New upstream release. (Closes: #531599)
* New upstream release; sorry, no time to include extra upstream patches
which are not released, feel free to submit them as dpatch files and I will
add them to the package. (Closes: #529923)
* debian/control: updated Standards-Version, no changes needed.
* debian/dovecot-common.init: patched to support ENABLED=0 in
/etc/default/dovecot, useful if dovecot is used as local-only IMAP server
through PREAUTH interface. (Closes: #524302)
* debian/dovecot-common.README.Debian: simplyfied, we only point the user to
wiki.dovecot.org; added a note about how to regenerate the SSL certificate.
(Closes: #528934)
* debian/dovecot-common.postrm: do not break if /etc/ssl/certs does not
exist. (Closes: #524865)
* debian/patches/dovecot-managesieve-dist: updated to 0.10.6.
* New upload, urgency set to high: the package in testing is broken.
* debian/dovecot-common.init: fixed a typo.
* debian/patches/dovecot-example.dpatch: fixed a few paths.
(Closes: #521544)
* New upstream release.
* This version fixes problems accessing mailboxes in some setups.
(Closes: #520310)
* New upstream release, it fixes some wrong defaults in the configuration
file. (Closes: #518631)
* debian/rules: add support for libdb. (Closes: #518630)
* debian/dovecot-common.postinst: create the dovecot certificate only at
install time. (Closes: #518738, #518598)
* debian/dovecot-common.init: fixed a typo from the last upload.
(Closes: #518504)
* debian/dovecot-common.init: applied patch from Håkon Stordahl to call
ntp-wait if available. (Closes: #517808)
* debian/dovecot-common.init: fixed a bug in the init script, adding a
missing slash in the PIDFILE path. (Closes: #516845)
* debian/dovecot-common.init: fixed a bug in the init script, sending the HUP
signal for reloading the configuration. (Closes: #512197)
* debian/dovecot-common.init: check if /etc/inetd.conf exists.
(Closes: #509259, #497148)
* debian/control: dovecot-common suggests ntp and ntpdate. (Closes: #511060)
* debian/dovecot-common.postinst: migration hook for default_mail_env =>
mail_location. (Closes: #517073)
* debian/dovecot.1: fixed the path of the configuration file.
(Closes: #501493)
* New upstream release, upload to unstable. (Closes: #507122)
* debian/patches/dovecot-quota.dpatch: fixed a bug in the imap quota plugin.
(Closes: #484677)
* debian/dovecot-common.init: added the status action, thanks Fladischer
Michael for the patch. (Closes: #509694)
* debian/dovecotpw.1: added manpage for dovecotpw, thanks Xavier Luthi for
the patch. (Closes: #504712)
[ Fabio Tranchitella ]
* debian/control: dovecot-common suggests ntp.
[ Joel Johnson ]
* New upstream release
* updated managesieve patch to apply against new version
* New upstream release.
* debian/control: added LDA to the description of dovecot-common.
* New upstream release
* Updated dovecot-ssh.patch for new release
* Updated MANAGESIEVE to 0.10.4
* Fix package to support double compilation
- Properly clean dovecot-managesieve as pointed out by Stephan Bosch
- Add --copy directive to automake invocation
* debian/control: added libbz2-dev to the Build-Depends to enable the bzip2
support. (Closes: #495129)
* Merged changes in the unstable package.
* debian/control: added replaces for the imap and pop modules from the
-common to the the -imap and -pop packages. (Closes: #493798)
* debian/rules: applied some of the suggestions from Matthias Kloses,
thanks! (Refs: #493803)
* New upstream release
* Trivial update to autocreate patch
[ Joel Johnson ]
* New upstream release (Closes: #487989)
* Updated policy version to 3.8.0.1 (no changes needed)
* Updated watch file to watch new release directory
* Actually install dovecot.8 since we have it
* Removed quota_v2 patch (was unreachable code): upstream now defaults
to quota v1 if _LINUX_QUOTA_VERSION is not defined
* Removed pam-error-information patch: included upstream
* Removed mbox_snarf patch: included upstream
* Removed full MANAGESIEVE patch (replaced with new 1.1 approach)
* Merged protocols_none_by_default patch into dovecot-example patch
* Updated drac patch to build against 1.1
* Updated autocreate patch with 1.1 version
* Updated dovecot-sieve to 1.1.5
* Added dovecot-managesieve patch against dovecot tree
* Added dovecot-managesieve source for building module
[ Fabio Tranchitella ]
* Added Joel Johnson to the uploaders; thanks for your work!
