dovecot security update (5.1) breaks mysql
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
dovecot (Ubuntu) |
Fix Released
|
High
|
Martin Pitt |
Bug Description
Binary package hint: dovecot
I am running two servers, one with 1.0.beta3-3ubuntu5 (which works) and a new one I was just setting up today with 1.0.beta3-
Below is my configuration (dumbed down, i usually have far more complex queries but these break it just the same):
user_query = SELECT '/srv/mail/
password_query = SELECT '<email address hidden>' as user, 'something' as password, '/srv/mail/
It's also worth noting a combined userdb/passdb query has the same effect:
password_query = SELECT '<email address hidden>' as user, 'something' as password, '/srv/mail/
And the following on dovecot.conf:
passdb sql {
# Path for SQL configuration file, see /etc/dovecot/
# example
args = /etc/dovecot/
}
When testing with a non-combined passdb, this was duplicated for userdb
I've done a fair bit of stracing and what not, I can't really figure out whats causing it other than in the logs you get this, it shows it connecting then dying:
Jun 13 23:40:49 gaz dovecot: auth(default): client in: AUTH^I1^
Jun 13 23:40:49 gaz dovecot: child 18673 (auth-worker) killed with signal 11
Jun 13 23:40:51 gaz dovecot: auth(default): client out: FAIL^I1^<email address hidden>^Itemp
Jun 13 23:40:53 gaz dovecot: pop3-login: Disconnected: user=<email address hidden>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured
mysql logs show this:
060613 23:33:08 171 Connect dovecot@gaz-nfs on conventia_
(and thats all, everytime, nothing else)
If I downgrade the 5.1 machien to 5.0, it instantly works, just as the other 5.0 machine does, upgrade, breaks again,.
Bumping to high and assigning to pitti at his request