fetchmail 6.3.14 (released 2010-02-05, 25487 LoC):
# SECURITY FIXES
* SSL/TLS certificate information is now also reported properly on computers
that consider the "char" type signed. Fixes malloc() buffer overrun.
Workaround for older versions: do not use verbose mode.
See fetchmail-SA-2010-01.txt for details, including a minimal patch.
# BUG FIXES
* The IMAP client no longer skips messages from several IMAP servers including
Dovecot if fetchmail's "idle" is in use. Causes were that fetchmail (a)
ignored some untagged responses when it should not (b) relied on EXISTS
messages in response to EXPUNGE, which aren't mandated by RFC-3501 (the IMAP
standard) and aren't sent by Dovecot either.
Fix by Sunil Shetye (the fix also consolidates IMAP response handling,
improving overall robustness of the IMAP client), bug report and testing by
Matt Doran, with further hints from Timo Sirainen.
* The SMTP client now recovers from errors (such as servers dropping the
connection after errors) when sending an RSET command.
Fix by Sunil Shetye. Report by James Moe.
* The IMAP client now uses "SEARCH UNSEEN" rather than "SEARCH UNSEEN NOT
DELETED" again on IMAP2, to fix a regression in fetchmail 6.2.5 reported by
Will Stringer in June 2004. (Sunil Shetye)
* The IMAP client now uses "SEARCH UNSEEN UNDELETED" on IMAP4 and IMAP4r1
servers (Sunil Shetye).
* Workaround: The IMAP client now falls back to "FETCH n:m FLAGS" if the server
does not support "SEARCH". (Sunil Shetye)
* The IMAP client now requests message numbers in batches of 1,000 to avoid
problems if there are more than 1860 unseen messages. (Sunil Shetye)
Note that this wasn't security relevant because fetchmail would only read up
to the maximum buffer size and leave the remainder of the string unread, going
out of synch afterwards.
* Stricter validation of IMAP responses containing byte or message counts.
# CHANGES
* Only include gssapi.h if we're not including gssapi/gssapi.h, to fix a FreeBSD
compiler warning about gssapi.h being obsolete.
# DOCUMENTATION
* The README.SSL document was revised for grammar, spelling, and clarity.
Courtesy of Robert Mullin.
fetchmail 6.3.13 (released 2009-10-30, 25333 LoC):
# REGRESSION FIXES
* The multiline SMTP error fix in release 6.3.12 caused fetchmail to lose
message codes 400..599 and treat all of these as temporary error. This would
cause messages to be left on the server even if softbounce was turned off.
Reported by Thomas Jarosch.
fetchmail 6.3.12 (released 2009-10-05):
# REGRESSION FIXES
* The CVS-2009-2666 fix in fetchmail release 6.3.11 caused a free() of
unallocated memory on SSL connections, which caused crashes or program aborts
on some systems (depending on how initialization and free() of unallocated
memory is handled in compiler and libc).
Workaround for older versions: run in verbose mode.
Patch courtesy of Thomas Heinz, fixes Gentoo Bug #280760.
This regression affected only the 6.3.11 release, but not the patch that was
part of the security announcement fetchmail-SA-2009-01.
# BUG FIXES
* Fix error reporting for GSSAPI on Heimdal (h5l) Kerberos.
* Look for MD5_Init in libcrypto rather than libssl, fixes Gentoo Kerberos
builds; fixes upstream parts of Gentoo Bugs #231400 and #185652, and fixes
BerliOS Bug #16134.
* Report multiline SMTP errors properly, reported by Earl Chew; fixes Debian Bug
#529899, reported by Akihiro Terasaki.
Note: This fix introduced a regression, fixed in 6.3.13.
* Replace control characters in SMTP replies by '?'.
* Fetchmailconf: Fix descriptions for smtpaddress and smtpname options;
smtpaddress is for RCPT TO, not MAIL FROM. Found by Gerard Seibert.