* debian/dovecot.1: added "This includes doing a syntax check" to the -a
option.
* debian/rules: now the package builds two times in a row without problems.
(Closes: #490201)
* New upstream release.
* debian/rules: clean the package before unpatching. (Closes: #490201)
* New upstream release.
* debian/patches/inbox_creation.dpatch: removed, merged upstream.
* debian/patches/allow_nets.dpatch: removed, merged upstream.
* debian/patches/inbox_creation.dpatch: added, use mail_privileged_group's
group when creating inboxes if the unprivileged user fails; upstream:
http://hg.dovecot.org/dovecot-1.0/rev/932768a879c6 (Closes: #471716)
* debian/patches/allow_nets.dpatch: added, allow_nets didn't work correctly
with big endian machines; patch from upstream, thanks Timo:
http://hg.dovecot.org/dovecot-1.0/rev/71c02fdf1b59
* debian/patches/dovecot-MANAGESIEVE-9.3.dpatch: updated managesieve to
version 9.3.
* debian/dovecot-common.README.Debian: added a note about how to configure
dovecot to log to file instead of using syslog.
* debian/dovecot.1: added a SIGNALS section. (Closes: #479059)
* dovecot-sieve: updated to the last hg release (5c3ba11994cb).
(Closes: #479104)
* debian/rules: do not install anymore the ldap and sql example
configuration files under /etc. (Closes: #472674)
* debian/dovecot-common.postinst: really chmod
/etc/dovecot/dovecot-{ldap,sql}.conf files to 0600.
* debian/devecot-common.init: do not start the service if dovecot.conf
doesn't exist. (Closes: #475888)
* debian/rules: use aclocal-1.9 instead of aclocal. (Closes: #473754)
* New upstream release, fixes a security issue:
http://www.dovecot.org/list/dovecot-news/2008-March/000064.html
* New upstream release. (Closes: #469457)
* debian/patches/dovecot-MANAGESIEVE-9.2.dpatch: updated, thanks to Marco
Nenciarini for the patch.
* debian/patches/autocreate.dpatch: added, thanks to Walter Reiner.
* debian/rules: use --with-ioloop=best instead of --with-ioloop=epoll, as
suggested by Timo. (Closes: #466296)
* debian/patches/dovecot-MANAGESIEVE-9.1.dpatch: added, thanks to Aleksey
Midenkov for providing a patch. (Closes: #416166)
* debian/dovecot-common.init: added $time to Should-Start. (Closes: #461543)
* debian/dovecot-common.postinst: do not add the dovecot user to the mail
group, it is not required by upstream. (Closes: #457123)
* debian/control: updated Standards-Version to 3.7.3, no changes required.
* debian/patches/mbox_snarf.dpatch: added, thanks to Bernd Kuhls.
(Closes: #462319)
* New upstream release, fixes a security bug.
* debian/patches/exec_check_for_none.dpatch: updated.
* New upstream release.
* debian/control: added the Vcs-Svn and Vcs-Browser fields.
* Provides a dovecot-dev package, thanks to Josh Triplett for providing a
patch. (Closes: #444812)
* New upstream release.
* debian/patches/unsupported-sasl-mech.dpatch: merged with upstream.
* debian/patches/dovecot-ssl.dpatch: provide mechanism to discover if ssl
client certificate is verified, patch from Stephen Gran. (Closes: #446555)
* debian/patches/pam-error-information.dpatch: fill auth information in pam
error, patch backported from upstream RCS. (Closes: #439246)
* debian/patches/unsupported-sasl-mech.dpatch: should use NO (not BAD) for
unsupported SASL mech, patch backported from upstream RCS. (Closes: #449324)
* debian/dovecot-common.postinst:
+ don't fail if dovecot-ldap.conf or dovecot-sql.conf are removed; thanks
to Mathias Gug. (Closes: #448401)
+ fix permissions of /var/run/dovecot and /var/run/dovecot/login.
