From install-upgrade:
Upgrading from 2.4.15
* The tools/rehash utility has been fixed, we recommend ALL sites
with the fulldirhash option enabled to run tools/rehash on their
mailspools.
From install-upgrade:
Upgrading from 2.4.14
* We recommend that ALL sites with fulldirhash enabled run
tools/rehash on their mail spools after upgrading from 2.4.14.
There were serious 32 vs 64 bit hashing bugs which were made worse
with 2.4.14. NOTE: the syntax of tools/rehash has changed. Run it
without arguments to see a usage statement.
Upgrading from 2.3.8
* The default value of the allowplaintext option has been changed to
disabled (0). If you need to allow cleartext passwords on the wire,
then you will have to explicitly enable the allowplaintext option
in imapd.conf.
Security: Fix possible single byte overflow in mailbox handling code.
Security: Fix possible single byte overflows in the imapd annotate
extension.
Security: Fix stack buffer overflows in fetchnews (exploitable by
peer news server), backend (exploitable by admin), and in
imapd (exploitable by users though only on platforms where
a filename may be larger than a mailbox name).
* Change ACLs correctly when renaming a user
* Do not abandon std{in,out,err} file descriptors; syslog assumes it
can use stderr if syslogd isn't running.
* Clean up imap magic plus to avoid buffer overrun (CAN-2004-1011)
* Fix lack of bounds checking in PARTIAL and FETCH (CAN-2004-1012,
CAN-2004-1013)
* Do not attempt to reuse a freed connection in lmtpproxyd.
* Allow login without authentication with -N switch in proxyd.
* Fix use of xrealloc and fold pointers in lmtpengine.
- Fix build problem with WITH_SNMP_5 on FreeBSD 4.X with
perl5.8 installed. Though we need 5.8's libperl.so,
/usr/lib/libperl.so was linked. [1]
Reported by: Thomas Vogt <tv@solnet.ch> [1]
