notbugAs an Amazon Associate I earn from qualifying purchases.
Want a good read? Try FreeBSD Mastery: Jails (IT Mastery Book 15)

/commits.php is going away

I'm proposing to take /commits.php away - it mainly duplicates the home page. Details in this GitHub issue.
non port: mail/dovecot/Makefile
SVNWeb

Number of commits found: 220 (showing only 100 on this page)

1 | 2 | 3  »  

Sun, 3 Oct 2021
[ 21:36 ler (Larry Rosenman) ]    commit hash:6809759a87db133e040b2d7931f6b544fcb00706  6809759 
mail/dovecot: update to 2.3.16

mail/dovecot-pigeonhole: update to 0.5.16

ChangeLogs:
https://dovecot.org/pipermail/dovecot-news/2021-August/000463.html
https://dovecot.org/pipermail/dovecot-news/2021-August/000464.html
Sat, 3 Jul 2021
[ 10:09 pi (Kurt Jaeger) ]    commit hash:21a797ec8c62a66c2e44c7e99acbf3063ec113aa  21a797e  (Only the first 10 of 11 ports in this commit are shown above. View all ports for this commit)
mail/dovecot-*: update 2.3.13 -> 2.3.15 and related ports

PR:			256860
Approved by:		fluffy (ports-secteam)
Submitted by:		otis
Relnotes:		https://dovecot.org/pipermail/dovecot-news/2021-June/000457.html
			https://dovecot.org/pipermail/dovecot-news/2021-March/000455.html
			https://dovecot.org/pipermail/dovecot-news/2021-March/000456.html
			https://dovecot.org/pipermail/dovecot-news/2021-June/000458.html
Security:		CVE-2021-29157, CVE-2021-33515, CVE-2020-28200
Differential Revision:	https://reviews.freebsd.org/D30866
MFH:			2021Q3
Thu, 8 Apr 2021
[ 23:33 jbeich (Jan Beich) ]    commit hash:69d24a727d44d398f7357cb844386f3ec4750a4f  69d24a7  (Only the first 10 of 145 ports in this commit are shown above. View all ports for this commit)
devel/icu: update to 69.1

Changes:	https://github.com/unicode-org/icu/releases/tag/release-69-1
Reported by:	GitHub (watch releases)
Tue, 6 Apr 2021
[ 14:31 mat (Mathieu Arnold) ]    commit hash:305f148f482daf30dcf728039d03d019f88344eb  305f148  (Only the first 10 of 29333 ports in this commit are shown above. View all ports for this commit)
Remove # $FreeBSD$ from Makefiles.
Sun, 7 Mar 2021
[ 16:45 tobik ] Original commit   Revision:567577 (Only the first 10 of 34 ports in this commit are shown above. View all ports for this commit)
Remove redundant option descriptions that match the default ones

(ignoring case)

Reported by:	danfe (for net/mosquitto), portscan
Wed, 6 Jan 2021
[ 14:58 pi ] Original commit   Revision:560527
mail/dovecot: update 2.3.11.3 -> 2.3.13, fix CVE in non-default config
mail/dovecot-pigeonhole: update 0.5.11 -> 0.5.13

- please note: option VPOPMAIl was removed from upstream

PR:		252415
Submitted by:	Evilham <contact@evilham.com>
Reviewed by:	fluffy
Approved by:	ler (maintainer)
MFH:		2021Q1
Relnotes:	https://dovecot.org/pipermail/dovecot-news/2021-January/000448.html
		https://dovecot.org/pipermail/dovecot-news/2021-January/000449.html
Security:	CVE-2020-24386, CVE-2020-25275
Tue, 3 Nov 2020
[ 00:56 jbeich ] Original commit   Revision:553940 (Only the first 10 of 186 ports in this commit are shown above. View all ports for this commit)
devel/icu: update to 68.1

Changes:	http://site.icu-project.org/download/68
ABI:		https://abi-laboratory.pro/tracker/timeline/icu4c/
Reported by:	GitHub (watch releases)
Fri, 14 Aug 2020
[ 00:27 ler ] Original commit   Revision:544857
mail/dovecot, mail/dovecot-pigeonhole: upgrade to 2.3.11.3 and 0.5.11,
repectively.

dovecot changelog:
* CVE-2020-12100: Parsing mails with a large number of MIME parts could
  have resulted in excessive CPU usage or a crash due to running out of
  stack memory.
* CVE-2020-12673: Dovecot's NTLM implementation does not correctly check
  message buffer size, which leads to reading past allocation which can
  lead to crash.
* CVE-2020-10967: lmtp/submission: Issuing the RCPT command with an
  address that has the empty quoted string as local-part causes the lmtp
  service to crash.
* CVE-2020-12674: Dovecot's RPA mechanism implementation accepts
  zero-length message, which leads to assert-crash later on.
* Events: Fix inconsistency in events. See event documentation in
(Only the first 15 lines of the commit message are shown above View all of this commit message)
Wed, 3 Jun 2020
[ 19:35 ler ] Original commit   Revision:537837
mail/dovecot: fix example config *.conf.ext REINPLACE missed in r537587.

PR:		246963
Submitted by:	kfv@irbug.org
MFH:		2020Q2
[ 02:16 ler ] Original commit   Revision:537587
mail/dovecot: restore the REINPLACE_CMD for the example config.

Overzealous removal.

PR:		246947
Submitted by:	gwbr0601@yahoo.de
Pointy Hat To:	ler
Mon, 18 May 2020
[ 19:28 ler ] Original commit   Revision:535778
mail/dovecot: Upgrade to 2.3.10.1, fixing multiple vulnerabilities.

