- Fix handling of % character in IMAP protocol (#1488382)
- Fix duplicate names handling in addressbook searches (#1488375)
- Fix displaying of HTML messages from Disqus (#1488372)
- Disable E_STRICT warnings on PHP 5.4
- Prevent from folder selection on virtual folder collapsing (#1488346)
- Fix automatic unsubscribe of non-existent folders
- Fix double-quotes handling in recipient names
- User configurable setting how to display contact names in list
- Make contacts list sorting configurable for the admin/user
- Fix parse errors in DDL files for MS SQL Server
- Revert SORT=DISPLAY support, removed by mistake (#1488327)
- Add lost translation label in de_DE (#1488315)
- Fix drafts update issues when edited from preview pane (#1488314)
- Fix wrong variable name in rcube_ldap.php (#1488302)
- Make mime type detection based on filename extension to be case-insensitive
- Fix failure on MySQL database upgrade from 0.7 - text column can't have default value (#1488300)
Release date: 2012-03-12 10:04 UTC
Release state: stable
Changelog:
* Request #19009: Remove error_reporting from tests [alec]
* Fixed Bug #19094: Email addresses do not have to contain a space
between the name and address part [alec]
* Fixed Bug #19328: Wrong encoding of filenames with comma [alec]
Bugs resolved in 2.4.14
* Bug #2685 folder delete and annotations
* Bug #3381 tools/rehash script is not 64bit safe
* Bug #3405 tls support for ctl_mboxlist
* Bug #3452 sieve uses mailbox name in internal format in autoreply
* Bug #3485 cyr_expire tries to delete parent directories that are not empty
* Bug #3582 Extra LF+SP characters been inserted in the middle of the XML
attachments
* Bug #3598 lmtp auditlog for murder proxy mode
* Bug #3623 OpenBSD (and other platforms without working mmap) multiple bugs
* Bug #3636 Renaming a mailbox doesn't remove old folder
* Bug #3628 folders with spaces and subfolders with same prefix as parent folder
don't show up
* Bug #3634 RENAME INBOX no longer works
* Bug #3635 cmd_rename() fails to check error codes
* Bug #3636 unexpunge locks mailbox until all output is emitted
* Bug #3637 imapd and ipop3d in 2.4 no longer log expunge events to syslog
* Bug #3640 LMTP accepts NULL bytes in headers, resulting in incorrect header/
mail size in meta-data
* Bug #3642 iPhone 5 expects SPECIAL-USE in LIST output
* Bug #3645 Ability to delete folder "shared"
* Bug #3649 unable to remove mailbox
* Bug #3650 ENVELOPE contains unexpected CRLF
Postfix stable release 2.8.9 is available. This contains fixes that
are already part of Postfix 2.9 and 2.10.
* The "change header" milter request could replace the wrong
header. A long header name could match a shorter one, because
a length check was done on the wrong string. Reported by
Vladimir Vassiliev.
* Core dump when postlog emitted the "usage" message, caused
by an extraneous null assignment. Reported by Kant (fnord.hammer).
You can find the updated Postfix source code at the mirrors listed
at http://www.postfix.org/.
Fix bug #SF3400670: Send ADSP failure reports when rejecting
a message.
Fix bug #SF3419149: Add MaximumSignedBytes to opendkim-config.h.
Fix bug #SF3441240: Appy ReportBccAddress when generating ADSP
reports.
Fix bug #SF3447199: Fix logic preventing the application of the
BodyLengthDB.
Fix Authentication-Results generation with "AddAllSignatureResults"
enabled.
Fix a crash bug when trying to handle certain malformed header fields
in verify-only mode.
Improve error checking in the callback provided to libunbound to
avoid crashes.
Cope with versions of Sleepycat DB that crash when asking for a file
descriptor for in-memory databases.
Don't override "On-NoSignature" when "Quarantine" is set.
Ignore header field names that contain semi-colons, as they produce
syntactically invalid signatures.
LIBOPENDKIM: Fix bug #SF3465400: Don't use "new" as a parameter name
in dkim.h since that's an error for C++.
LIBOPENDKIM: NOERROR is the same as NXDOMAIN for the purposes of
the ADSP existence check. Problem noted by Todd Nagengast.