...as well as translation updates in all three releases.
IMAP (Internet Message Access Protocol) is an Internet standards-track
protocol for accessing messages (mail, bboards, news, etc). The Cyrus
IMAP server differs from other IMAP server implementations in that it
is generally intended to be run on "sealed" servers, where normal users
are not permitted to log in. The mailbox database is stored in parts of
the filesystem that are private to the Cyrus IMAP system. All user
access to mail is through the IMAP, POP3, or KPOP protocols.
Collection.
The Perl 5 module Mail::Alias can read various formats of mail
alias. Once an object has been created it can be used to expand
aliases and output in another format.
Provides a class to deal with the decoding and interpreting of mime messages.
This package used to be part of the Mail_Mime package, but has been split off.
1.6.0
Bugs Fixed:
* Don't break specified headers folding [alec]
* Bug #17025: Wrong headers() result for long unwrapable header value [alec]
Implemented Features:
* Allow setting Content-ID for HTML Images [alec]
* Added one setParam() in place of many set*() functions [alec]
* Added getParam(), getTXTBody(), getHTMLBody() [alec]
* Skip RFC2231's charset if filename contains only ASCII characters [alec]
* Make sure that Received: headers are returned on the top [alec]
* Added saveMessageBody() and getMessageBody() functions [alec]
1.6.0RC2
Fixed Bugs:
* Bug #7561: _encodeQuotedPrintable() with mbstring function overloading
broken in 1.6.0RC1 [alec]
* Fixed quoted-printable encoding of characters with ord(char) < 10 [alec]
1.6.0RC1
Fixed Bugs:
* Bug #13444: Problem in multipart mail with txt, html and images. Reverted
fix for #9725 [alec]
* Bug #14780: Content-Type is not set correctly when calling headers() before
get() [alec]
Implemented Features:
* Feature #10884: Provide easy way to set build params [alec]
* Feature #13962: Multiple header support [alec]
* Use class (private) variables instead of MAIL_MIME_CRLF and
MAIL_MIMEPART_CRLF constants [alec]
* Feature #12411: Support both RFC2047 and RFC2231 for attachments filenames
encoding [alec]
* Optimized memory usage in quoted-printable encoding function [alec]
* Feature #13969: Big attachments support [alec]
* Changed default value of text_encoding to quoted-printable [alec]
1.5.3
Fixed bugs:
* Fix Bug #14678: srand() lowers security [clockwerx]
* Fix Bug #12921: _file2str not binary safe [walter]
* Fix Bug #12385: Bad regex when replacing css style attachments [cipri]
* Fix Bug #16911: Excessive semicolon in MIME header [alec]
* Fix Bug #15320: Attachment charset is not set in Content-Type header [alec]
* Fix Bug #16911: Lack of semicolon separator for MIME header parameters [alec]
* Fix Bug #16846: Use preg_replace_callback() instead of /e modifier [alec]
* Fix Bug #14779: Problem with an empty attachment [alec]
* Fix Bug #15913: Optimize the memory used by Mail_mimePart::encode.
Avoid having attachments data duplicated in memory [alec]
* Fix Bug #16539: Headers longer than 998 characters aren't wrapped [alec]
* Fix Bug #11238: Wrong encoding of structured headers [alec]
* Fix Bug #13641: iconv_mime_encode() seems to work different/errorious than
the build in logic. Removed 'ignore_iconv' param. [alec]
* Fix Bug #16706: Incorrect double-quotes RFC 2231-encoded parameter values
[alec]
* Fix Bug #14232: RFC2231: tspecials encoding in _buildHeaderParam() [alec]
Implemented Features:
* Implement Feature #10438: Function (encodeHeader) for encoding of given
header [alec]
1.5.2
* Fix Bug #11381: domain name is attached to content-id, trailing greater-than
sign is not remove [cipri]
1.5.1
* Fix Bug #11344: Error at line 644 in mime.php [cipri]
1.5.0
Split off Mail_MimeDecode
1.5.0RC2
Fixed accidental characters included in mime.php
QA release
* Move SVN to proper directory structure [cweiske]
* Fix Bug #8775: Error in package.xml
* Fix Bug #14671: Security issue due to seeding random number generator
[cweiske]
Release 2.67 adds the following features since 2.65 (there was no public
2.66 release):
* The ability for mimedefang-multiplexor to use poll rather than select.
