Number of commits found: 160 (showing only 100 on this page)

1 | 2  »  

Add mail/dovecot22 (v2.2.35) and mail/dovecot-pigeonhole04 (v0.4.23)

This brings back Dovecot 2.2.35 to the tree because there is an issue
with version 2.3.1 and replication in some scenarios [1].

Keep this version until this problem gets fixed upstream.

1 - https://www.dovecot.org/list/dovecot/2018-April/111477.html

Approved by:	adamw (maintainer of mail/dovecot)
Approved by:	ler   (maintainer of mail/dovecot-pigeonhole)

devel/icu: update to 61.1

Changes:	http://site.icu-project.org/download/61
ABI:		https://abi-laboratory.pro/tracker/timeline/icu4c/
PR:		227042
Exp-run by:	antoine
MFH:		2018Q2 (required by Firefox 61)

Update dovecot to 2.3.1, and dovecot-pigeonhole to 0.5.1

This is a very large update, and it WILL require manually
updating existing conf files, though the changes to do so
are not extensive. Updating instructions are here:

	https://wiki2.dovecot.org/Upgrading/2.3

Additionally there are various cleanups to the dovecot rc(8)
script, and support for a LUA scripting interface for dovecot.

The decision was made not to import the 2.3.0 or 2.3.0.1 releases
here, due to the number of existing bugs. ler and I have been
dogfooding it for months now, and all of the bugs I've encountered
are fixed in this 2.3.1 release.

This update is the result of many, many hours of collborative work
between ler and me, and the input of many people on the freebsd-ports
list.

Update dovecot to 2.2.35, and bump pigeonhole

    - charset_alias: compile fails with Solaris Studio, reported by
      John Woods.
    - Fix local name handling in v2.2.34 SNI code, bug found by cPanel.
    - imapc: Don't try to add mails to index if they already exist there.
    - imapc: If email is modified in istream_opened hook, mail size isn't
      updated.
    - lib-dcrypt: When reading encrypted data, more data would not be
      read if buffer was not consumed causing panic or hang.
    - notify: When notify plugin is used and transaction commit fails in
      dsync, crash occurs.
    - sdbox: When delivering to a mailbox that is over quota, temp files
      are not cleaned up when saving or copying fails.

Update dovecot to 2.2.34, and bump pigeonhole.

 * CVE-2017-15130: TLS SNI config lookups may lead to excessive
   memory usage, causing imap-login/pop3-login VSZ limit to be reached
   and the process restarted. This happens only if Dovecot config has
   local_name { } or local { } configuration blocks and attacker uses
   randomly generated SNI servernames.
 * CVE-2017-14461: Parsing invalid email addresses may cause a crash or
   leak memory contents to attacker. For example, these memory contents
   might contain parts of an email from another user if the same imap
   process is reused for multiple users. First discovered by Aleksandar
   Nikolic of Cisco Talos. Independently also discovered by "flxflndy"
   via HackerOne.
 * CVE-2017-15132: Aborted SASL authentication leaks memory in login
   process.

(Only the first 15 lines of the commit message are shown above )

Complete fix for CVE-2017-15132

Complete fix for CVE-2017-15132, the previous fix was not enough, and caused
the request to remain after an abort, causing a use-after-free later on.

PR:		225585
Submitted by:	Vladimir Krstulja
Approved by:	adamw (maintainer)
MFH:		2018Q1

Add patch and fix CVE-2017-15132

Add upstream patch to fix CVE-2017-15132, memory leak in the log in process
that can cause memory exhaustion.

PR:		225446
Submitted by:	Vladimir Krstulja
Approved by:	adamw (maintainer), swills (ports-secteam)
MFH:		2018Q1
Security:	92b8b284-a3a2-41b1-956c-f9cf8b74f500

devel/icu: update to 60.1

Changes:	http://site.icu-project.org/download/60
ABI:		https://abi-laboratory.pro/tracker/timeline/icu4c/
PR:		223373
Exp-run by:	antoine

Add back the LIBWRAP option, but default it to on

eugen noted that it's not uncommon for people to build WITHOUT_TCP_WRAPPERS,
and forcing the libwrap option gives them no recourse. So I'm adding back
the libwrap option, but defaulting it to on now---people who've compiled
WITHOUT_TCP_WRAPPERS will know how to build a custom dovecot.

