Linux repositories inspector

dovecot23-backend-mysql - MySQL support for Dovecot

Dovecot is an IMAP and POP3 server for Linux and UNIX-like systems, written primarily with security in mind. Although it is written in C, it uses several coding techniques to avoid most of the common pitfalls.
Dovecot can work with standard mbox and maildir formats and is fully compatible with UW-IMAP and Courier IMAP servers as well as mail clients accessing the mailboxes directly.

This package holds the files needed for MySQL support.
2.3.7.2
OpenSUSE iconOpenSUSE Tumbleweed
2.3.3
OpenSUSE iconOpenSUSE Leap 15.0
OpenSUSE iconOpenSUSE Leap 15.1
2.3.1
OpenSUSE iconOpenSUSE Leap 15.0
DistributionVersionSincePackageInstalledPackager
OpenSUSE iconOpenSUSE Leap 15.0 ossrpm2.3.1-lp150.2.1Jan 1724.2 kiB22.5 kiBhttps://bugs.opensuse.org
OpenSUSE iconOpenSUSE Leap 15.0 update/ossrpm2.3.3-lp150.8.2Jun 1733.8 kiB22.5 kiBhttp://bugs.opensuse.org
OpenSUSE iconOpenSUSE Leap 15.0 update/ossrpm2.3.3-lp150.3.3.1Feb 2633.5 kiB22.5 kiBhttp://bugs.opensuse.org
OpenSUSE iconOpenSUSE Leap 15.0 update/ossrpm2.3.3-lp150.14.1Oct 0835 kiB22.5 kiBhttp://bugs.opensuse.org
OpenSUSE iconOpenSUSE Leap 15.0 update/ossrpm2.3.3-lp150.11.1Jun 1734 kiB22.5 kiBhttp://bugs.opensuse.org
OpenSUSE iconOpenSUSE Leap 15.1 ossrpm2.3.3-lp151.1.3Jan 2332.4 kiB22.5 kiBhttps://bugs.opensuse.org
OpenSUSE iconOpenSUSE Leap 15.1 update/ossrpm2.3.3-lp151.2.6.1Oct 0833.9 kiB22.5 kiBhttp://bugs.opensuse.org
OpenSUSE iconOpenSUSE Leap 15.1 update/ossrpm2.3.3-lp151.2.3.1Jul 0533.3 kiB22.5 kiBhttp://bugs.opensuse.org
OpenSUSE iconOpenSUSE Tumbleweed ossrpm2.3.7.2-1.3Sep 1246.7 kiB26.6 kiBhttps://bugs.opensuse.org

Latest updates

OpenSUSE Leap 15.1 icon

OpenSUSE Leap 15.1 update/oss: Updated from 2.3.3-lp151.2.3.1 to 2.3.3-lp151.2.6.1

Oct 08
  • bsc#1133625 - (CVE-2019-11499) VUL-0: CVE-2019-11499: dovecot23: Submission-login crashes over TLS authentication
  • bsc#1133624 VUL-0: CVE-2019-11494: dovecot23: Submission-login crashes over aborted/disconected authentication
    applyed upstream patches: dovecot-CVE-2019-11499-fix-pending-starttls.patch dovecot-CVE-2019-11494-fix-disconnects.patch dovecot-CVE-2019-11494-fix-error-handling.patch
OpenSUSE Leap 15.0 icon

OpenSUSE Leap 15.0 update/oss: Updated from 2.3.3-lp150.11.1 to 2.3.3-lp150.14.1

Oct 08
  • bsc#1133625 - (CVE-2019-11499) VUL-0: CVE-2019-11499: dovecot23: Submission-login crashes over TLS authentication
  • bsc#1133624 VUL-0: CVE-2019-11494: dovecot23: Submission-login crashes over aborted/disconected authentication
    applyed upstream patches: dovecot-CVE-2019-11499-fix-pending-starttls.patch dovecot-CVE-2019-11494-fix-disconnects.patch dovecot-CVE-2019-11494-fix-error-handling.patch
OpenSUSE Tumbleweed icon

OpenSUSE Tumbleweed oss: Updated from 2.3.7.2-1.1 to 2.3.7.2-1.3

Sep 12
  • update to 2.3.7.2
    • CVE-2019-11500: IMAP protocol parser does not properly handle NUL byte when scanning data in quoted strings, leading to out of bounds heap memory writes. Found by Nick Roessler and Rafi Rubin. (boo#1145559)
  • update pigeonhole to 0.5.7.2
    • CVE-2019-11500: ManageSieve protocol parser does not properly handle NUL byte when scanning data in quoted strings, leading to out of bounds heap memory writes. Found by Nick Roessler and Rafi Rubin. (boo#1145559)
  • refreshed patches to apply cleanly again:
    dovecot-2.3.0-better_ssl_defaults.patch
    dovecot-2.3.0-dont_use_etc_ssl_certs.patch
OpenSUSE Tumbleweed icon