LIBOPENDKIM: Return DKIM_STAT_SYNTAX from dkim_header() if the header
field name contained a semi-colon.
LIBAR: After computing a timeout, if the fractional seconds portion
adds to exactly a second, convert that amount to seconds.
Previous versions only converted when the fractional portion
exceeded a second. This led to threads that spin
indefinitely. Problem noted by Todd Lyons and Gary Mills;
forensic evidence revealing the problem at long last provided
by Todd Lyons.
STATS: Fix a crash bug in opendkim-importstats due to improper handling
of NULL returns from SQL.
2.4.2
Don't apply BodyLengthDB when not signing.
LIBOPENDKIM: Update for draft-kucherawy-dkim-atps-06.
LIBOPENDKIM: Terminate the strings returned by dkim_sig_getsubstring()
and dkim_sig_getidentity() whenever possible.
CONTRIB: Change "chkconfig" instruction in RHEL init script,
and a minor tweak to the RPM spec file.
2.4.1 2011/06/28
Fix bug #SF3312691: Add "-e" command line switch to extract a value
from configuration.
Fix bug #SF3324488: Accommodate postfix's job ID generation by moving
the BodyLengthDB check down to EOH.
Fix bug #SF3327106: Fix mode-based short-circuit logic.
Patch #SF3321766: Remove "-d" from usage message (not implemented).
Print database error strings instead of just return codes in
query test mode, and clean up error strings when extracting
them from the layers below.
Minor fixes related to use of OpenDBX.
LIBOPENDKIM: Fix bug #SF3328330: Correct generation of "z=" tags.
LIBOPENDKIM: Patch #SF3313534: Improve thread-safe use of OpenSSL
in dkim_init() and dkim_free().
LIBOPENDKIM: Patch #SF3314269: Change all uses of off_t to ssize_t,
as the former is reserved for use with filesystem APIs.
LIBOPENDKIM: Make the user context pointer (void) rather than
(const void) since the caller is allowed to change it.
LIBOPENDKIM: Proper handling of DKIM_CBSTAT_ERROR from the prescreen
and final callbacks.
LIBOPENDKIM: Fix up initialization under _FFR_OVERSIGN.
BUILD: Adjust gprof code to accomodate systems that put profiling
output in <binary>.gmon rather than gmon.out.
2.4.0 2011/06/06
Feature request #SF3060140: Extension of odkim.sign() to include
maximum signed byte count.
Feature request #SF3171865: Add _FFR_LUA_GLOBALS, enabling a
mechanism to maintain state between Lua scripts.
Feature request #SF3241982: Optionally add an Authentication-Results
field for all signatures present, not just the first good one.
Feature request #SF3256630: Add _FFR_RATE_LIMIT, enabling hooks for
post-verification rate controls.
Feature request #SF3290461: Add optional support for querying a
memcache daemon via libmemcached.
Feature request #SF3299041: Be tougher on use of the "l=" tag by
removing "BodyLengths", renaming "BodyLengthDBFile" to
"BodyLengthDB", and allowing pattern matches. This
effectively activates _FFR_BODYLENGTH_DB as well.
Feature request #SF3303911: Add "DisableADSP" setting.
In the stats recording code, only check for a domain match for
signatures that don't have errors (i.e., short circuit if
sigerror is not zero).
LIBOPENDKIM: Feature request #SF2969516: Teach dkim_chunk() about
DKIM_LIBFLAGS_FIXCRLF.
LIBOPENDKIM: Feature request #SF3123731: Extend FixCRLF to cover
header fields.
LIBOPENDKIM: Feature request #SF3151534: Extract DKIM reputation
support to its own library.
LIBOPENDKIM: Feature request #SF3279589: Add _FFR_XTAGS, adding
support for generic extension tags in signatures.
LIBOPENDKIM: Feature request #SF3300738: Add dkim_sig_getqueries()
and dkim_policy_getqueries() to assist API consumers that
have their own DNS mechanisms not directly adaptable to ours.
LIBOPENDKIM: Return an error from dkim_getsighdr() or
dkim_getsighdr_d() if called after a key load failure.
LIBAR: Check that the descriptor's write socket is writable before
calling ar_sendquery() when trying to identify open requests
that need retransmission.