(Closes: #446051)
* New upstream release.
* debian/rules: remove drac.so in the clean target. (Closes: #442548)
* debian/dovecot-common.init: implemented the reload action.
(Closes: #441032)
* Update protocoles option in configuration when installing/removing
-imapd/-pop3d packages. Thanks to Soren Hansen and Mathias Gug from
Ubuntu for providing a patch. (Closes: #447201)
* New upstream release.
* debian/dovecot-common.init: don't use the init script name to locate the
configuration file because it is not reliable. If you really want to start
multiple servers, just copy the init script and use the optional default
file to override the variables. (Closes: #437228)
* debian/rules: removed the --with-notify=inotify switch, it should be
detected automatically.
* New upstream release. (Closes: #434038, #432601)
* This release doesn't build dbox support out-of-the-box. (Closes: #431615)
* dovecot-sieve: updated to the last hg's tip. (Closes: #434079)
* debian/dovecot-*.README.Debian: don't call /etc/init.d scripts directly.
(Closes: #431991)
* debian/dovecot-common.init: updated with patches from Tom Metro, thanks!
(Closes: #426480, #422674)
* debian/dovecot-common.postinst: fixed a missing variable DOMAINNAME.
(Closes: #425917)
* debian/rules: moved the init script to the level 24, after the ntpdate
one. (Closes: #432723)
* debian/patches/00list: added dovecot-drac, again. (Closes: #353039)
* debian/rules: build with inotify and epoll support. (Closes: #419281)
* debian/dovecot.1: added a simple manpage for dovecot. (Closes: #426702)
* debian/copyright: added copyright exceptions as suggested by Timo.
* New upstream release, the final 1.0.0. Bumped epoch, because we used the
wrong version scheming in the past and I think it is worth to do so now
that 1.0.0 has been released.
* debian/watch: updated.
* Rebuilt with a new glibc in unstable, now we have inotify support.
(Closes: #395306)
* New upstream release.
* debian/dovecot-common.init: check if /etc/inetd.conf exists before
calling sed on it. (Closes: #417299)
* New upstream release.
*
* New upstream release.
* debian/rules: ship convert-tool in dovecot-common. (Closes: #416909)
* New upstream release.
* New upstream release.
* debian/dovecot-common.postinst: fixed a typo. (Closes: #414672)
* debian/control: depends on ucf (>= 2.0020). (Closes: #414032)
* debian/dovecot-common.postinst: handles better chmod/chown on package
upgrade. (Closes: #414257)
* debian/control:
+ dovecot-{imapd,pop3d}: depends on the same-source dovecot-common.
(Closes: #414032)
* debian/rules: fixed permission for dovecot.conf. (Closes: #413995)
* New upstream release.
* Add support for ucf, thanks to Vincent Danjean for providing a full patch.
(Closes: #413081)
* debian/dovecot-common.init: create /var/run directories at start-up time.
(Closes: #376143)
* New upstream release.
* New upstream release.
* New upstream release.
* debian/patches/documentation.dpatch, debian/patches/xfs_quotas.dpatch:
removed, applied upstream.
* debian/watch: added.
* New upstream release.
* New upstream release.
* New upstream release.
* dovecot-sieve: updated to cvs version 1.0.1.
* debian/README.Debian: updated for the new setting mail_location, which
substitutes the old default_mail_env. (Closes: #408025)
* New upstream release.
* New upstream release.
* Updated dovecot-sieve from CVS.
* debian/dovecot-common.README.Debian: updated details about raw logging;
thanks Chris Moore for providing a patch. (Closes: #400689)
* debian/patches/dovecot-example.dpatch: added a missing slash for an
absolute path. (Closes: #400830)
* debian/patches/dovecotpw.dpatch: applied patched to fix argument parsing
on some architectures. (Closes: #402075)
* New upstream release.
* Fixes a security bug: Off-by-one buffer overflow with mmap_disable=yes.
(See: http://www.dovecot.org/list/dovecot-news/2006-November/000023.html)
* New upstream release.
* New upstream release.
* debian/rules:
+ preserve upstream config.guess and config.sub. (Closes: #397404)
+ really clean dovecot-sieve/src on clean target. (Closes: #397407)
* debian/control: added build-conflict with automake1.4. (Closes: #397409)
* dovecot-sieve/src/Makefile.am: move sieve plug-ins under
usr/lib/dovecot/lda/modules; thanks to Chris Vanden Berghe for pointing
this out.
* New upstream release.
* debian/rules: fixed two typos in the configure call. (Closes: #395016)
* Included dovecot-sieve plug-in from CVS. (Closes: #394885)
* Urgency medium: we are near the freeze, and this release must be part
of etch.
* debian/patches/dovecot-example.dpatch: commented out a close brace.
(Closes: #394785)
* New upstream release. (Closes: #393004)
* debian/patches/dovecot-example.dpatch:
+ added specific comments to the mail_extra_groups option.
(Closes: #383453)
+ removed duplicated LDA section. (Closes: #391632)
* debian/dovecot.8: fixed a layout error. (Closes: #393080)
* debian/dovecot-common.init: added LSB headers.
* Switched to the upstream dovecot deliver (LDA).
* debian/patches/quota_v2.dpatch: added, thanks to Jonas Smedegaard.
(Closes: #377563)
* New upstream release. (Closes: #377840, #385101)
* debian/patches/dovecot-example.dpatch: set a default value for
pop3_uidl_format. (Closes: #383883)
* New upstream release:
+ Fixed imap segfaults on small mbox files (2 bytes). (Closes: #377840)
+ Fixed a known bug in dovecot's IDLE handler. (Closes: #351828)
+ Added support for quota2. (Closes: #377563)
* debian/control: converted build-depends on linux-kernel-headers to
build-conflicts to help the GNU/kFreeBSD port. (Closes: #377479)
* debian/control: changed maintainer to "Dovecot Maintainers"; no changes
to the email addresses.
* patched the quota plugin to fix a missing symbol (Closes: #377018)
* New upstream release
* Update dovecot-lda to the latest version (05132006)
* IPv6 with SSL/TLS should work now. (Closes: #374783)
* go back to using poll instead of epoll. (Closes: #376222)
* New upstream release.
* Add a build-dependency on linux-kernel-headers for the xfs quotas
stuff. Make it higher than the version in sarge because sarges xfs
includes are too old. If any knowledgeable person would like to
give me a patch for this, please do. (Closes: #374793)
* New upstream release
* Added XFS quota support. Thanks Pawel Jarosz <pj@rsi.pl>
(Closes: #373936)
* Unfortunately, the patch in the last version broke the mysql module.
Fixed thanks to Martin Pitt. (Closes: #369359, #373227)
* [SECURITY] SQL injection could occur in the postgresql module with
certain client character encodings. (See CVE-2006-2314)
Used the patch from upstream and Martin Pitt <martin.pitt@ubuntu.com>.
Thanks Martin. (Closes: #369359)
* Don't chown/chmod ssl certificate unless we created it.
(Closes: #364766)
* Upstream fixed the crash if passwd-file had entries without passwords.
(Closes: #361536)
* fixed up the last versions changelog to better describe the security
problem which was fixed there.
* New upstream release.
* [SECURITY] Fixes a directory traversal vulnerability.
(see: http://www.dovecot.org/list/dovecot-news/2006-May/000006.html
and CVE-2006-2414)
* Set urgency to high: this version fixes a security bug
* Standards-Version: 3.7.2, no changes needed.
* New upstream version.
* Added sqlite support.
* New upstream version. Also updated dovecot-lda from CVS.
* debian/control. Added build-depends on flex to prevent FTBS.
* Compile against the newer mysql library. (Closes: #356729)
[Fabio Tranchitella]
* debian/control: added build-depends on byacc.
* debian/rules: removed --with-vpopmail option, because libvpopmail-dev
is in contrib and we don't wanto to have dovecot build-depends on it.
* debian/patches/dovecot-example.dpatch: added two small commented
block of configuration for dovecot-lda.
[Fabio Tranchitella]
* New upstream release, which fixes two security related bugs.
CVE-2006-0730 (Closes: #353341)
* Included dovecot-lda (ver. 20060209). (Closes: #353307, #347348, #333962)
[ Jaldhar H. Vyas ]
* Removed the code for upgrading impad.pem. This might bite if you if
you try and upgrade a woody version of dovecot to this one. So
don't do that. (Closes: #337715)
* dovecot-imapd,dovecot-pop3d: depend on dovecot-common >= 1.0beta3-1
as the way SSL parameters are generated has changed. (Closes: #353404)
[Fabio Tranchitella]
* New upstream release.
* debian/rules: compile with vpopmail support. (Closes: #347838)
* debian/patches: removed zlib patch (merged with upstream).
[Fabio Tranchitella]
* New upstream release.
* Compile dovecot with Kerberos support. (Closes: #338384)
* Fixed a small typo in mbox specification. (Closes: #339789)
* Added man page for maildirmake.dovecot, thanks to Henry Precheur.
(Closes: #340498)
* Use /usr/lib/dovecot/modules as basedir for dynamic modules.
Upstream suggests /usr/lib/dovecot, but we already use it as
libexec directory.
[Jaldhar H. Vyas]
* New upstream version.
* Made sure the default dovecot.conf includes mail_extra_groups=mail
(Closes: #336476) somehow this edit got lost at some point.
* use ISO8601 date format as default value for log_timestamp in
/etc/dovecot/dovecot.conf (Closes: #333059)
* stop shipping {arch} directories in source (Closes: #334646)
* Include plugin for compressed mboxen (Closes: #332384)
* updated NEWS.Debian to warn users that the dovecot.conf syntax has
changed (Closes: #334209)
* Remember, remember, the 5th of November.
[Jaldhar H. Vyas]
* dovecot-common: When creating the dovecot user in the postinst,
the --ingroup option to adduser to add dovecot to group
mail isn't used anymore.
(Closes: #330960, #331106)
* commented out userdb passdb from default configuration. Most
people won't need that. (Closes: #330978)
[ Fabio Tranchitella ]
* New upstream release (dovecot-1.0.alpha.3)
* debian/patches/ipv6_v6only.dpatch: removed, upstream accepted it.
* debian/dovecot-common.postinst: removed bashisms.
* debian/dovecot-common.postinst: add dovecot user to group mail.
(Closes: #323921)
* debian/control: removed conflicts with imap-server and pop3-server,
added replaces instead. (Closes: #324480)
[ Jaldhar H. Vyas ]
* No longer crashes when using LDAP as userdb/passdb (Closes: #320388)
* Fabio Tranchitella <kobold@debian.org>
+ debian/control: dovecot-common has to depend on adduser.
+ debian/patches/documentation.dpatch: some cosmetic fixes about mysql
backend.
* Jaldhar H. Vyas <jaldhar@debian.org>
+ debian/control: tighten dovecot-imapd and dovecot-pop3d's dependency on
dovecot-common (Closes: #319465)
+ debian/patches/dovecot-example.dpatch: some more fixes to default
configuration. (Closes: #319413, #319941)
* Fabio Tranchitella <kobold@debian.org>
+ New upstream version (dovecot-stable, last update 20050712).
(Closes: #312893)
+ debian/control: Standards-Version: 3.6.2 (no changes needed).
+ debian/patches/dovecot-sql.dpatch: use the right path for mysql socket.
(Closes: #298874)
* Jaldhar H. Vyas <jaldhar@debian.org>
+ Removed dovecot package as it was just a woody->sarge transitional
pseudo-package.
+ Apply patch to debian/dovecot-common.init to help when manually
starting dovecot. Thanks Roland Stigge. (Closes: #309679)
+ Apply patch to src/lib/network.c to support IPV6_V6ONLY. Thanks
Marco D'Itri. (Closes: #308652)
+ depend on the latest postgresql library.
* New upstream version.
* dovecot-common: another postinst regexp fix for SSL cert/key files.
(Closes: #294989)
* dovecot-common: sigh another init script fix. Hopefully we now
fully deal with dovecot being run from inetd. Thanks again to Magnus
Holmgren. (Closes: #293348)
* High again so -5 doesn't get into sarge.
* dovecot-common: typo in postinst resulted in incorrect generation of
keys for first-time installers. Hence urgency high.