This removes the FD_SETSIZE limit on the number of file descriptors
the multiplexor can handle.
* Support for FPROTD version 6 daemonized virus scanner.
2.65
There is only one change since 2.64: An error in the way the embedded
perl interpreter was initialized has been fixed. This fixes problems
on the Debian HPPA architecture and possibly others.
2.64
This is a minor bugfix release;
* Add support for NOD32 command-line scanner
* Add support for Sophos "savscan" scanner
2010-01-30 Jeffrey Stedfast <fejj@novell.com>
* README: Bumped version
* configure.in: Bumped version to 2.2.25
* configure.in: Disabled strict-aliasing to work around subtle
bugs generated by gcc 4.4 when optimizations are enabled.
version 3.23: Fri Jan 29 00:39:27 EST 2010
- new beta idle_data() method to retrieve untagged messages during idle
similar to method suggested by Daniel Richard G
- added/updated documentation for idle, idle_data, and done
- rt.cpan.org#53998: fix NTLM auth: call ntlm with challenge string
[Dragoslav Mlakar]
- report the return value from select/_read_more on errors
- logout() again returns the success/failure of the LOGOUT command
- set/return error when $response->() returns undef in authenticate()
- new internal method _load_module() centralizing some 'require' calls
- localize use $@ in several places to avoid stomping on global val
- refactor code calling _read_more() to centralize error handling
version 3.22: Thu Jan 21 15:25:54 EST 2010
- rt.cpan.org#52313: Getting read errors if Fast_io is set to 1
[Jukka Huhta]
- updated Maxttemperrors docs related to EAGAIN handling
- new starttls() method and Starttls attribute to support STARTTLS
- update parse_headers to try harder to find UID in fetch response
version 3.21: Tue Sep 22 19:45:13 EDT 2009
- rt.cpan.org#49691: rewrite of fetch_hash to resolve several issues
[Robert Norris]
includes new tests via t/fetch_hash.t
- rt.cpan.org#48980: (enhancement) add support for XLIST extension
[Robert Norris]
- rt.cpan.org#49024: NIL personal name returned by *_addresses methods
[Dmitry Bigunyak]
- rt.cpan.org#49401: IMAPClient expunge fails (unless folder arg used)
[Gary Baluha]
- update/clarify close and expunge documentation a little
version 3.20: Fri Aug 21 17:40:40 EDT 2009
- added file/tests in t/simple.t
- added methods Rfc3501_date/Rfc3501_datetime
used by deprecated methods Rfc2060_date/Rfc2060_datetime
rt.cpan.org#48510: Rfc3501_date/Rfc3501_datetime methods do
not exist [sedmonds]
- login() hack to quote an empty password
rt.cpan.org#48107: Cannot LOGIN with empty password [skunk]
* gmime/gmime-encodings.h (GMIME_UUENCODE_LEN): Fixed to prevent
possible buffer overflows.
* configure.in: Bumped version to 2.4.14 and disabled
strict-aliasing which causes bugs in GMime.
* gmime/gmime-filter-crlf.c (filter_filter): Fixed bug #606875 by
not trying to skip multiple characters per pass thru the loop when
encountering the first '.' of a possible '..' sequence.
* configure.in: Bumped version to 2.4.12
* gmime/gmime-utils.c (g_mime_utils_decode_8bit): Make sure to
always increment inptr as we force-convert it to ascii. Thanks to
Damian Pietras for finding this bug.
