[FFe] Please upgrade dovecot to version 2.0.19

Bug #970782 reported by Nicolas DERIVE on 2012-04-01
12
This bug affects 1 person
Affects Status Importance Assigned to Milestone
dovecot (Ubuntu)
Medium
Unassigned
Precise
Medium
Unassigned

Bug Description

Rationale:

Upstream have release quite a few bug fixes since 2.0.15 including:

 mbox: Fixed accessing Dovecot v1.x mbox index files without errors.

Which is pertinent to deployments upgrading from LTS -> LTS as lucid has dovecot 1.2.x

See original bug report for details of upstream changes.

Build logs:
See attached

Testing:

I've tested the following scenarios using mail-stack-delivery (or dovecot-postfix as it was know in lucid):

 Upgrade from Lucid to Precise (plus this upgraded package): OK
 Fresh install on Precise: OK
 Upgrade from 2.0.15 to 2.0.19 on Precise: OK

In each test case I validated that I was able to send messages using POP3 and retrieve the contents on the mailbox using IMAP.

Original Bug Report:

Hi, I think it would be great to have latest Debian testing release of dovecot (if not the last upstream one, which is 2.0.18), because of important bug fixes:

Last upstream release only :

v2.0.19 2012-03-15 Timo Sirainen <email address hidden>

 - IMAP: ENABLE CONDSTORE/QRESYNC + STATUS for a mailbox might not
   have seen latest external changes to it, like new mails.
 - imap_id_* settings were ignored before login.
 - doveadm altmove did too much work sometimes, retrying moves
   it had already done.
 - mbox: Fixed accessing Dovecot v1.x mbox index files without errors.

Last Debian testing release:

v2.0.18 2012-02-12 Timo Sirainen <email address hidden>

 + DIGEST-MD5 authentication supports authorization id now.
   Patch by Yubao Liu
 + Added instance_name setting which is used to prefix Dovecot
   processes in ps output.
 - LDA/LMTP: Sending a large mail via submission_host or via LMTP proxy
   may have caused a hang.
 - Fixed dbox + mail_attachment_dir + zlib problems.
 - Login processes weren't logging all intended messages with
   auth_verbose=yes
 - IMAP: THREAD REFS sometimes returned invalid (0) nodes.
 - IMAP: CONTEXT search return option wasn't handled at all.
 - dbox: Various error handling fixes.
 - snarf plugin: Keep the mailbox locked during snarfing to avoid
   duplicates.

v2.0.17 2012-01-06 Timo Sirainen <email address hidden>

 + Proxying now supports sending SSL client certificate to server with
   ssl_client_cert/key settings.
 + doveadm dump: Added support for dumping dbox headers/metadata.
 - Fixed memory leaks in login processes with SSL connections
 - vpopmail support was broken in v2.0.16

v2.0.16 2011-11-17 Timo Sirainen <email address hidden>

 * VSZ limits weren't being enforced for any processes. On server with
   large mailboxes you may now see errors about it if the limits aren't
   high enough. To fix them, either increase individual service {
   vsz_limit } values or simply increase the default_vsz_limit setting.
 * Proxying: If using ssl=yes or starttls=yes with a hostname (not IP)
   as proxy destination, require that the certificate matches the given
   hostname.
 * LMTP: Changed default client_limit to 1. This should improve LMTP
   throughput with default settings.
 * dsync: Quota is no longer enforced (i.e. dsync can't fail because
   user is over quota).

 + Added "auto" mail storage driver, which can be used to autodetect
   mailbox location and format. This behavior is already the default
   for empty mail_location setting, so this change is mainly useful for
   shared namespace's location setting.
 + checkpassword: Export all auth %variables to AUTH_* environment.

We have two choices: Import latest upstream release (with latest fixes) or latest Debian release. But in both cases, we should resynchronise pigeonhole patches with Debian in order to have latest pigeonhole fixes too.

