[Dovecot-news] v2.2.30 release candidate released

Timo Sirainen tss at iki.fi
Wed May 24 17:59:40 EEST 2017


There are a couple of changes still coming, but now would be a good time to make sure anything unexpected hasn't broken. The final release should be out early next week.

 * auth: Use timing safe comparisons for everything related to
   passwords. It's unlikely that these could have been used for
   practical attacks, especially because Dovecot delays and flushes all
   failed authentications in 2 second intervals. Also it could have
   worked only when passwords were stored in plaintext in the passdb.
 * master process sends SIGQUIT to all running children at shutdown,
   which instructs them to close all the socket listeners immediately.
   This way restarting Dovecot should no longer fail due to some
   processes keeping the listeners open for a long time.

 + auth: Add passdb { mechanisms=none } to match separate passdb lookup
 + auth: Add passdb { username_filter } to use passdb only if user
   matches the filter. See https://wiki2.dovecot.org/PasswordDatabase
 + dsync: Add dsync_commit_msgs_interval setting. It attempts to commit
   the transaction after saving this many new messages. Because of the
   way dsync works, it may not always be possible if mails are copied
   or UIDs need to change.
 + imapc: Support imapc_features=search without ESEARCH extension.
 + imapc: Add imapc_features=fetch-bodystructure to pass through remote
 + imapc: Add quota=imapc backend to use GETQUOTA/GETQUOTAROOT on the
   remote server.
 + passdb imap: Add allow_invalid_cert and ssl_ca_file parameters.
 + If dovecot.index.cache corruption is detected, reset only the one
   corrupted mail instead of the whole file.
 + doveadm mailbox status: Add "firstsaved" field.
 + director_flush_socket: Add old host's up/down and vhost count as parameters
 - More fixes to automatically fix corruption in dovecot.list.index
 - dsync-server: Fix support for dsync_features=empty-header-workaround
 - imapc: Various bugfixes, including infinite loops on some errors
 - fts-lucene: Fix it to work again with mbox format
 - vpopmail: Fix compiling