* gmime-2.4.pc.in: Moved -lz -lnsl, etc into Libs.private. Fixes
bug #603273.
file cannot run without EXIM_USER being present on the system, so
scripts/exim_install was changed to derive the Exim version from the
pkgsrc package version (see PKGSRC_EXIM_VERSION in the Makefile and patch-ae).
Added LICENSE information.
Ok'd by abs@
Changelog for Dovecot 1.2.10:
+ %variables now support %{host}, %{pid} and %{env:ENVIRONMENT_NAME}
everywhere.
+ LIST-STATUS capability is now advertised
- maildir: Fixed several assert-crashes.
- imap: LIST "" inbox shouldn't crash when using namespace with
"INBOX." prefix.
- lazy_expunge now ignores non-private namespaces.
Changelog for Sieve 0.1.15:
* Enotify extension:
- Adjusted notify method API for addition of new notification
methods.
- Set default importance level to 'normal' (was 'high').
* Include extension: updated implementation towards most recent
specification (all should be backwards compatible):
- Implemented global variables namespace.
- Global command may now appear anywhere in a script.
- Implemented script name checking using the requirements specified
in the ManageSieve draft.
- One issue remains: ManageSieve currently requires included scripts
to be uploaded first, which is not according to specification.
* Changed envelope path parser to allow to and from envelope addresses
that have no domain part.
+ Added preliminary support for Sieve plugins and added support for
installing Sieve development headers.
+ Started work on the implementation of the spamtest, spamtestplus and
virustest extensions (unfinished).
+ Deprecated notify extension: implemented denotify command.
+ Variables extension: added support for variable namespaces.
+ Added configurable script size limit. Compiler will refuse to
compile files larger than sieve_max_script_size.
+ Testsuite changes:
- Added support for changing and testing an extension's
configuration.
- Added a command line parameter for copying errors to stderr.
- Fixed a bug in the i;ascii-numeric comparator. If one of the
strings started with a non-digit character, the comparator would
always yield less-than.
- Imap4flags extension: fixed bug in removeflag: removing a single
flag failed due to off-by-one error (bug report by Julian Cowley).
- Improved EACCES error messages for stat() and lstat() syscalls and
slightly improved error messages that may uccur when saving a
binary.
- Vacation extension: fixed typo in runtime log message (patch by
Julian Cowley).
- Fixed use of minus '-' in man pages; it is now properly escaped.
- Fixed parser recovery. In particular cases it would trigger spurious
errors after an initial valid error and sometimes additional errors
were inappropriately ignored.
Changelog for ManageSieve 0.11.11:
* This release contains adjustments to match changes in the Sieve API.
This means that this release will only compile against Pigeonhole
Sieve v0.1.15.
+ Implemented ManageSieve QUOTA enforcement.
+ Added MAXREDIRECTS capability after login.
+ Implemented new script name rules specified in most recent
ManageSieve draft.
- Fixed assertion failure occuring with challenge-response SASL
mechanisms.
- Made configure complain about trying to compile against installed
Dovecot headers alone.
- Fixed compile warning for compilation against CMUSieve.
version 2.05: Fri Dec 18 22:39:21 CET 2009
Fixes:
- no de-ref error when index out of range in Mail::Header::get()
[Bob Rogers]
- repaired fixed selection of smtp for non-unix systems.
Improvements:
- do not run pod.t in devel environment.
- set default output filename for Mail::Mailer::testfile::PRINT
[Kaare Rasmussen[
- warn when no mailers were found.
rt.cpan.org#52901 [Christoph Zimmermann]
8.14.4/8.14.4 2009/12/30
SECURITY: Handle bogus certificates containing NUL characters
in CNs by placing a string indicating a bad certificate
in the {cn_subject} or {cn_issuer} macro. Patch inspired
by Matthias Andree's changes for fetchmail.
During the generation of a queue identifier an integer overflow
could occur which might result in bogus characters
being used. Based on patch from John Vannoy of
Pepperdine University.