* dovecot-common: In init script, make extra check to make sure an
IMAP or POP3 server called from inetd is dovecot and not some other
random inferior product. (Closes: #293348)
* build depend on libmysqlclient12
* dovecot-common: Allow STARTTLS to work when dovecot is run from inetd
Thanks Magnus Holmgren (Closes: #290985)
* dovecot-common: let init script exit if dovecot is being run from inetd
Thanks Magnus Holmgren (Closes: #292195)
* dovecot-common: fix a number of problems in postinst
+ fails if /etc/ssl/certs or /etc/ssl/private doesn't exist
+ certs cannot be generated and upgrade fails if openssl is not
configured. Fail more gracefully if this is the case.
+ read the name and path for the cert from dovecot.conf instead of
hardcoding it.
Thanks Frederic Pauget (Closes: #292344)
* Oops -2 had to be urgency=high so -1 doesn't get into sarge.
* dovecot-imapd, dovecot-pop3d: It occurred to me that the effects of
fixing #288391 will cause confusion in the minds of new installers so I
should add a warning in README.Debian and NEWS.Debian in a vain
effort to stave off swarms of bug reports. (Vain, because no one
actually reads documentation anyway.)
* New upstream version.
* dovecot-imapd, dovecot-pop3d: No longer mess with dovecot.conf in postinst
(Closes: #288391)
* urgency high due to #288391 being a release-critical bug.
* New upstream version. (Yes I know 0.99.13 is just around the corner.)
* SASL is re-enabled so this bug ("Dovecot seems not to require SASL")
is no longer valid (Closes: #272093)
* Configuration files moved to /etc/dovecot (Closes: #276183)
* Permissions on /var/run/dovecot and /var/run/dovecot/login no longer
give warnings. (Closes: #283996)
* SSL certificate is world readable (Closes: #277114).
* Thanks to Jan Buren, much extra documentation has been added to
/usr/share/doc/dovecot-common/README.Debian
* Lintian overrides added.
* Happy new year to all you Gregorians
* applied dovecot-large-header-fix patch to prevent 100% CPU
utilization when dealing with really large headers.
(Closes: #271458)
* Eliminated duplicate stanza in dovecot.conf (Closes: #270181)
* Reapplied CRAM-MD5 patch.
* New upstream release.
* patch to give bug reporting address in configure.ac.
Thanks Matthias Andree.
* screw mipsel.
* Added PAM_RHOST patch. Thanks Dean Gaudet. (Closes: #264712)
* Added CRAM-MD5 patch. Thanks Joshua Goodall.
* Added unexpected EOF patch from Timo.
* New upstream release.
* New upstream release.
* New upstream release.
* Patched so dovecot follows symlinks to directories again.
(Closes: #256061)
* Changed the priority of init script so it is run after postgresql
(Closes: #256068)
* I needed to enable one more parameter in the configuration in order
to get dot-locking working. Hence this should still be high urgency.
(Really Closes: #185335)
* New upstream version.
+ finally fixes dot-locking so I think it deserves high priority for
sarge. (Closes: #185335)
* dovecot: fixed a typo in description (Closes: #254415)
* dovecot-common: man page for dovecot added. Thanks Kai Hendry.
(Closes: #253482)
* Crap, typo in dovecot-common.postinst sorry. This should only
affect new installs though.
* SECURITY: set permissions on config files to 0600 to prevent
disclosure of sensitive information to local users. (Closes: #253760)
* SECURITY: Tightened permissions on generated SSL certificate.
(Closes: #253833)
* Made a note that dovecot-openssl.conf is not needed on Debian
because we generate a certificate in dovecot-commons' postinst.
(Closes: #253774)
* Added maildir-autocreate patch.
* Added maildir-stat patch.
* New upstream version.
* Enabled mysql support.
* Switched to using openssl as dovecot segfaults with gnutls7 and is
not compatible with gnutls10 (Closes: #244570)
* Added a patch to src/auth/db-pgsql.c from Zsolt VARGA.
* dovecot-common: Fix postinst to no longer delete /etc/pam.d/imap
(Closes: #232832)
* dovecot-common: now replaces: dovecot for smoother upgrades.
(Closes: #223666)
* New upstream version
+ This fixes the corruption of .subscriptions files with folders in
maildir format. (Closes: #222272)
* Some extra information included in dovecot-common.README.Debian.
(Closes: #221106) There should probably be more so if you have ideas
let me know.
* New upstream version.
