Ubuntu
dovecot package

dovecot lmtp crash with sieve

Bug #1710808 reported by Petri Mäenpää
10
This bug affects 2 people
Affects Status Importance Assigned to Milestone
dovecot (Ubuntu)
Invalid
Undecided
Unassigned
Xenial
Confirmed
Undecided
Unassigned

Bug Description

dovecot 1:2.2.22-1ubuntu2.4 on xenial contains a bug described in this thread:

https://dovecot.org/list/dovecot/2016-March/103654.html

It seems to be fixed on Dovecot 2.2.23:

https://www.dovecot.org/doc/NEWS

v2.2.23 2016-03-30 Timo Sirainen <email address hidden>
        ......
 - Fixed assert-crash related to istream-concat, which could have
   been triggered at least by a Sieve script.

Is is possible to upgrade the package on xenial?

Petri

Revision history for this message
Joshua Powers (powersj) wrote :

Given zesty and newer has 2.2.27, marking invalid for development release, adding target for Xenial.

Changed in dovecot (Ubuntu):
status: New → Invalid
Revision history for this message
Joshua Powers (powersj) wrote :

Thanks for filing the bug and providing a link to a couple of patches.

If you need a fix for an existing stable release, please read the SRU page:
https://wiki.ubuntu.com/StableReleaseUpdates#When then complete steps 1
through 4 of https://wiki.ubuntu.com/StableReleaseUpdates#Procedure

Note that that SRU team would need to make a final decision on accepting
an SRU.

Revision history for this message
Petri Mäenpää (petrijm) wrote :

I'm still weighing my options and may go with the PPA dovecot. I'm not able to evaluate the regression potential for the fix. For reference, here are my findings:

Bug may cause direct loss of user data. If user has active sieve-script with both vacation extension and keep action (implicit or explicit), the keep action part will lead LMTP delivery to crash:

Aug 17 13:41:38 XXXX dovecot: lmtp(XXXXX): Fatal: master: service(lmtp): child 10177 killed with signal 11 (core dumped)

Local (keep) copy will not be delivered. If sieve script has redirect-action, that'll work.

Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in dovecot (Ubuntu Xenial):
status: New → Confirmed
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Related questions

Remote bug watches

Bug watches keep track of this bug in other bug trackers.