The value of headers, e.g., Precedence, Content-Type, et.al.,
was not processed correctly. Patch from Per Hedeland.
Between 8.11.7 and 8.12.0 the length limitation on a return
path was erroneously reduced from MAXNAME (256) to
MAXSHORTSTR (203). Patch from John Gardiner Myers
of Proofpoint; the problem was also noted by Steve
Hubert of University of Washington.
Prevent a crash when a hostname lookup returns a seemingly
valid result which contains a NULL pointer (this seems
to be happening on some Linux versions).
The process title was missing the current load average when
the MTA was delaying connections due to DelayLA.
Patch from Dick St.Peters of NetHeaven.
Do not reset the number of queue entries in shared memory if
only some of them are processed.
Fix overflow of an internal array when parsing some replies
from a milter. Problem found by Scott Rotondo
of Sun Microsystems.
If STARTTLS is turned off in the server (via M=S) then it
would not be initialized for use in the client either.
Patch from Kazuteru Okahashi of IIJ.
If a Diffie-Hellman cipher is selected for STARTTLS, the
handshake could fail with some TLS implementations
because the prime used by the server is not long enough.
Note: the initialization of the DSA/DH parameters for
the server can take a significant amount of time on slow
machines. This can be turned off by setting DHParameters
to none or a file (see doc/op/op.me). Patch from
Petr Lampa of the Brno University of Technology.
Fix handling of `b' modifier for DaemonPortOptions on little
endian machines for loopback address. Patch from
John Beck of Sun Microsystems.
Fix a potential memory leak in libsmdb/smdb1.c found by parfait.
Based on patch from Jonathan Gray of OpenBSD.
If a milter sets the reply code to "421" during the transfer
of the body, the SMTP server will terminate the SMTP session
with that error to match the behavior of the other callbacks.
Return EX_IOERR (instead of 0) if a mail submission fails due to
missing disk space in the mail queue. Based on patch
from Martin Poole of RedHat.
CONFIG: Using FEATURE(`ldap_routing')'s `nodomain' argument would
cause addresses not found in LDAP to be misparsed.
CONFIG: Using a CN restriction did not work for TLS_Clt as it
referred to a wrong macro. Patch from John Gardiner
Myers of Proofpoint.
CONFIG: The option relaytofulladdress of FEATURE(`access_db')
did not work if FEATURE(`relay_hosts_only') is used too.
Problem noted by Kristian Shaw.
CONFIG: The internal function lower() was broken and hence
strcasecmp() did not work either, which could cause
problems for some FEATURE()s if upper case arguments
were used. Patch from Vesa-Matti J Kari of the
University of Helsinki.
LIBMILTER: Fix internal check whether a milter application
is compiled against the same version of libmilter as
it is linked against (especially useful for dynamic
libraries).
LIBMILTER: Fix memory leak that occurred when smfi_setsymlist()
was used. Based on patch by Dan Lukes.
LIBMILTER: Document the effect of SMFIP_HDR_LEADSPC for filters
which add, insert, or replace headers. From Benjamin
Pineau.
LIBMILTER: Fix error messages which refer to "select()" to be
correct if SM_CONF_POLL is used. Based on patch from
John Nemeth.
LIBSM: Fix handling of LDAP search failures where the error is
carried in the search result itself, such as seen with
OpenLDAP proxy servers.
VACATION: Do not refer to a local variable outside its scope.
Based on patch from Mark Costlow of Southwest Cyberport.
Portability:
Enable HAVE_NANOSLEEP for SunOS 5.11. Patch from
John Beck of Sun Microsystems.
Drop NISPLUS from default SunOS 5.11 map definitions.
Patch from John Beck of Sun Microsystems.
Changelog for Dovecot 1.2.9:
* maildir: When saving, filenames now always contain ,S=<size>.
Previously this was done only when quota plugin was loaded. It's
required for zlib plugin and may be useful for other things too.