- CVE-2020-10957: lmtp/submission: A client can crash the server by
  sending a NOOP command with an invalid string parameter. This occurs
  particularly for a parameter that doesn't start with a double quote.
  This applies to all SMTP services, including submission-login, which
  makes it possible to crash the submission service without
  authentication.
- CVE-2020-10958: lmtp/submission: Sending many invalid or unknown
  commands can cause the server to access freed memory, which can lead
  to a server crash. This happens when the server closes the connection
  with a "421 Too many invalid commands" error. The bad command limit
  depends on the service (lmtp or submission) and varies between 10 to
  20 bad commands.
- CVE-2020-10967: lmtp/submission: Issuing the RCPT command with an
  address that has the empty quoted string as local-part causes the
  lmtp service to crash.

Clean up some REINPLACE warnings whilst we're here.

MFH:		2020Q2
Security:	37d106a8-15a4-483e-8247-fcb68b16eaf8
Security:	CVE-2020-10957
Security:	CVE-2020-10958
Security:	CVE-2020-10967
Thu, 23 Apr 2020
[ 20:14 jbeich ] Original commit   Revision:532707 (Only the first 10 of 130 ports in this commit are shown above. View all ports for this commit)
devel/icu: update to 67.1

Changes:	http://site.icu-project.org/download/67
ABI:		https://abi-laboratory.pro/tracker/timeline/icu4c/
Reported by:	GitHub (watch releases)
Mon, 23 Mar 2020
[ 22:07 ler ] Original commit   Revision:529013
mail/dovecot: use libexttextcat for lucene.

PR:		244932
Submitted by:	igorz@yandex.ru
Fri, 13 Mar 2020
[ 09:47 jbeich ] Original commit   Revision:528343 (Only the first 10 of 126 ports in this commit are shown above. View all ports for this commit)
devel/icu: update to 66.1

Changes:	http://site.icu-project.org/download/66
ABI:		https://abi-laboratory.pro/tracker/timeline/icu4c/
Fri, 6 Mar 2020
[ 19:16 ler ] Original commit   Revision:527892
mail/dovecot: update to 2.3.10.

ChangeLog:
* Disable retpoline migitations by default. These can cause severe
  performance regressions, so they should be only enabled when
  applicable.
* IMAP MOVE now commits transactions in batches of 1000 mails. This
  helps especially with lazy_expunge when moving a lot of mails. It
  mainly avoids situations where multiple IMAP sessions are running the
  same MOVE command and duplicating the mails in the lazy_expunge folder.
  With this change there can still be some duplication, but the MOVE
  always progresses forward. Also if the MOVE fails at some point, the
  changes up to the last 1000 mails are still committed instead of
  rolled back. Note that the COPY command behavior hasn't changed,
  because it is required by IMAP standard to be an atomic operation.
(Only the first 15 lines of the commit message are shown above View all of this commit message)
Thu, 13 Feb 2020
[ 00:47 ler ] Original commit   Revision:526001
mail/dovecot: upgrade to 2.3.9.3

Changelog:
    * CVE-2020-7046: Truncated UTF-8 can be used to DoS
      submission-login and lmtp processes.
    * CVE-2020-7957: Specially crafted mail can crash snippet generation.

MFH:		2020Q1
Security:	CVE-2020-7046
Security:	CVE-2020-7957
Security:	74db0d02-b140-4c32-aac6-1f1e81e1ad30
Fri, 13 Dec 2019
[ 15:02 ler ] Original commit   Revision:520040
mail/dovecot: upgrade to 2.3.9.2,

* CVE-2019-19722: Mails with group addresses in From or To fields caused
crash in push notification drivers.
- additional fix for blank headers

PORTREVISION bump for mail/dovecot-pigeonhole, mail/dovecot-fts-xapian
*NOT* requesting MFH as 2.3.9 is not in 2019Q4.

Security:	b7dc4dde-2e48-43f9-967a-c68461537cf2
Security:	CVS-2019-19722
Wed, 4 Dec 2019
[ 17:59 ler ] Original commit   Revision:519037
mail/dovecot, mail/dovecot-pigeonhole: upgrade to 2.3.9, 0.5.9 respectively.

Bump PORTREVISION of mail/dovecot-fts-xapian for version change of dovecot.

Changelog:
Dovecot:
* Changed several event field names for consistency and to avoid
  conflicts in parent-child event relationships:
   * SMTP server command events: Renamed "name" to "cmd_name"
   * Events inheriting from a mailbox: Renamed "name" to "mailbox"
   * Server connection events have only "remote_ip", "remote_port",
     "local_ip" and "local_port".
   * Removed duplicate "client_ip", "ip" and "port".
   * Mail storage events: Removed "service" field.
     Use "service:<name>" category instead.
(Only the first 15 lines of the commit message are shown above View all of this commit message)
Tue, 26 Nov 2019
[ 01:52 ler ] Original commit   Revision:518440
mail/dovecot: include mention of security.bsd.hardlink_check_{g,u}id in
pkg-message.

PR:		242223
Submitted by:	tphilipp@potion-studios.com
Wed, 16 Oct 2019
[ 16:25 ler ] Original commit   Revision:514605
mail/dovecot: revert removing patch that is still needed.

PR:		240607
Thu, 10 Oct 2019
[ 08:18 bapt ] Original commit   Revision:514211
Revert changes that crept in by accident

Reported by:	fluffy
Pointy hat:	bapt
Wed, 9 Oct 2019
[ 15:44 ler ] Original commit   Revision:514168
mail/dovecot: really fix LUA=off.

Pointy Hat To: ler
[ 14:38 ler ] Original commit   Revision:514164
mail/dovecot: fix breakage when LUA is NOT selected.

PR:		241144
Submitted by:	matthias.pfaller@familie-pfaller.de
Reported by:	many
Pointy Hat To: ler
[ 12:06 bapt ] Original commit   Revision:514142 (Only the first 10 of 39 ports in this commit are shown above. View all ports for this commit)
Drop the ipv6 virtual category for m* category as it is not relevant anymore
[ 09:30 bapt ] Original commit   Revision:514125
dovecot-fts-xapian: Bump portrevision after dovecot upgrade
Add a note to the dovecot port about the requirement to bump the portrevision
each time dovecot is updated

PR:		241147
Reported by:	Matthias Pfaller <matthias.pfaller@familie-pfaller.de>
Tue, 8 Oct 2019
[ 21:56 ler ] Original commit   Revision:514106
mail/dovecot, mail/dovecot-pigeonhole: upgrade to 2.3.8 and 0.5.8 respectively.

release notes:
dovecot:
Changes

+ Added mail_delivery_started and mail_delivery_finished events, see
https://doc.dovecot.org/admin_manual/list_of_events/ for details.
+ dsync-replication: Don't replicate users who have "noreplicate" extra
field in userdb.
+ doveadm service status: Show total number of processes created.
+ When logging to syslog, use instance_name setting's value for the
ident. This commonly is added as a log prefix.
+ Base64 encoding/decoding code was rewritten with additional features.
It shouldn't cause any user visible changes.
(Only the first 15 lines of the commit message are shown above View all of this commit message)
Thu, 3 Oct 2019
[ 20:35 jbeich ] Original commit   Revision:513733 (Only the first 10 of 135 ports in this commit are shown above. View all ports for this commit)
devel/icu: update to 65.1

Changes:	http://site.icu-project.org/download/65
ABI:		https://abi-laboratory.pro/tracker/timeline/icu4c/
Mon, 16 Sep 2019
[ 01:24 ler ] Original commit   Revision:512138
mail/dovecot: remove no longer needed patch file.

PR:		240607
Submitted by:	paul.le.gauret@gmail.com
Wed, 28 Aug 2019
[ 15:59 ler ] Original commit   Revision:510075
mail/dovecot,mail/dovecot-pigeonhole: fix CVE-2019-11500

Changes
-------
* CVE-2019-11500: IMAP protocol parser does not properly handle NUL byte
  when scanning data in quoted strings, leading to out of bounds heap
  memory writes. Found by Nick Roessler and Rafi Rubin.

MFH:		2019Q3
Security:	CVE-2019-11500
Tue, 23 Jul 2019
[ 14:26 ler ] Original commit   Revision:507215
mail/dovecot, mail/dovecot-pigeonhole: upgrade to 2.3.7.1 and 0.5.7.1
respectively.

These releases fix the reported regressions in v2.3.7 & v0.5.7.

Dovecot core:
        - Fix TCP_NODELAY errors being logged on non-Linux OSes
        - lmtp proxy: Fix assert-crash when client uses BODY=8BITMIME
        - Remove wrongly added checks in namespace prefix checking

Pigeonhole:
        - dsync: Sieve script syncing failed if mailbox attributes weren't
          enabled.
Mon, 22 Jul 2019
[ 23:17 ler ] Original commit   Revision:507181
mail/dovecot: [PATCH] lib-storage: Namespace prefix shouldn't be included in all
 mailbox name validity checks

Obtained from:	upstream github.
Wed, 17 Jul 2019
[ 20:19 ler ] Original commit   Revision:506824
mail/dovecot: One should actually TEST their patches.

Fix previous commit.

Pointy Hat To: ler
[ 19:22 ler ] Original commit   Revision:506821
mail/dovecot: stop whining about TCP_NODELAY errors.

[PATCH] lib: ostream-file: Don't log any errors when setting
 TCP_NODELAY

It's likely never useful to log the error, and it seems more and more
unexpected errors just keep popping up.

Obtained from:	upstream git.
Fri, 12 Jul 2019
[ 19:22 ler ] Original commit   Revision:506487
mail/dovecot: stop spamming the log with EINVAL.

PR:		239172
Submitted by:	zillion1@o2.pl
Obtained from:	dovecot mailing list.
[ 13:20 ler ] Original commit   Revision:506460
mail/dovecot, mail/dovecot-pigeonhole: Update to 2.3.7 and 0.5.7 respectively.

dovecot changelog:
* fts-solr: Removed break-imap-search parameter
+ Added more events for the new statistics, see
  https://doc.dovecot.org/admin_manual/list_of_events/
+ mail-lua: Add IMAP metadata accessors, see
  https://doc.dovecot.org/admin_manual/lua/
+ Add event exporters that allow exporting raw events to log files and
  external systems, see
  https://doc.dovecot.org/configuration_manual/event_export/
+ SNIPPET is now PREVIEW and size has been increased to 200 characters.
+ Add body option to fts_enforced. This triggers building FTS index only
  on body search, and an error using FTS index fails the search rather
  than reads through all the mails.
(Only the first 15 lines of the commit message are shown above View all of this commit message)
Tue, 30 Apr 2019
[ 21:33 ler ] Original commit   Revision:500569
mail/dovecot, mail/dovecot-pigeonhole: upgrade to 2.3.6, 0.5.6 respectively.

Dovecot changelog:
* CVE-2019-11494: Submission-login crashed with signal 11 due to null pointer
access when authentication was aborted by disconnecting.
* CVE-2019-11499: Submission-login crashed when authentication was started over
TLS secured channel and invalid authentication message was sent.
* auth: Support password grant with passdb oauth2.
+ Use system default CAs for outbound TLS connections.
+ Simplify array handling with new helper macros.
+ fts_solr: Enable configuring batch_size and soft_commit features.
- lmtp/submission: Fixed various bugs in XCLIENT handling, including a hang when
XCLIENT commands were sent infinitely to the remote server.
- lmtp/submission: Forwarded multi-line replies were erroneously sent as two
replies to the client.
- lib-smtp: client: Message was not guaranteed to contain CRLF consistently when
CHUNKING was used.
- fts_solr: Plugin was no longer compatible with Solr 7.
- Make it possible to disable certificate checking without setting
ssl_client_ca_* settings.
- pop3c: SSL support was broken.
(Only the first 15 lines of the commit message are shown above View all of this commit message)
Thu, 18 Apr 2019
[ 15:22 ler ] Original commit   Revision:499273
mail/dovecot: upgrade to 2.3.5.2

* CVE-2019-10691: Trying to login with 8bit username containing
      invalid UTF8 input causes auth process to crash if auth policy is
      enabled. This could be used rather easily to cause a DoS. Similar
      crash also happens during mail delivery when using invalid UTF8 in
      From or Subject header when OX push notification driver is used.

MFH:		2019Q2
Security:	CVE-2019-10691
Thu, 28 Mar 2019
[ 12:24 ler ] Original commit   Revision:497015
mail/dovecot: upgrade to 2.3.5.1.

    * CVE-2019-7524: Missing input buffer size validation leads into
      arbitrary buffer overflow when reading fts or pop3 uidl header
      from Dovecot index. Exploiting this requires direct write access to
      the index files.

MFH:		2019Q1
Security:	CVE-2019-7524
Wed, 27 Mar 2019
[ 21:11 jbeich ] Original commit   Revision:496981 (Only the first 10 of 127 ports in this commit are shown above. View all ports for this commit)
devel/icu: update to 64.1

Changes:	http://site.icu-project.org/download/64
ABI:		https://abi-laboratory.pro/tracker/timeline/icu4c/
PR:		236325
Exp-run by:	antoine
Differential Revision:	https://reviews.freebsd.org/D19479
Tue, 5 Mar 2019
[ 23:34 ler ] Original commit   Revision:494752
mail/dovecot and mail/dovecot-pigeonhole upgrade to 2.3.5 and 0.5.5 respectively

dovecot changelog:
+ Lua push notification driver: mail keywords and flags are provided in
MessageNew and MessageAppend events.
+ submission: Implement support for plugins.
+ auth: When auth_policy_log_only=yes, only log what the policy server response
would do without actually doing it.
+ auth: Always log policy server decisions with auth_verbose=yes
- v2.3.[34]: doveadm log errors: Output was missing user/session
- lda: Debug log lines could have shown slightly corrupted
- login proxy: Login processes may have crashed in various ways when
login_proxy_max_disconnect_delay was set.
- imap: Fix crash with Maildir+zlib if client disconnects during APPEND
- lmtp proxy: Fix potential assert-crash
- lmtp/submission: Fix crash when SMTP client transaction times out
- submission: Split large XCLIENT commands to 512 bytes per command, so Postfix
accepts them.
- submission: Fix crash when client sends invalid BURL command
(Only the first 15 lines of the commit message are shown above View all of this commit message)
Tue, 5 Feb 2019
[ 14:50 ler ] Original commit   Revision:492245
mail/dovecot: upgrade to 2.3.4.1

    * CVE-2019-3814: If imap/pop3/managesieve/submission client has
      trusted certificate with missing username field
      (ssl_cert_username_field), under some configurations Dovecot
      mistakenly trusts the username provided via authentication instead
      of failing.
    * ssl_cert_username_field setting was ignored with external SMTP AUTH,
      because none of the MTAs (Postfix, Exim) currently send the
      cert_username field. This may have allowed users with trusted
      certificate to specify any username in the authentication. This bug
      didn't affect Dovecot's Submission service.

PR:		235523
Submitted by:	pascal.christen@hostpoint.ch
MFH:		2019Q1
Security:	1340fcc1-2953-11e9-bc44-a4badb296695
Security:	CVE-2019-3814
Sun, 6 Jan 2019
[ 17:46 ler ] Original commit   Revision:489515
mail/dovecot: Pick up mailing list patch for imap-preauth vs. stats-writer.

see the dovecot mailing list thread on imap-preauth and stats-writer between
Stephan Bosch and a FreeBSD user

Obtained from:	upstream mailing list.
Wed, 2 Jan 2019
[ 22:30 ler ] Original commit   Revision:489098
mail/dovecot: Pick up a mailinglist patch for solr/tika separation.

solr and tika currently use the same http client connection.  Upstream
made the attached patches in response to my (ler@) bug report.

Obtained from:	upstream mailing list.
Tue, 4 Dec 2018
[ 17:53 ler ] Original commit   Revision:486621
mail/dovecot: Add upstream patch to fix a double free in MySQL.

Obtained
from:	https://github.com/dovecot/core/commit/3c5101ffdd2a8115e03ed7180d53578765dea4c9.patch
[ 11:33 ler ] Original commit   Revision:486595
mail/dovecot: add option to support libsodium

- libsodium option to support security/libsodium based crypts
- pet portlint
- fix LUA option pkg-plist issues
Fri, 23 Nov 2018
[ 18:22 ler ] Original commit   Revision:485697
mail/dovecot: pick up patch from upstream to quiet format warnings.