* Build depend on gnutls 7 instead of 5 (Closes: #219523)
* maildirmake.dovecot will now let you create maildirs whose names
have spaces in them and chown them to a specified user. Thanks Paul
Slootman (Closes: #219168)
* Don't use SASL2 as upstream says the support is broken.
* Patched so suid works on 2.6 kernels. Thanks Peter Gervai.
(Closes: #211420)
* Yet another init script fix. It should be ok now. Thanks once again
to Alexis Iglauer.
* fix some errors in init script (closes: #207464)
Thanks to Adam Lackorzynski and Alexis Iglauer.
* dovecot-pop3d, dovecot-imapd: make sure init script doesn't
attempt to start the daemons if unconfigured thus preventing
segfault on startup. (Closes: #206992, #207140)
* Updated PAM configuration to the new scheme and added appropriate
dependency.
* dovecot-pop3d: Patch for proper PAM service name.
* dovecot-imapd, dovecot-pop3d: Make sure there is an appropriate
entry in the protocol = line in /etc/dovecot.conf so the service
will start up without errors. (Closes: #204213)
* Non-maintainer upload at request of maintainer.
* Fix segfault on alpha caused by time_t size. Closes: #203892.
* Fix segfault when user's home directory is left empty.
* corrected paths to example and configuration files in sample config
(Closes: #199740)
* Added postgresql support.
* New upstream release.
* PAM service name has changed to dovecot (for IMAP and POP3.) I've included
code to move /etc/pam.d/imap to /etc/pam.d/dovecot but if things suddenly
stop working, this is the first thing to check.
* New upstream release. Fixes broken imaps support.
* Typo in configure options that broke LDAP support on woody corrected.
* Only start /usr/sbin/dovecot if either the IMAP or POP3 servers are
installed. (Closes: #192066)
* New upstream release.
* New upstream release.
* The IMAP and POP3 servers have been split into separate package so you
don't have to install both. There is also a dovecot-common package
for the parts they share. The dovecot package is now a dummy just for
transitioning to this new scheme. (Closes: #187826)
* Allow chmod in maildirmake.dovecot to fail gracefully (Closes: #191244)
* Added a build-depends on libsasl-dev (Closes: #187516)
* Enabled pop3 service. However it is still turned off in the config file by
default so as to not surprise anyone who thought they only had an IMAP
server.
* Consequently, changed "IMAP server" in descriptions etc. to "mail server".
* only skip key generation if both /etc/ssl/certs/dovecot.pem and
/etc/ssl/private/dovecot.pem exist. (Closes: #187638)
* post-0.99.8.1 patch: Fix renaming subfolders with maildir.
* post-0.99.8.1 patch: Fix other maildir subfolder problems.
* post-0.99.8.1 patch: Fix partial body fetches.
* post-0.99.8.1 patch: Fix using LITERAL+APPEND.
* Fixed bashism and perlism(!) in maildirmake.dovecot. Thanks Clint
Adams. (Closes: #185768)
* Enabled LDAP support. The configuration is in /etc/dovecot-ldap.conf
but is commented out.
* Happy new year to all Debian users still on the Julian calendar.
* Make a separate check for /etc/ssl/private/imapd.pem in case we don't
have it. (Closes: #185334)
* Move check for dovecot user and creation code to postinsts' configure
phase. (Closes: #185333)
* new upstream release. (Closes: #184131) Does not include the POP3
server or LDAP and SASL support for now so we can get into the archive
quickly. Fixes segfaults in imap-master (Closes: #184231) Fixes
faulty mail autodetection presets (Closes: #179625)
* Fixed location of handlers. (Closes: #179273)
* doh pam file should be called imap not dovecot (Closes: #179180)
* Added two upstream patches to fix broken plain authentication and
building with vpopmail support (which is not enabled in the Debian
package yet.)
* New upstream release.
* Syslog no longer fills up with entries when dovecot is misconfigured.
(Closes: #175507)
* startup is logged now. shutdowns were already logged. (Closes: #175509)
* dovecot will not remove your SSL certificates now. (Closes: #175282)
* New upstream release.
* Includes patch which stops dovecot from dying on alpha (Closes: #175577)
* New upstream release with many fixes and improvements.
* Initial Release.