+ lazy-expunge: Support a single-namespace configuration. If a mailbox
is deleted, its messages are merged with its old expunged messages
(if there were any).
+ expire: Settings now support spaces in mailbox names by using
quoted strings.
- maildir: v1.2.7 and v1.2.8 caused assert-crashes in
maildir_uidlist_records_drop_expunges()
- maildir_copy_preserve_filename=yes could have caused crashes.
- Maildir++ quota: % limits weren't updated when limits were read
from maildirsize.
- virtual: v1.2.8 didn't fully fix the "lots of mailboxes" bug
- virtual: Fixed updating virtual mailbox based on flag changes.
- fts-squat: Fixed searching multi-byte characters.
Changelog for Sieve 0.1.14:
* Made the imposed limits on the number of redirects and the number
of actions configurable. The settings are called sieve_max_actions
and sieve_max_redirects.
* Did a major rework of extension handling, making sure that no global
state is maintained. This change was triggered by problems that
global state info would cause for Dovecot v2.0, but it is also
important for v1.2 as it significantly cleans up the library
implementation.
+ Made LDA Sieve plugin recognize the deliver_log_format setting.
+ Message headers produced from user-supplied data are now
RFC2047-encoded if necessary for outgoing messages. This is for
example important for the :subject argument of the vacation action.
+ Added support for the $text$ substitution in the deprecated notify
extension.
+ The subaddress extension now also accepts recipient_delimiter
setting as an alias for sieve_subaddress_sep setting. This
anticipates the recipient_delimiter setting in v2.0.
- Fixed logging of mailbox names. It logged the converted mUTF7
version in stead of the original UTF8 version supplied by the user.
- Fixed a minor memory leak in the multiscript support.
- Fixed a bug in the recompilation of Sieve scripts. Made sure that
scripts are only recompiled when the script file - or the symlink
pointing to it - is strictly newer.
Changelog for ManageSieve 0.11.10:
* This release contains adjustments to match changes in the Sieve API.
This means that this release will only compile against Pigeonhole
Sieve v0.1.14.
- Fixed compilation of ManageSieve against CMUSieve.
Special permissions for filterctl and courierfilter have to be applied
in an install script at installation time.
Actions for the post-install target forgot to propagate DESTDIR
appropriately as a make parameter.
Recognized_Att_Keys) were made private, which broke SpamAssassin's
(ab)use of those variables. For details see
https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6131.
Perl 5.10.1 includes ExtUtils::MakeMaker 6.55_2 and consequently building
SpamAssassin 3.2.5 with DESTDIR support in pkgsrc does not work anymore.
The fix changes the decision whether the used EU::MM module has good
enough DESTDIR support to depend only on the version number
(ie. mm_has_good_destdir is true) instead of the availability of the
key 'DESTDIR' in the (now non-public) Recognized_Att_Keys hash.
Ok to commit during freeze by wiz@
Fixes mime type when attaching an Office (MS or Open*.org) file.
Prior to this commit would always be tagged as application/octet-stream.
Bump pkgrevision
qpopper:
* add user-destdir support
* add ${QPOPPER_USER}:${QPOPPER_GROUP} to PKG_USERS, fixes PR#28807.
* honor VARBASE.
common:
* update ipv6 patch to appropriate one for base version.
* some pkglint cleanup.
Bump PKGREVISION.
unconditionally. All supported systems should have poll(2). If
one is found that doesn't then this can be revisited and some way
of making it conditional can be implemented.
This resolves an issue with applications that have a large
number of open files and want to bump FD_SETSIZE. Since libmilter
no longer uses select(2), the application is free to monkey with
FD_SETSIZE as it pleases.