Obtained
from:	https://github.com/dovecot/core/commit/de42b54aaf165d4f62b45be864dde36bdbbc4276
[ 15:12 ler ] Original commit   Revision:485675
mail/dovecot update to 2.3.4, mail/dovecot-pigeonhole to 0.5.4

dovecot change log:
* The default postmaster_address is now "postmaster@<user domain or
   server hostname>". If username contains the @domain part, that's
   used. If not, then the server's hostname is used.
* "doveadm stats dump" now returns two decimals for the "avg" field.

+ Added push notification driver that uses a Lua script
+ Added new SQL, DNS and connection events.
   See https://wiki2.dovecot.org/Events
+ Added "doveadm mailbox cache purge" command.
+ Added events API support for Lua scripts
+ doveadm force-resync -f parameter performs "index fsck" while opening
   the index. This may be useful to fix some types of broken index files.
(Only the first 15 lines of the commit message are shown above View all of this commit message)
Tue, 30 Oct 2018
[ 14:04 ler ] Original commit   Revision:483490
mail/dovcecot: fix thinko in previous update.  Don't print config always

PR:		232803
Submitted by:	oleg@pcbtech.ru
Mon, 29 Oct 2018
[ 23:28 ler ] Original commit   Revision:483437
mail/dovecot: give better error message(s) when there are configuration errors.

PR:		232785
Submitted by:	prj@rootwyrm.com
Tue, 23 Oct 2018
[ 11:35 jbeich ] Original commit   Revision:482830 (Only the first 10 of 123 ports in this commit are shown above. View all ports for this commit)
devel/icu: update to 63.1

Changes:	http://site.icu-project.org/download/63
ABI:		https://abi-laboratory.pro/tracker/timeline/icu4c/
PR:		232300
Exp-run by:	antoine
Sun, 14 Oct 2018
[ 13:30 ler ] Original commit   Revision:482041
mail/dovecot: don't pick up libsodium if installed.

PR:		232236
Submitted by:	d8zNeCFG@aon.at
Mon, 1 Oct 2018
[ 23:18 ler ] Original commit   Revision:481076
mail/dovecot upgrade to 2.3.3, mail/dovecot-pigeonhole upgrade to 0.5.3.

dovecot changelog:
* doveconf hides more secrets now in the default output.
* ssl_dh setting is no longer enforced at startup. If it's not set and
   non-ECC DH key exchange happens, error is logged and client is
   disconnected.

+ Added log_debug=<filter> setting.
+ Added log_core_filter=<log filter> setting.
+ quota-clone: Write to dict asynchronously
+ --enable-hardening attempts to use retpoline Spectre 2 mitigations
+ lmtp proxy: Support source_ip passdb extra field.
+ doveadm stats dump: Support more fields and output stddev by default.
+ push-notification: Add SSL support for OX backend.
(Only the first 15 lines of the commit message are shown above View all of this commit message)
Sun, 19 Aug 2018
[ 21:00 ler ] Original commit   Revision:477601
mail/dovecot, mail/dovecot22: suppress harmless error message when the symlink
in /var/run/dovecot
to the config file doesn't exist.

PR:		225078
Reported by:	pkubaj@anongoth.pl
Reviewed by:	adamw
MFH:		2018Q3
Mon, 9 Jul 2018
[ 17:30 ler ] Original commit   Revision:474275
mail/dovecot: upgrade to 2.3.2.1.
v2.3.2 still had a few unexpected bugs:

- SSL/TLS servers may have crashed during client disconnection
- lmtp: With lmtp_rcpt_check_quota=yes mail deliveries may have
   sometimes assert-crashed.
- v2.3.2: "make check" may have crashed with 32bit systems
Fri, 29 Jun 2018
[ 16:36 ler ] Original commit   Revision:473557
mail/dovecot, mail/dovecot-pigeonhole: upgrade to 2.3.2 and 0.5.2 respectively

dovecot changelog:
v2.3.2 is mainly a bugfix release. It contains all the changes in v2.2.36, as
well as a bunch of other fixes (mainly for v2.3-only bugs). Binary packages are
already in https://repo.dovecot.org/

* old-stats plugin: Don't temporarily enable PR_SET_DUMPABLE while
   opening /proc/self/io. This may still cause security problems if the
   process is ptrace()d at the same time. Instead, open it while still
   running as root.
+ doveadm: Added mailbox cache decision&remove commands. See
   doveadm-mailbox(1) man page for details.
+ doveadm: Added rebuild attachments command for rebuilding
   $HasAttachment or $HasNoAttachment flags for matching mails. See
   doveadm-rebuild(1) man page for details.
+ cassandra: Use fallback_consistency on more types of errors
(Only the first 15 lines of the commit message are shown above View all of this commit message)
[ 14:22 jbeich ] Original commit   Revision:473551 (Only the first 10 of 123 ports in this commit are shown above. View all ports for this commit)
devel/icu: update to 62.1

Changes:	http://site.icu-project.org/download/62
ABI:		https://abi-laboratory.pro/tracker/timeline/icu4c/
PR:		229359
Exp-run by:	antoine (only 10.4)
Wed, 13 Jun 2018
[ 20:59 ler ] Original commit   Revision:472344
mail/dovecot{,22} add BEFORE: mail to RC script

PR:	228998
Submitted by:	ohauer@FreeBSD.org
Wed, 6 Jun 2018
[ 19:23 ler ] Original commit   Revision:471880
mail/dovecot: fix "2.3.1 Replication is throwing scary errors"

make makepatch for cleanliness
Submitted by:	remko
Reported by:	remko
Obtained from:	upstream
Fri, 18 May 2018
[ 15:23 adamw ] Original commit   Revision:470297
Scale back my portfolio

I'm releasing maintainership on a number of ports that I no longer have
time to maintain effectively.
Tue, 24 Apr 2018
[ 18:11 adamw ] Original commit   Revision:468228
Add an upstream patch to fix a panic when a malformed address line
is fed to dovecot, as OpenSMTPd can do.