Force kqueue and libwrap support, and install license files

I don't know any reason that the kqueue or libwrap options should be
disabled, so remove them from OPTIONS and enable their functionality
for everyone. Also, remove the :3 from USES=sqlite, because that
happens anyway.

Add the license files with LICENSE_FILE_*, rather than putting them
in DOCSDIR.

Sort plist.

PORTREVISION bump for above changes.

mail/dovecot: update to 2.2.33.2.

One more patch release with some fixes:

- doveadm: Fix crash in proxying (or dsync replication) if remote is
  running older than v2.2.33
- auth: Fix memory leak in %{ldap_dn}
- dict-sql: Fix data types to work correctly with Cassandra

bump dovecot-pigeonhole PORTREVISION as well.

mail/dovecot: upgrade to 2.2.33.1.

- dovecot-lda was logging to stderr instead of to the log file.

Update dovecot to 2.2.33, and bump pigeonhole.

* doveadm director commands wait for the changes to be visible in the
  whole ring before they return. This is especially useful in testing.
* Environments listed in import_environment setting are now set or
  preserved when executing standalone commands (e.g. doveadm)

+ doveadm proxy: Support proxying logs. Previously the logs were
  visible only in the backend's logs.
+ Added %{if}, see https://wiki2.dovecot.org/Variables#Conditionals
+ Added a new notify_status plugin, which can be used to update dict
  with current status of a mailbox when it changes. See
  https://wiki2.dovecot.org/Plugins/NotifyStatus
+ Mailbox list index can be disabled for a namespace by appending
  ":LISTINDEX=" to location setting.

(Only the first 15 lines of the commit message are shown above )

devel/icu: update to 59.1

- Temporarily keep C++98 working in consumers for Clang's default -std=

Changes:	http://site.icu-project.org/download/59
PR:		218788
Submitted by:	takefu@airport.fm, dcarmich@dcarmichael.net (early version)
Exp-run by:	antoine

Update dovecot to 2.2.32, and bump pigeonhole.

* imapc: Info-level line is logged every time when successfully
  connected to the remote server. This includes local/remote IP/port,
  which can be useful for matching against external logs.
* config: Log a warning if plugin { key=no } is used explicitly.
  v2.3 will support "no" properly in plugin settings, but for now
  any value at all for a boolean plugin setting is treated as "yes",
  even if it's written as explicit "no". This change will now warn
  that it most likely won't work as intended.

+ Various optimizations to avoid accessing files/directories when it's
  not necessary. Especially avoid accessing mail root directories when
  INDEX directories point to a different filesystem.
+ mail_location can now include ITERINDEX parameter. This tells Dovecot

(Only the first 15 lines of the commit message are shown above )

Apply upstream patches for indexing.

Reviewed by:	ler
Obtained from:	dovecot GH

Rename dovecot2/dovecot2-pigeonhole to dovecot/dovecot-pigeonhole.

It might be necessary to manually remove and reinstall the package under
the new name.

Discussed with:	ler

Mark dovecot 1.x and the 1.x plugins deprecated, set to expire at the end of
July. The last dovecot 1.x release was 6 years ago, and 1.x has been deprecated
upstream for many years.

USE_BDB cleanup.

- USE_BDB=4x+ -> USES=bdb.
- USE_BDB=yes -> USES=bdb.
- USE_BDB=xx  -> USES=bdb:xx.

Other modernisations when I see them.

PR:		209183
Sponsored by:	Absolight

Remove USE_SQLITE from bsd.databases.mk, replaced by USES=sqlite.

While there replace USE_SQLITE=x by USES=sqlite:x.

PR:		208971
Submitted by:	mat
Exp-run by:	antoine
With hat:	portmgr
Sponsored by:	Absolight
Differential Revision:	https://reviews.freebsd.org/D5951

Remove ${PORTSDIR}/ from dependencies, categories m, n, o, and p.