Evolution-Data-Server 2.28.2 2009-12-14
---------------------------------------
Bug Fixes:
#394567 - Use correct FBTYPE values in GroupWise calendar backend
(Jari Urpalainen)
#574940 - Crash in message_info_to_db() (Milan Crha)
#593023 - Deleting an imported recurrent event will remain (Milan Crha)
#594502 - Some google calendar meetings don't show up (Milan Crha)
#598971 - Preserve selection in ENameSelectorEntry if possible
(Milan Crha)
#599671 - gtk_tree_view_column_get_cell_renderers() is deprecated
(Matthew Barnes)
#600449 - segfault in camel_msgport_destroy (Milan Crha)
#600573 - e-addressbook-factory aborts on ldap lookup (Milan Crha)
#602719 - Crash in ep_set_proxy with no proxy user or password
(Milan Crha)
#603437 - Fix few memory leaks (Milan Crha)
#603689 - Improper escaping of folder name (Lucian Langa)
Other Changes:
Use EAGAIN instead of ETIMEDOUT on Windows (Tor Lillqvist)
Don't use commas on the Requires line (Tor Lillqvist)
Fix a memory leak. (Wang Xin)
Fix a crash due to un initialized variable. (Srinivasa Ragavan)
Use SQLite's default cache size of 2000 pages in folders.db
(C de-Avillez)
Translations:
Ivar Smolin (et)
Lucian Grijincu (ro)
Leonid Kanter (ru)
* Add patches to fix build problem with OpenSSL 1.0.0 beta and later.
* Generase "-DUSE_SSL" instead of "-DSSL". Similar changes are CANNA
and ZLIB. (In the case of ZLIB, it could be change to use HAVE_ZLIB_H.)
* Split Makefile to use hacks.mk and options.mk.
* And miscellaneous pkglint clean up.
There should be no functional change and fix PR pkg/42452.
Fuß <ef@math.uni-bonn.de>.
The package now contains Stephan Bosch' new Dovecot Sieve plugin as a pkgsrc
option (instead of the old CMU Sieve plugin that was a separate package), as
well as the ManageSieve extension. The dovecot-sieve package will be removed.
Upgrading from Dovecot 1.1.x may require changes to your configuration file,
see this webpage for more information: http://wiki.dovecot.org/Upgrading/1.2
Major changes since Dovecot 1.1:
* When creating files or directories to mailboxes, Dovecot now uses
the mailbox directory's permissions and GID for them. Previous
versions simply used 0600 mode always. For backwards compatibility
dovecot-shared file's permissions still override these with Maildir.
* SQL dictionary (quota) configuration file is different than in v1.1.
See doc/dovecot-dict-sql-example.conf for the new format.
* deliver -m: Mailbox name is now assumed to be in UTF-8 format,
not modified-UTF7. Stephan Bosch's new Sieve implementation also
assumes UTF-8 format in fileinto parameters.
+ Full support for shared mailboxes and IMAP ACL extension.
The code is mainly from Sascha Wilde and Bernhard Herzog.
+ IMAP: Added support for extensions: CONDSTORE, QRESYNC, ESEARCH,
ESORT, SEARCHRES, WITHIN, ID and CONTEXT=SEARCH.
+ SEARCH supports INTHREAD search key, but the rest of the INTHREAD
draft isn't implemented yet so it's not advertised in capability.
+ THREAD REFS algorithm where threads are sorted by their latest
message instead of the thread root message. There is also no base
subject merging.
+ IMAP: Implemented imap-response-codes draft.
+ Thread indexes for optimizing IMAP THREAD command and INTHREAD
search key.
+ Added userdb checkpassword (by Sascha Wilde)
+ Virtual mailboxes: http://wiki.dovecot.org/Plugins/Virtual
+ Autocreate plugin: http://wiki.dovecot.org/Plugins/Autocreate
+ Listescape plugin: http://wiki.dovecot.org/Plugins/Listescape
vulnerability in ruby-actionpack.
Major changes:
- Improved compatibility with Ruby 1.9
- RailsXss plugin availability
- Fixes for the Nokogiri backend for XmlMini