Submitted by:	gahr
Reported by:	brnrd
Obtained
from:	https://github.com/dovecot/core/commit/fbed9168dc3b104b09bd748409aec902328cd8e5
Sun, 22 Apr 2018
[ 21:35 dbaio ] Original commit   Revision:468060
Add mail/dovecot22 (v2.2.35) and mail/dovecot-pigeonhole04 (v0.4.23)

This brings back Dovecot 2.2.35 to the tree because there is an issue
with version 2.3.1 and replication in some scenarios [1].

Keep this version until this problem gets fixed upstream.

1 - https://www.dovecot.org/list/dovecot/2018-April/111477.html

Approved by:	adamw (maintainer of mail/dovecot)
Approved by:	ler   (maintainer of mail/dovecot-pigeonhole)
Fri, 6 Apr 2018
[ 15:53 jbeich ] Original commit   Revision:466648 (Only the first 10 of 117 ports in this commit are shown above. View all ports for this commit)
devel/icu: update to 61.1

Changes:	http://site.icu-project.org/download/61
ABI:		https://abi-laboratory.pro/tracker/timeline/icu4c/
PR:		227042
Exp-run by:	antoine
MFH:		2018Q2 (required by Firefox 61)
Sun, 1 Apr 2018
[ 17:10 adamw ] Original commit   Revision:466172
Update dovecot to 2.3.1, and dovecot-pigeonhole to 0.5.1

This is a very large update, and it WILL require manually
updating existing conf files, though the changes to do so
are not extensive. Updating instructions are here:

	https://wiki2.dovecot.org/Upgrading/2.3

Additionally there are various cleanups to the dovecot rc(8)
script, and support for a LUA scripting interface for dovecot.

The decision was made not to import the 2.3.0 or 2.3.0.1 releases
here, due to the number of existing bugs. ler and I have been
dogfooding it for months now, and all of the bugs I've encountered
are fixed in this 2.3.1 release.

This update is the result of many, many hours of collborative work
between ler and me, and the input of many people on the freebsd-ports
list.
Mon, 19 Mar 2018
[ 15:06 adamw ] Original commit   Revision:465012
Update dovecot to 2.2.35, and bump pigeonhole

    - charset_alias: compile fails with Solaris Studio, reported by
      John Woods.
    - Fix local name handling in v2.2.34 SNI code, bug found by cPanel.
    - imapc: Don't try to add mails to index if they already exist there.
    - imapc: If email is modified in istream_opened hook, mail size isn't
      updated.
    - lib-dcrypt: When reading encrypted data, more data would not be
      read if buffer was not consumed causing panic or hang.
    - notify: When notify plugin is used and transaction commit fails in
      dsync, crash occurs.
    - sdbox: When delivering to a mailbox that is over quota, temp files
      are not cleaned up when saving or copying fails.
Wed, 28 Feb 2018
[ 23:12 adamw ] Original commit   Revision:463271
Update dovecot to 2.2.34, and bump pigeonhole.

 * CVE-2017-15130: TLS SNI config lookups may lead to excessive
   memory usage, causing imap-login/pop3-login VSZ limit to be reached
   and the process restarted. This happens only if Dovecot config has
   local_name { } or local { } configuration blocks and attacker uses
   randomly generated SNI servernames.
 * CVE-2017-14461: Parsing invalid email addresses may cause a crash or
   leak memory contents to attacker. For example, these memory contents
   might contain parts of an email from another user if the same imap
   process is reused for multiple users. First discovered by Aleksandar
   Nikolic of Cisco Talos. Independently also discovered by "flxflndy"
   via HackerOne.
 * CVE-2017-15132: Aborted SASL authentication leaks memory in login
   process.
(Only the first 15 lines of the commit message are shown above View all of this commit message)
Thu, 1 Feb 2018
[ 13:23 zeising ] Original commit   Revision:460590
Complete fix for CVE-2017-15132

Complete fix for CVE-2017-15132, the previous fix was not enough, and caused
the request to remain after an abort, causing a use-after-free later on.

PR:		225585
Submitted by:	Vladimir Krstulja
Approved by:	adamw (maintainer)
MFH:		2018Q1
Mon, 29 Jan 2018
[ 20:59 zeising ] Original commit   Revision:460336
Add patch and fix CVE-2017-15132

Add upstream patch to fix CVE-2017-15132, memory leak in the log in process
that can cause memory exhaustion.

PR:		225446
Submitted by:	Vladimir Krstulja
Approved by:	adamw (maintainer), swills (ports-secteam)
MFH:		2018Q1
Security:	92b8b284-a3a2-41b1-956c-f9cf8b74f500
Thu, 9 Nov 2017
[ 02:31 jbeich ] Original commit   Revision:453790 (Only the first 10 of 109 ports in this commit are shown above. View all ports for this commit)
devel/icu: update to 60.1

Changes:	http://site.icu-project.org/download/60
ABI:		https://abi-laboratory.pro/tracker/timeline/icu4c/
PR:		223373
Exp-run by:	antoine
Fri, 20 Oct 2017
[ 16:51 adamw ] Original commit   Revision:452542
Add back the LIBWRAP option, but default it to on

eugen noted that it's not uncommon for people to build WITHOUT_TCP_WRAPPERS,
and forcing the libwrap option gives them no recourse. So I'm adding back
the libwrap option, but defaulting it to on now---people who've compiled
WITHOUT_TCP_WRAPPERS will know how to build a custom dovecot.
[ 16:08 adamw ] Original commit   Revision:452539
Force kqueue and libwrap support, and install license files

I don't know any reason that the kqueue or libwrap options should be
disabled, so remove them from OPTIONS and enable their functionality
for everyone. Also, remove the :3 from USES=sqlite, because that
happens anyway.