With hat:	portmgr
Sponsored by:	Absolight

Release maintainership

- Add CPE info

Approved by:	portmgr blanket

Disable SSLv2 and SSLv3.

PR:		197027
Submitted by:	Kai Gallasch <k@free.de>
MFH:		2015Q1

Switch to USES=pgsql

- Fix linking to port openssl with WITH_OPENSSL_PORT

Reported by:	Derek Schrock

net/openldap24-*:
- Convert to USES=libtool and bump dependent ports
- Avoid USE_AUTOTOOLS
- Don't use PTHREAD_LIBS
- Use MAKE_CMD

databases/glom:
- Drop :keepla
- Add INSTALL_TARGET=install-strip

databases/libgda4* databases/libgda5*:
- Convert to USES=libtool and bump dependent ports
- USES=tar:xz
- Use INSTALL_TARGET=install-strip
- Use @sample

(Only the first 15 lines of the commit message are shown above )

Add DOCS to OPTIONS_DEFINE to ports that check for PORT_OPTIONS:MDOCS.

Bump more ports that depend on libsqlite3.so:
- ports that set USE_SQLITE with the *_USE option helper
- ports that depend on libsqlite3 indirectly as reported by pkg rquery

Approved by:	portmgr (implicit)

- Take maintainership
- Attempt to limit portscout to version 1.2
- Fix rc script for one* commands [1]

Not bumping PORTREVISION as the installed version doesn't change, should
not affect dependent ports.

PR:		177497 [1]
Submitted by:	nick@3wh.net [1]

mail/dovecot: Reset maintainer after 7 consecutive timeouts

The last time the maintainer was heard from was July 2010.  How this
port didn't get reset after the first 3 timeouts, I'm not sure.

- add stage support
- bump PORTREVISION
- add USES=libtool:keepla
- sort pkg-plist
- use USER/GROUP support from framework (remove pkg-install)

PR:		ports/188868
Submitted by:	ohauer
Approved by:	maintainer timeout (4 weeks)

Fix linking on FreeBSD 10 when GSSAPI=on

PR:		ports/184667
Submitted by:	Adam McDougall <mcdouga9@egr.msu.edu>
Approved by:	maintainer timeout

Fix pkgname collisions.

Add NO_STAGE all over the place in preparation for the staging support (cat:
mail)

Convert to new options framework

- Convert USE_ICONV=yes to USES=iconv
- Change USE_GNOME=pkgconfig|gnomehack to USES=pathfix|pkgconfig while here

Reviewed by:	zeising

Mark as broken on ARM.

PR:		ports/170946
Submitted by:	linimon
Hat:		portmgr

Move the rc.d scripts of the form *.sh.in to *.in

Where necessary add $FreeBSD$ to the file

No PORTREVISION bump necessary because this is a no-op

Don't check WITH_FOO && !WITHOUT_FOO. [1]
Remove gssapi patch that is no longer needed. [2]

These both apply to mail/dovecot2 also. I will be working with the
maintainer there to get these committed.

PR:             ports/167824 [1]
                ports/
Submitted by:   Dmitry Afanasiev <KOT@MATPOCKuH.Ru> [1]
                Leon Messner <l.messner@physik.tu-berlin.de> [2]
Approved by:    maintainer timeout

- Add LDFLAGS to CONFIGURE_ENV and MAKE_ENV (as it was done with LDFLAGS)
- Fix all ports that add {CPP,LD}FLAGS to *_ENV to modify flags instead

PR:             157936
Submitted by:   myself
Exp-runs by:    pav
Approved by:    pav

- Adjust the comment noting the need to bump various ports anytime this one is
  bumped.

- Update to 1.2.17.