STATS: Feature request #SF3066106: Add "opendkim-anonstats" tool.
CONTRIB: Paths in init/redhat/opendkim are now auto-generated.
Activate _FFR_MAXVERIFY.
(while here, set LICENSE=apache-1.1.)
------
v2.3.6
------
[mjr] Fix issue that caused erroneous file listings for objects in sources
without a __uid value.
[jan] Allow to export photo/logo fields to vCard without MIME type.
[jan] Support X-EPOCSECONDNAME fields of Nokia phones.
[jan] Add upgrade scripts for next-generation SQL share driver.
[jan] Fix splitting up names when exporting to N properties of vCards.
[jan] Only set the encoding parameter for binary data in vCards, if data is not
empty (Bug #9413).
[jan] Fix searching for fields matching an email address if using 'emails'
attribute instead of 'email' (Bug #9472).
[jan] Use personal address books first if determining the default one (Valentin
Vidic, Request #9367).
[jan] Use name format preference not only for paging, but for sorting too
(Request #8806).
[jan] Fix photo corruption when exporting to vCard 3.0 (Bug #9100).
------
v2.3.5
------
[jan] Correctly export FN vCard property if 'alternative_name' is set, but not
'name' (Bug #9207).
[jan] Fix import of addresses from LDIF (Axel Jurak, Bug #9215).
[jan] Speed up browsing of long address books.
------
v2.3.4
------
[jan] Remove deleted contacts from distribution lists in the same address book.
[mjr] Allow creation of default, personal address book when other read-only
sources are present.
[mjr] Log in history when deleting all of a user's contacts (Bug #8755).
[jan] Only export non-empty fields if exporting manually.
[jan] Add export to vCard 3.0.
[jan] Only synchronize those fields that are supported by the client
(Request #6658, requires Horde 3.3.7).
------
v2.3.3
------
[jan] Fix syntax of MSSQL scripts (Bug #8664).
[jan] Add preference for the name format to use for sorting (Request #6721).
[jan] Condense whitespace in composite fields (Request #8654).
[jan] Add and fix Oracle-specific SQL scripts.
[jan] Add Croatian translation (Matej Vela <matej.vela@carnet.hr>,
Iva Rumora <iva.rumora@zg.t-com.hr>).
[mjr] Fix permission checking for virtual address books.
[jan] Update deleted attributes during synchronization (lst_hoe02@kwsoft.de,
Request #6658).
[jan] Support X-ANNIVERSARY, X-CHILDREN, and X-SPOUSE vCard fields
(Request #8074).
[jan] Fix copying and moving of image fields (Ryu <ryu@ryux.org>, Bug #8523).
[jan] Don't return an error on empty LDAP search results (Bug #8595).
[jan] Replace PHP5-only code from the LDIF exporter (Bug #8586).
------
v2.3.2
------
[mms] Upgrade prototype.js to v1.6.1.
[jan] Fix synchronization with output compression enabled (Bug #7769).
[mjr] Fix contacts being deleted during synchronization when moved from one
address book to another (ryu@ryux.org, Bug #8487).
[mjr] Add new API method for retrieving the default share for a source.
[jan] Don't overwrite the compositing fields, when importing composite fields.
[cjh] Fix searches for multiple strict fields and at least one non-strict field
(tinu@humbapa.ch, Bug #7876).
[mjr] Specific timeobject categories are now only advertised when they are
present in a configured source.
(while here, set LICENSE=gnu-gpl-v2.)
-------
v4.3.11
-------
[mms] SECURITY: Fix XSS vulnerabilities on the compose page, the contacts popup
window, and with certain IMAP mailbox names.
-------
v4.3.10
-------
[jan] Don't submit the action form when reloading messages with iTip
attachments (Bug #9502).
* Renamed sieve_global_path setting to sieve_default for clarity. Old name is
still recognized for backwards compatibility. Support for the ancient (pre
v1.1) name for this setting "global_script_path" is now dropped.
* Added means to prohibit use of redirect action. Setting sieve_max_redirects
to 0 now means that redirect is disallowed in stead of unlimited. Default
value remains four.
* Fixed interaction of Sieve include extension with ManageSieve. It is updated
to match new requirements in the draft include specification. Missing
included scripts are no longer an error at upload time.
* Updated RFC2822 header field body verification to exclude non-printing
characters (RFC5322). Only Sieve actions that can create unstructured header
values (currently enotify/mailto and editheader) are affected by this change.
+ Completed sieve-filter tool to a useful state. The sieve-filter tool provides
a means to (re)filter messages in a mailbox through a Sieve script.
+ Implemented the Sieve editheader extension. It is now possible to add and
remove message headers from within Sieve.
+ ManageSieve: added support for reading quoted and literal strings as a
stream. Fixes support for handing large SASL responses (analogous to similar
changes in Dovecot). It is now also allowed to use a quoted string for the
PUTSCRIPT script argument.
+ Added code to cleanup tmp directory in Sieve storage directory (sieve_dir)
every once in a while.
+ Added support for substituting the entire message during Sieve processing.
This is used for the filter action provided by the new sieve_extprograms
plugin (provided separately for now). The filter action allows passing the
message through an external program.
+ Added support for restricting certain Sieve language extensions to
(admin-controled) global scripts. Restricted extensions can be configured
using the new sieve_global_extensions setting. This is particularly useful
for some of the Dovecot-specific (plugin-based) Sieve extensions, that can
be somewhat hazardous when under direct control of users (e.g.
sieve_extprograms).
* Plugins now use UTF-8 mailbox names rather than mUTF-7: acl, autocreate,
expire, trash, virtual
* auth_username_format default changed to %Lu. If you really want case
sensitive usernames, set it back to empty.
* Solr full text search backend changed to use mailbox GUIDs instead of mailbox
names, requiring reindexing everything. solr_old backend can be used with old
indexes to avoid reindexing, but it doesn't support some newer features.
* Expire plugin: Only go through users listed by userdb iteration. Delete dict
rows for nonexistent users, unless expire_keep_nonexistent_users=yes.
* Temporary authentication failures sent to IMAP/POP3 clients now includes the
server's hostname and timestamp. This makes it easier to find the error
message from logs.
* dsync was merged into doveadm. There is still "dsync" symlink pointing to
"doveadm", which you can use the old way for now. The preferred ways to run
dsync are "doveadm sync" (for old "dsync mirror") and "doveadm backup".
+ imapc (= IMAP client) storage allows using a remote IMAP server to be used as
storage. This allows using Dovecot as a smart (caching) proxy or using dsync to
do migration from remote IMAP server.
+ Mailbox indexing via queuing indexer service (required for Lucene)
+ Lucene full text search (FTS) backend rewritten with support for different
languages
+ FTS finally supports "OR" search operation
+ FTS supports indexing attachments via external programs
+ IMAP FUZZY extension, supported by Lucene and Solr FTS backends
+ IMAP SPECIAL-USE extension to describe mailboxes
+ Mailbox list indexes
+ Statistics tracking via stats service. Exported via doveadm stats.
+ Autocreate plugin creates/subscribes mailboxes physically only when the
mailbox is opened for the first time. Mailbox listing shows the autocreated
mailboxes even if they don't physically exist.
+ Password and user databases now support default_fields and override_fields
settings to specify template defaults/overrides.
+ SCRAM-SHA-1 authentication mechanism by Florian Zeitz
+ LDAP: Allow building passdb/userdb extra fields from multiple LDAP attributes
by using %{ldap:attributeName} variables in the template.
+ Improved multi-instance support: Track automatically which instances are
started up and manage the list with doveadm instance commands. All Dovecot
commands now support -i <instance_name> parameter to select the instance
(instead of having to use -c <config path>). See instance_name setting.
+ auth: Implemented support for Postfix's "TCP map" sockets for user existence
lookups.
- listescape plugin works perfectly now
Changes since 2.1.0:
+ dsync: If message with same GUID is saved multiple times in session, copy it
instead of re-saving.
- acl plugin + autocreated mailboxes crashed when listing mailboxes
- doveadm force-resync: Don't skip autocreated mailboxes (especially INBOX).
- If process runs out of fds, stop listening for new connections only
temporarily, not permanently (avoids hangs with process_limit=1 services)
- auth: passdb imap crashed for non-login authentication (e.g. smtp).