Add the license files with LICENSE_FILE_*, rather than putting them
in DOCSDIR.

Sort plist.

PORTREVISION bump for above changes.
[ 15:00 ler ] Original commit   Revision:452533
mail/dovecot: update to 2.2.33.2.

One more patch release with some fixes:

- doveadm: Fix crash in proxying (or dsync replication) if remote is
  running older than v2.2.33
- auth: Fix memory leak in %{ldap_dn}
- dict-sql: Fix data types to work correctly with Cassandra

bump dovecot-pigeonhole PORTREVISION as well.
Wed, 11 Oct 2017
[ 17:15 ler ] Original commit   Revision:451765
mail/dovecot: upgrade to 2.2.33.1.

- dovecot-lda was logging to stderr instead of to the log file.
Tue, 10 Oct 2017
[ 15:45 adamw ] Original commit   Revision:451707
Update dovecot to 2.2.33, and bump pigeonhole.

* doveadm director commands wait for the changes to be visible in the
  whole ring before they return. This is especially useful in testing.
* Environments listed in import_environment setting are now set or
  preserved when executing standalone commands (e.g. doveadm)

+ doveadm proxy: Support proxying logs. Previously the logs were
  visible only in the backend's logs.
+ Added %{if}, see https://wiki2.dovecot.org/Variables#Conditionals
+ Added a new notify_status plugin, which can be used to update dict
  with current status of a mailbox when it changes. See
  https://wiki2.dovecot.org/Plugins/NotifyStatus
+ Mailbox list index can be disabled for a namespace by appending
  ":LISTINDEX=" to location setting.
(Only the first 15 lines of the commit message are shown above View all of this commit message)
Mon, 25 Sep 2017
[ 00:02 jbeich ] Original commit   Revision:450556 (Only the first 10 of 111 ports in this commit are shown above. View all ports for this commit)
devel/icu: update to 59.1

- Temporarily keep C++98 working in consumers for Clang's default -std=

Changes:	http://site.icu-project.org/download/59
PR:		218788
Submitted by:	takefu@airport.fm, dcarmich@dcarmichael.net (early version)
Exp-run by:	antoine
Thu, 24 Aug 2017
[ 16:49 adamw ] Original commit   Revision:448697
Update dovecot to 2.2.32, and bump pigeonhole.

* imapc: Info-level line is logged every time when successfully
  connected to the remote server. This includes local/remote IP/port,
  which can be useful for matching against external logs.
* config: Log a warning if plugin { key=no } is used explicitly.
  v2.3 will support "no" properly in plugin settings, but for now
  any value at all for a boolean plugin setting is treated as "yes",
  even if it's written as explicit "no". This change will now warn
  that it most likely won't work as intended.

+ Various optimizations to avoid accessing files/directories when it's
  not necessary. Especially avoid accessing mail root directories when
  INDEX directories point to a different filesystem.
+ mail_location can now include ITERINDEX parameter. This tells Dovecot
(Only the first 15 lines of the commit message are shown above View all of this commit message)
Tue, 15 Aug 2017
[ 01:49 adamw ] Original commit   Revision:447975
Apply upstream patches for indexing.

Reviewed by:	ler
Obtained from:	dovecot GH
Mon, 7 Aug 2017
[ 21:44 adamw ] Original commit   Revision:447519 (Only the first 10 of 12 ports in this commit are shown above. View all ports for this commit)
Rename dovecot2/dovecot2-pigeonhole to dovecot/dovecot-pigeonhole.

It might be necessary to manually remove and reinstall the package under
the new name.

Discussed with:	ler
Sat, 6 May 2017
[ 20:12 adamw ] Original commit   Revision:440287
Mark dovecot 1.x and the 1.x plugins deprecated, set to expire at the end of
July. The last dovecot 1.x release was 6 years ago, and 1.x has been deprecated
upstream for many years.
Mon, 8 Aug 2016
[ 13:46 mat ] Original commit   Revision:419843 (Only the first 10 of 80 ports in this commit are shown above. View all ports for this commit)
USE_BDB cleanup.

- USE_BDB=4x+ -> USES=bdb.
- USE_BDB=yes -> USES=bdb.
- USE_BDB=xx  -> USES=bdb:xx.

Other modernisations when I see them.

PR:		209183
Sponsored by:	Absolight
Mon, 25 Apr 2016
[ 16:13 mat ] Original commit   Revision:414014 (Only the first 10 of 84 ports in this commit are shown above. View all ports for this commit)
Remove USE_SQLITE from bsd.databases.mk, replaced by USES=sqlite.

While there replace USE_SQLITE=x by USES=sqlite:x.

PR:		208971
Submitted by:	mat
Exp-run by:	antoine
With hat:	portmgr
Sponsored by:	Absolight
Differential Revision:	https://reviews.freebsd.org/D5951
Fri, 1 Apr 2016
[ 14:16 mat ] Original commit   Revision:412348 (Only the first 10 of 2612 ports in this commit are shown above. View all ports for this commit)
Remove ${PORTSDIR}/ from dependencies, categories m, n, o, and p.