PR:             ports/158271
Submitted by:   wxs@
Approved by:    maintainer timeout

- Update to 1.2.16 [1]
- Add CONFLICTS with mail/dovecot2

PR:             ports/152914 [1]
Submitted by:   Alexander Milanov <a@amilanov.com>
Approved by:    maintainer timeout

- Update rc.d script: add "reload" command
- Bump PORTREVISION

PR:             ports/151457
Submitted by:   Alexander Milanov <a@amilanov.com>
Approved by:    maintainer (timeout 16 days), pgollucci (mentor, implicit)

- Update to 1.2.14

PR:             ports/150354
Submitted by:   Denny Lin <dennylin93@hs.ntnu.edu.tw>
Approved by:    maintainer timeout (14 days)

- Use pre-su-install instead of pre-install target [1]
- Update to 1.2.12 [2]

PR:             ports/147988 [1], ports/147996 [2]
Submitted by:   glewis@ [1], Denny Lin <dennylin93@hs.ntnu.edu.tw> [2]
Approved by:    Yarema <yds@CoolRat.org> (maintainer)
                wxs@/itetcu@ (mentors, implicit)
Feature safe:   yes

- Update to 1.2.11 [1]
- Remove IPV6 from OPTIONS [2]

PR:             ports/144897 [1], ports/145488 [2]
Submitted by:   Denny Lin <dennylin93@cnmc32.hs.ntnu.edu.tw> [1]
Submitted by:   Jeremy Chadwick <freebsd@jdc.parodius.com> [2]
Approved by:    maintainer timeout (> 2 weeks)
Approved by:    wxs@ (mentor)

- Update to 1.2.10
- Remove LDA option

PR:             ports/141727
Submitted by:   Mike Jakubik <mike.jakubik@intertainservices.com>
                Yarema <yds@CoolRat.org> (maintainer)

- Update to 1.2.8

PR:             ports/139386
Submitted by:   Sahil Tandon <sahil@tandon.net>
Approved by:    Yarema <yds@CoolRat.org> (maintainer)

- Fix a bug where GSSAPI authentication was always failing. [1]
- Flip MANAGESIEVE option to on (this makes the mail/managesieve package
  useful). [2]

PR:             [1]: ports/138300
                [2]: ports@ list
Submitted by:   John Marshall <john.marshall@riverwillow.com.au>
Approved by:    Yarema <yds@CoolRat.org> (maintainer)

- Correct a typo.

- Update to 1.2.4
- Add a note about changes to this port affecting mail/dovecot-sieve and
  mail/dovecot-managesieve

PR:             ports/137901
Submitted by:   Yasuhiro KIMURA <yasu@utahime.org>
Approved by:    Yarema <yds@CoolRat.org> (maintainer)

- Add another MASTER_SITE
- Remove BROKEN with managesieve option (no need to bump PORTREVISION
  as this option is off by default).

PR:             ports/137937
Submitted by:   Yarema <yds@CoolRat.org> (maintainer)

- Mark as broken if manage sieve option is selected.
  The mail/dovecot-managesieve port needs to be updated to work with the
  new version of dovecot.

Submitted by:   Jesco Freund <jesco freund at googlemail.com> (private mail)

- Update to 1.2.3

PR:             ports/137261
Submitted by:   Yasuhiro KIMURA <yasu@utahime.org>
Approved by:    maintainer timeout

- Add a comment about the relationship between this port and
  mail/dovecot-antispam. If dovecot is upgraded and dovecot-antispam is not
  rebuilt then dovecot-antispam fails.

PR:             ports/135311
Submitted by:   Harlan Stenn <harlan@everett.org>

- Update to 1.1.16

PR:             ports/135194
Submitted by:   Yarema <yds@CoolRat.org> (maintainer)

- Update to 1.1.15

PR:             134852
Submitted by:   Yarema <yds@CoolRat.org> (Maintainer)

- Update to 1.1.14

PR:             ports/133199
Submitted by:   Darren Pilgrim <ports.maintainer@evilphi.com>
Approved by:    maintainer timeout

- Update to 1.1.11

Approved by:    Yarema <yds@coolrat.org> (maintainer)

- Update to 1.1.10

Submitted by:   Yarema <yds@coolrat.org> (maintainer)

- Update to 1.1.8 [1]
- Fix rc.d [2]

PR:             ports/130359 [1]
PR:             ports/130598 [2]
Submitted by:   Marcin Rzepecki <m.rzepecki@iem.pw.edu.pl> [1]
Submitted by:   Craig Leres <leres@ee.lbl.gov> [2]
Approved by:    Yarema <yds@CoolRat.org> (maintainer)