ProblemType: Bug
DistroRelease: Ubuntu 12.04
Package: dovecot-imapd (not installed)
ProcVersionSignature: Ubuntu 3.2.0-21.34-generic-pae 3.2.13
Uname: Linux 3.2.0-21-generic-pae i686
NonfreeKernelModules: nvidia
ApportVersion: 2.0-0ubuntu2
Architecture: i386
CheckboxSubmission: c4273c0f4f2b8d26cd6bf31cadfd2912
CheckboxSystem: a871981cb5bdf4d6ebd55be46becf77e
Date: Sun Apr 1 14:20:58 2012
EcryptfsInUse: Yes
ProcEnviron:
 SHELL=/bin/bash
 TERM=xterm
 LANG=fr_FR.UTF-8
 LANGUAGE=fr_FR:en
SourcePackage: dovecot
UpgradeStatus: Upgraded to precise on 2008-10-18 (1260 days ago)

James Page (james-page) on 2012-04-02
Changed in dovecot (Ubuntu):
importance: Undecided → Wishlist
James Page (james-page) on 2012-04-04
Changed in dovecot (Ubuntu Precise):
milestone: none → ubuntu-12.04
James Page (james-page) on 2012-04-04
Changed in dovecot (Ubuntu Precise):
importance: Wishlist → Medium
James Page (james-page) on 2012-04-04
summary: - Please merge new upstream dovecot version 2.0.18-1
+ [FFe] Please upgrade dovecot to version 2.0.19
description: updated
James Page (james-page) wrote :
description: updated
Dave Walker (davewalker) wrote :

FFe ACK, thanks for your work on this James.

Please upload.

Changed in dovecot (Ubuntu Precise):
status: New → Triaged
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package dovecot - 1:2.0.19-0ubuntu1

---------------
dovecot (1:2.0.19-0ubuntu1) precise; urgency=low

  * New upstream release (LP: #970782).
  * Merge from Debian testing, remaining changes:
    + Add mail-stack-delivery package:
      - Update d/rules
      - d/control: convert existing dovecot-postfix package to a dummy
        package and add new mail-stack-delivery package.
      - Update maintainer scripts.
      - Rename d/dovecot-postfix.* to debian/mail-stack-delivery.*
      - d/mail-stack-delivery.preinst: Move previously installed backups and
        config files to a new package namespace.
      - d/mail-stack-delivery.prerm: Added to handle downgrades.
    + Use Snakeoil SSL certificates by default:
      - d/control: Depend on ssl-cert.
      - d/dovecot-core.postinst: Relax grep for SSL_* a bit.
    + Add autopkgtest to debian/tests/*.
    + Add ufw integration:
      - d/dovecot-core.ufw.profile: new ufw profile.
      - d/rules: install profile in dovecot-core.
      - d/control: dovecot-core - suggest ufw.
    + d/{control,rules}: enable PIE hardening.
    + d/dovecot-core.dirs: Added usr/share/doc/dovecot-core
    + Add apport hook:
      - d/rules, d/source_dovecot.py
    + Add upstart job:
      - d/rules, d/dovecot-core.dovecot.upstart, d/control,
        d/dovecot-core.dirs, dovecot-imapd.{postrm, postinst, prerm},
        d/dovecot-pop3d.{postinst, postrm, prerm}.
        d/mail-stack-deliver.postinst:
        Convert init script to upstart.
    + d/patches/fix-racey-restart.patch: Backported patch from current
      development release which ensures all child processes terminate prior
      to the main dovecot process.
    + debian/patches/CVE-2011-4318.patch: Dropped - applied upstream
    + d/control: Added Pre-Depends: dpkg (>= 1.15.6) to dovecot-dbg to support
      xz compression in Ubuntu.
    + d/control: Demote dovecot-common Recommends: to Suggests: to prevent
      install of extra packages on upgrade.
  * d/patches/dovecot-drac.patch: Updated with version for dovecot >= 2.0.0.

dovecot (1:2.0.18-1) unstable; urgency=low

  * [85ae320] Imported Upstream version 2.0.18
  * [9cfd1da] Upped standards version to 3.9.3
  * [afb4164] Patch to dovecot-core/postinst so that permissions of symlinked
    certificates aren't modified. (Closes: #646508)
    Thanks Michael Kuhn.
  * [bf642ee] Patch to enable hardened build flags. (Closes: #653530)
    Thanks Moritz Muehlenhoff.
  * [00b0d0c] Updated pigeonhole to 0.2.6
 -- James Page <email address hidden> Wed, 04 Apr 2012 14:56:38 +0100

Changed in dovecot (Ubuntu Precise):
status: Triaged → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers