similar to: Incorrect link on download page

<!doctype html> <html> <head> <meta charset="UTF-8"> </head> <body> <div> Hi, </div> <div> <br> </div> <div> as per our EOL statement 2.2.36 receives security and critical updates. That said, we decided to flush few annoying bugs with .1 release. </div> <div> <br>

for some reason Aki's posts are not making it to my GMail account from this list. Any idea why? On Tue, Feb 5, 2019 at 10:04 AM Eric Broch <ebroch at whitehorsetc.com> wrote: > Thank you! > On 2/5/2019 8:43 AM, Aki Tuomi wrote: > > Hi, > > as per our EOL statement 2.2.36 receives security and critical updates. > That said, we decided to flush few annoying bugs

https://dovecot.org/releases/2.2/dovecot-2.2.36.1.tar.gz https://dovecot.org/releases/2.2/dovecot-2.2.36.1.tar.gz.sig ??? * CVE-2019-3814: If imap/pop3/managesieve/submission client has ??? ? trusted certificate with missing username field ??? ? (ssl_cert_username_field), under some configurations Dovecot ??? ? mistakenly trusts the username provided via authentication instead ??? ? of failing.

https://dovecot.org/releases/2.2/dovecot-2.2.36.1.tar.gz https://dovecot.org/releases/2.2/dovecot-2.2.36.1.tar.gz.sig ??? * CVE-2019-3814: If imap/pop3/managesieve/submission client has ??? ? trusted certificate with missing username field ??? ? (ssl_cert_username_field), under some configurations Dovecot ??? ? mistakenly trusts the username provided via authentication instead ??? ? of failing.

https://dovecot.org/releases/2.3/dovecot-2.2.36.3.tar.gz https://dovecot.org/releases/2.3/dovecot-2.2.36.3.tar.gz.sig ??? * CVE-2019-7524: Missing input buffer size validation leads into ????? arbitrary buffer overflow when reading fts or pop3 uidl header ????? from Dovecot index. Exploiting this requires direct write access to ????? the index files. --- Aki Tuomi Open-Xchange oy

https://dovecot.org/releases/2.3/dovecot-2.2.36.3.tar.gz https://dovecot.org/releases/2.3/dovecot-2.2.36.3.tar.gz.sig ??? * CVE-2019-7524: Missing input buffer size validation leads into ????? arbitrary buffer overflow when reading fts or pop3 uidl header ????? from Dovecot index. Exploiting this requires direct write access to ????? the index files. --- Aki Tuomi Open-Xchange oy

On 21.2.2019 10.53, Hajo Locke via dovecot wrote: > Hello, > > Am 20.02.2019 um 10:39 schrieb Aki Tuomi via dovecot: >>> On 18 February 2019 09:28 Hajo Locke via dovecot >>> <dovecot at dovecot.org> wrote: >>> >>> >>> Hello, >>> ? ? it seems we need a dovecot developers opinion. May be we hit a >>> bug or cant help

Am 29.12.2017 um 15:08 schrieb Fabian A. Santiago: > December 28, 2017 6:38 PM, "Peter" <peter at pajamian.dhs.org> wrote: > >> On 29/12/17 10:00, Fabian A. Santiago wrote: >> >>> i've now completely uninstalled all traces of dovecot and reinstalled >>> from your repo and still the same issue persists with the same >>> errors.

Hello Aki, I'm currently stuck with 2.2.33.2 as 2.2.36 still duplicates mails after pop3 deletion on a two node dsync cluster. Therefore I've created a small patch and it seems only these two files are affected: dovecot-2.2.36.3/src/lib-storage/index/index-pop3-uidl.c dovecot-2.2.36.3/src/plugins/fts/fts-api.c Please correct me if I have missed something. Best regards Gerald

<!doctype html> <html> <head> <meta charset="UTF-8"> </head> <body> <div> <br> </div> <blockquote type="cite"> <div> On 15/03/2020 21:26 Peter < <a href="mailto:peter@pajamian.dhs.org">peter@pajamian.dhs.org</a>> wrote: </div> <div>

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Am Montag, den 01.04.2019, 19:36 +0300 schrieb Aki Tuomi: > > On 1 April 2019 19:29 Nico St?ckigt via dovecot <dovecot at dovecot.or > > g> wrote: > > > > ? > > Hi, > > > > are there any known issues with dovecot/director (2.2.13) when > > receiving e-an mail with multiple receivers? In the

Hi all; I've just compiled version 2.2.36.1 on a new debian buster (debian 10) and it seems that this patch https://github.com/dovecot/core/commit/ 63a74b9e8e0604486a15a879e7f1a27257322400.patch is needed to make it work. Without the patch, the authentication segfaults. *Simone Lazzaris* *Qcom S.p.A.* simone.lazzaris at qcom.it[1] | www.qcom.it[2] * LinkedIn[3]* | *Facebook*[4] [5]

> On 01/06/2020 18:02 Peter <peter at pajamian.dhs.org> wrote: > > > On 2/06/20 1:49 am, Aki Tuomi wrote: > >> we are still waiting for CentOS 8 Repo for current Dovecot version from > >> here https://repo.dovecot.org/. Do you have an idea when it will come? > >> Who does it maintain? Is it the Dovecot team? > >> > >> Thanks, >

On 11 April 2017 at 10:04, Timo Sirainen <tss at iki.fi> wrote: > On 11 Apr 2017, at 9.54, Timo Sirainen <tss at iki.fi> wrote: > > > > On 11 Apr 2017, at 0.39, Peter <peter at pajamian.dhs.org> wrote: > >> > >> It's failing tests on CentOS 6, it looks like it's expecting the IMAP > >> server to be running when it isn't,

> On 01/06/2020 16:40 Tobias Kirchhofer <collect at shift.agency> wrote: > > > Hi Peter, > > On 9 Apr 2020, at 12:53, Peter wrote: > > > I've now successfully built Dovecot packages for CentOS 8 that do not > > have the quota support stripped out. I was able to do this because > > CentOS has now finally shipped the quota-devel package as

> On 21/08/2020 08:48 Peter <peter at pajamian.dhs.org> wrote: > > > On 20/08/20 11:02 pm, Thomas Scheunemann wrote: > > Using the Repo http://repo.dovecot.org/ce-2.3-latest after upgrading from > > 2.3.10.1-3 to 2.3.11.3-3 we get numerous error messages like: > > > > dovecot: imap-login: Error: connect(tcpwrap) failed: No such file or directory >

On 13/08/20 7:48 am, Helmut K. C. Tessarek wrote: > On 2020-08-12 09:02, Aki Tuomi wrote: >> We are pleased to release pigeonhole 0.5.11. You can download it from >> locations below: >> >> https://pigeonhole.dovecot.org/releases/2.3/dovecot-2.3.11-pigeonhole-0.5.11.tar.gz >> https://pigeonhole.dovecot.org/releases/2.3/dovecot-2.3.11-pigeonhole-0.5.11.tar.gz.sig

December 28, 2017 2:52 PM, "Fabian A. Santiago" <fsantiago at garbage-juice.com> wrote: > December 28, 2017 1:21 PM, "Aki Tuomi" <aki.tuomi at dovecot.fi> wrote: > >>> On December 28, 2017 at 7:43 PM "Fabian A. Santiago" <fsantiago at garbage-juice.com> wrote: >>> >>> December 28, 2017 12:14 PM, "Aki

On 18/08/20 2:15 pm, Peter wrote: > I'm getting the same issue on a CentOS 6 i386 build: > > test-mech.c:371: Assert(#1) failed: strcmp(test_case->username,username) > ??????? "testuser" != NULL > test-mech.c:380: Assert(#1) failed: request->failed == FALSE > auth mech APOP 2/84 .................................................. : > FAILED > >

> On 18 February 2019 09:28 Hajo Locke via dovecot <dovecot at dovecot.org> wrote: > > > Hello, > > it seems we need a dovecot developers opinion. May be we hit a bug or cant help ourselves. > > > Core dump with backtrace would help, if possible to acquire. Please refer to https://dovecot.org/bugreport.html for information how to get a core dump. Aki