- Patch to facilitate multi-instance configurations

PR:             ports/129274
Submitted by:   Darren Pilgrim <phi@evilphi.com>
Approved by:    Yarema <yds@coolrat.org> (maintainer)

Version update to dovecot-1.1.7 and dovecot-1.1.7-managesieve-0.10.4

'statedir' set to /var/db/dovecot instead of defaulting to /var/lib/dovecot
Users should manually rm -rf /var/lib/dovecot

Removed stale code from files/pkg-deinstall.in and files/pkg-install.in

Reworked files/dovecot.sh.in to accept dovecot_config and handle creating
and tearing down runtime directories upon startup and shutdown.

Rediffed files/patch-dovecot-example.conf to clean up line offsets.

PR:             ports/129230
Submitted by:   Yarema <yds@CoolRat.org> (maintainer)

Removal of carriage returns (0x0D) from numerous files.  QAT caught
this, as did our user community.

Reported by:    QAT, andrew clarke <mail@ozzmosis.com>

Update to 1.1.6.

PR:             ports/128469
Submitted by:   maintainer (see reply to the PR)

- Fix user permissions on startup.

If a user defines login_user to be something other than 'dovecot' then
dovecot will throw a warning upon startup.  The new code extracts what
login_user is defined as and sets the directory permissions
accordingly. If login_user is undefined in the config then it behaves
the same as before.

Submitted by:   Yarema <yds@coolrat.org> (maintainer)
Approved by:    portmgr (linimon)

- Update to 1.1.3
- Add support for Berkeley DB used by the expire plugin.
- Install more DOCS.
- Move the SCRIPT_ENV substitutions to SUB_FILES
  otherwise DOVECOT_[UG]ID settings do not propagate to the binary package.
- Change from .if defined(WITHOUT_*)to .if defined(WITH_*) &&
!defined(WITHOUT_*)
- Make the PROTOCOLS substitution include all the protocols which are built
  into the example config file.
- Clean up patch-dovecot-example.conf and perform some post-patch processing
  to reflect more closely how this port actually installs. This is necessary
  because of the optional ManageSieve patch.
- Modify files/dovecot.sh.in to ensure runtime directories exist with correct
  permissions.
- Rework the install so all the example config files get installed into
  EXAMPLESDIR as per hier(7) independent of the NOPORTDOCS tunable. Install
  the relevant config files into etc/ if no prior version exists.
- Ensure that 'make install' and pkg_add(1) produce identical installs and
  that everything is accounted for in the PLIST.

PR:             ports/127200
Submitted by:   Yarema <yds@CoolRat.org> (maintainer)

Update CONFIGURE_ARGS for how we pass CONFIGURE_TARGET to configure script.
Specifically, newer autoconf (> 2.13) has different semantic of the
configure target. In short, one should use --build=CONFIGURE_TARGET
instead of CONFIGURE_TARGET directly. Otherwise, you will get a warning
and the old semantic may be removed in later autoconf releases.

To workaround this issue, many ports hack the CONFIGURE_TARGET variable
so that it contains the ``--build='' prefix.

To solve this issue, under the fact that some ports still have
configure script generated by the old autoconf, we use runtime detection
in the do-configure target so that the proper argument can be used.

Changes to Mk/*:
 - Add runtime detection magic in bsd.port.mk

(Only the first 15 lines of the commit message are shown above )

- Pass maintainership

PR:             ports/126108
Submitted by:   Robin Breathe <robin@isometry.net> (maintainer)

- Add the missing ManageSieve support required to make the new
  mail/dovecot-managesieve port functional.

PR:             ports/126054
Submitted by:   Yarema <yds@CoolRat.org>
Approved by:    Robin Breathe <robin@isometry.net> (maintainer)

- Update to 1.1.2

PR:             ports/125938
Submitted by:   KIMURA Yasuhiro <yasu@utahime.org>
Approved by:    Robin Breathe <robin@isometry.net> (maintainer)

- Update to 1.1.1

PR:             124856
Submitted by:   Robin Breathe <robin@isometry.net> (maintainer)

Update to 1.0.14

PR:             ports/124482
Submitted by:   KIMURA Yasuhiro <yasu@utahime.org>
Reviewed by:    Robin Breathe <robin@isometry.net> (maintainer)

Mark as conflict with future dovecot versions.