With hat:	portmgr
Sponsored by:	Absolight
Thu, 28 May 2015
[ 20:40 bdrewery ] Original commit   Revision:387773
Release maintainership
Sat, 25 Apr 2015
[ 00:52 amdmi3 ] Original commit   Revision:384696
- Add CPE info

Approved by:	portmgr blanket
Thu, 19 Mar 2015
[ 17:04 bdrewery ] Original commit   Revision:381622
Disable SSLv2 and SSLv3.

PR:		197027
Submitted by:	Kai Gallasch <k@free.de>
MFH:		2015Q1
Sat, 22 Nov 2014
[ 19:13 crees ] Original commit   Revision:373091 (Only the first 10 of 31 ports in this commit are shown above. View all ports for this commit)
Switch to USES=pgsql
Mon, 20 Oct 2014
[ 23:13 bdrewery ] Original commit   Revision:371306
- Fix linking to port openssl with WITH_OPENSSL_PORT

Reported by:	Derek Schrock
Thu, 24 Jul 2014
[ 18:34 tijl ] Original commit   Revision:362835 (Only the first 10 of 208 ports in this commit are shown above. View all ports for this commit)
net/openldap24-*:
- Convert to USES=libtool and bump dependent ports
- Avoid USE_AUTOTOOLS
- Don't use PTHREAD_LIBS
- Use MAKE_CMD

databases/glom:
- Drop :keepla
- Add INSTALL_TARGET=install-strip

databases/libgda4* databases/libgda5*:
- Convert to USES=libtool and bump dependent ports
- USES=tar:xz
- Use INSTALL_TARGET=install-strip
- Use @sample
(Only the first 15 lines of the commit message are shown above View all of this commit message)
Tue, 15 Jul 2014
[ 16:14 adamw ] Original commit   Revision:361961 (Only the first 10 of 44 ports in this commit are shown above. View all ports for this commit)
Add DOCS to OPTIONS_DEFINE to ports that check for PORT_OPTIONS:MDOCS.
Sat, 5 Jul 2014
[ 12:19 tijl ] Original commit   Revision:360738 (Only the first 10 of 59 ports in this commit are shown above. View all ports for this commit)
Bump more ports that depend on libsqlite3.so:
- ports that set USE_SQLITE with the *_USE option helper
- ports that depend on libsqlite3 indirectly as reported by pkg rquery

Approved by:	portmgr (implicit)
Mon, 30 Jun 2014
[ 17:33 bdrewery ] Original commit   Revision:359890
- Take maintainership
- Attempt to limit portscout to version 1.2
- Fix rc script for one* commands [1]

Not bumping PORTREVISION as the installed version doesn't change, should
not affect dependent ports.

PR:		177497 [1]
Submitted by:	nick@3wh.net [1]
Thu, 19 Jun 2014
[ 10:27 marino ] Original commit   Revision:358378
mail/dovecot: Reset maintainer after 7 consecutive timeouts

The last time the maintainer was heard from was July 2010.  How this
port didn't get reset after the first 3 timeouts, I'm not sure.
Sun, 18 May 2014
[ 17:05 ohauer ] Original commit   Revision:354439
- add stage support
- bump PORTREVISION
- add USES=libtool:keepla
- sort pkg-plist
- use USER/GROUP support from framework (remove pkg-install)

PR:		ports/188868
Submitted by:	ohauer
Approved by:	maintainer timeout (4 weeks)
Thu, 30 Jan 2014
[ 22:05 pawel ] Original commit   Revision:341892
Fix linking on FreeBSD 10 when GSSAPI=on

PR:		ports/184667
Submitted by:	Adam McDougall <mcdouga9@egr.msu.edu>
Approved by:	maintainer timeout
Thu, 9 Jan 2014
[ 15:51 mat ] Original commit   Revision:339260
Fix pkgname collisions.
Fri, 20 Sep 2013
[ 19:59 bapt ] Original commit   Revision:327742 (Only the first 10 of 748 ports in this commit are shown above. View all ports for this commit)
Add NO_STAGE all over the place in preparation for the staging support (cat:
mail)
Tue, 4 Jun 2013
[ 15:47 bapt ] Original commit   Revision:319871
Convert to new options framework
Sat, 27 Apr 2013
[ 11:59 mva ] Original commit   Revision:316662 (Only the first 10 of 219 ports in this commit are shown above. View all ports for this commit)
- Convert USE_ICONV=yes to USES=iconv
- Change USE_GNOME=pkgconfig|gnomehack to USES=pathfix|pkgconfig while here

Reviewed by:	zeising
Tue, 4 Sep 2012
[ 03:05 linimon ] Original commit   Revision:303634 (Only the first 10 of 12 ports in this commit are shown above. View all ports for this commit)
Mark as broken on ARM.

PR:		ports/170946
Submitted by:	linimon
Hat:		portmgr
Sun, 5 Aug 2012
[ 23:19 dougb ] Original commit  (Only the first 10 of 936 ports in this commit are shown above. View all ports for this commit)
Move the rc.d scripts of the form *.sh.in to *.in

Where necessary add $FreeBSD$ to the file

No PORTREVISION bump necessary because this is a no-op
Mon, 9 Jul 2012
[ 19:24 wxs ] Original commit 
Don't check WITH_FOO && !WITHOUT_FOO. [1]
Remove gssapi patch that is no longer needed. [2]

These both apply to mail/dovecot2 also. I will be working with the
maintainer there to get these committed.

PR:             ports/167824 [1]
                ports/
Submitted by:   Dmitry Afanasiev <KOT@MATPOCKuH.Ru> [1]
                Leon Messner <l.messner@physik.tu-berlin.de> [2]
Approved by:    maintainer timeout

Number of commits found: 220 (showing only 100 on this page)

1 | 2 | 3  »