Approved by:    maintainer

- Remove ntpdate from rc.d REQUIRE
- Bump PORTREVISION

Discussed with: simon, koitsu
Approved by:    Robin Breathe <robin@isometry.net> (maintainer)

- Fix login shell for dovecot user
- Bump PORTREVISION

PR:             ports/122595
Reported by:    Bogdan &#262;ulibrk <bc at default.co.yu>
Submitted by:   Robin Breathe <robin at isometry.net> (maintainer)

- Update mail/dovecot to dovecot-1.0.13, fixing a serious security issue.
- Changelog: http://dovecot.org/list/dovecot-news/2008-March/000065.html

PR:             ports/121548
Submitted by:   Robin Breathe <robin@isometry.net> (maintainer)
Security:      
http://www.vuxml.org/freebsd/b39bdc06-ee42-11dc-8678-00a0cce0781e.html

- Update to 1.0.12
- Fixes a common insecure mail_extra_groups setting usage, this will require a
  manual change to the active configuration file, please refer to ports/UPDATING

PR:             121411
Submitted by:   Robin Breathe <robin@isometry.net> (maintainer)

Update to 1.0.10.

Security:       cf484358-b5d6-11dc-8de0-001c2514716c
PR:             ports/119133
Approved by:    maintainer

Update to 1.0.9.

PR:             ports/118561
Submitted by:   delphij
Approved by:    maintainer

Update to 1.0.8.

PR:             ports/118319
Submitted by:   delphij
Approved by:    maintainer

Update to 1.0.7.

PR:             ports/117645
Approved by:    maintainer

Update to 1.0.6.

PR:             ports/117583
Approved by:    maintainer

Remove support for OSVERSION < 5

Update to 1.0.5, this is a bugfix release.

PR:             ports/116234
Approved by:    maintainer

Update to 1.0.3.

PR:             ports/115120
Approved by:    maintainer

Upgrade to 1.0.2.

PR:             ports/114651
Submitted by:   delphij
Approved by:    maintainer

Update to 1.0.1 (bugfix)

PR:             ports/113804
Submitted by:   Robin Breathe <robin@isometry.net> (maintainer)
Changelog:      http://www.dovecot.org/list/dovecot-news/2007-June/000045.html
Approved by:    sat (mentor)

Update to 1.0.0.

PR:             111535
Approved by:    maintainer

Update to 1.0.r29

PR:             111086
Submitted by:   Robin Breathe <robin@isometry.net> (maintainer)

- Set NOPORTDOCS

PR:             110942
Submitted by:   Sunpoet Po-Chuan Hsieh <sunpoet@sunpoet.net>
Approved by:    maintainer

- Update to 1.0.r28

PR:             ports/110760
Submitted by:   Robin Breathe <robin@isometry.net> (maintainer)

- Update to latest release, dovecot-1.0.rc27.

PR:             ports/110305
Submitted by:   maintainer (Robin Breathe)

- Update to 1.0.r26

PR:             110103
Submitted by:   Robin Breathe <robin@isometry.net> (Maintainer)

Update to 1.0 rc 25.

PR:             109750
Approved by:    maintainer

- Update to latest release, dovecot-1.0.rc24.
- Release : http://www.dovecot.org/list/dovecot-news/2007-February/000033.html

PR:             ports/109529
Submitted by:   maintainer (Robin Breathe)

Updating to 1.0.r23.

PR:             ports/109414
Submitted by:   Robin Breathe <robin@isometry.net> (maintainer)
Approved by:    edwin (mentor)

- Update to 1.0.rc22

PR:              108943
Submitted by:    Robin Breathe <robin@isometry.net> (maintainer)

Number of commits found: 160 (showing only 100 on this page)

1 | 2  »  

13 vulnerabilities affecting 122 ports have been reported in the past 14 days

^* - modified, not new

All vulnerabilities

Last updated:
2018-04-23 20:20:00