OpenSUSE Tumbleweed oss: Updated from 2.3.7.1-1.2 to 2.3.7.2-1.1

Sep 04
  • update to 2.3.7.2
    • CVE-2019-11500: IMAP protocol parser does not properly handle NUL byte when scanning data in quoted strings, leading to out of bounds heap memory writes. Found by Nick Roessler and Rafi Rubin. (boo#1145559)
  • update pigeonhole to 0.5.7.2
    • CVE-2019-11500: ManageSieve protocol parser does not properly handle NUL byte when scanning data in quoted strings, leading to out of bounds heap memory writes. Found by Nick Roessler and Rafi Rubin. (boo#1145559)
  • refreshed patches to apply cleanly again:
    dovecot-2.3.0-better_ssl_defaults.patch
    dovecot-2.3.0-dont_use_etc_ssl_certs.patch
OpenSUSE Tumbleweed icon

OpenSUSE Tumbleweed oss: Updated from 2.3.6-1.1 to 2.3.7.1-1.2

Jul 28
  • update to 2.3.7.1 and pigeonhole to 0.5.7.1
    Dovecot 2.3.7.1
    • Fix TCP_NODELAY errors being logged on non-Linux OSes
    • lmtp proxy: Fix assert-crash when client uses BODY=8BITMIME
    • Remove wrongly added checks in namespace prefix checking
    Pigeonhole 0.5.7.1
    • dsync: Sieve script syncing failed if mailbox attributes weren't enabled.
    Dovecot 2.3.7
    • fts-solr: Removed break-imap-search parameter
      • Added more events for the new statistics, see
      https://doc.dovecot.org/admin_manual/list_of_events/
      • mail-lua: Add IMAP metadata accessors, see
      https://doc.dovecot.org/admin_manual/lua/
      • Add event exporters that allow exporting raw events to log files and
      external systems, see
      https://doc.dovecot.org/configuration_manual/event_export/
      • SNIPPET is now PREVIEW and size has been increased to 200 characters.
      • Add body option to fts_enforced. This triggers building FTS index only
      on body search, and an error using FTS index fails the search rather than reads through all the mails.
    • Submission/LMTP: Fixed crash when domain argument is invalid in a second EHLO/LHLO command.
    • Copying/moving mails using Maildir format loses IMAP keywords in the destination if the mail also has no system flags.
    • mail_attachment_detection_options=add-flags-on-save caused email body to be unnecessarily opened when FETCHing mail headers that were already cached.
    • mail attachment detection keywords not saved with maildir.
    • dovecot.index.cache may have grown excessively large in some situations. This happened especially when using autoexpunging with lazy_expunge folders. Also with mdbox format in general the cache file wasn't recreated as often as it should have.
    • Autoexpunged mails weren't immediately deleted from the disk. Instead, the deletion from disk happened the next time the folder was opened. This could have caused unnecessary delays if the opening was done by an interactive IMAP session.
    • Dovecot's TCP connections sometimes add extra 40ms latency due to not enabling TCP_NODELAY. HTTP and SMTP/LMTP connections weren't affected, but everything else was. This delay wasn't always visible - only in some situations with some message/packet sizes.
    • imapc: Fix various crash conditions
    • Dovecot builds were not always reproducible.
    • login-proxy: With shutdown_clients=no after config reload the existing connections could no longer be listed or kicked with doveadm.
    • "doveadm proxy kick" with -f parameter caused a crash in some situations.
    • Auth policy can cause segmentation fault crash during auth process shutdown if all auth requests have not been finished.
    • Fix various minor bugs leading into incorrect behaviour in mailbox list index handling. These rarely caused noticeable problems.
    • LDAP auth: Iteration accesses freed memory, possibly crashing auth-worker
    • local_name { .. } filter in dovecot.conf does not correctly support multiple names and wildcards were matched incorrectly.
    • replicator: dsync assert-crashes if it can't connect to remote TCP server.
    • config: Memory leak in config process when ssl_dh setting wasn't set and there was no ssl-parameters.dat file.
      This caused config process to die once in a while
      with "out of memory".
OpenSUSE Leap 15.1 icon

OpenSUSE Leap 15.1 update/oss: Version 2.3.3-lp151.2.3.1 introduced

Jul 05
  • bsc#1134242 - upgrade from 42.3 to 15.1: dovecot shows Unknown protocol 'SSLv2'
    • remove !SSLv2 from existing ssl_protocols configuration during upgrade
OpenSUSE Tumbleweed icon

OpenSUSE Tumbleweed oss: Updated from 2.3.4.1-1.1 to 2.3.6-1.1

Jun 17
  • update pigeonhole to 0.5.6
    • sieve: Redirect loop prevention is sometimes ineffective. Improve existing loop detection by also recognizing the X-Sieve-Redirected-From header in incoming messages and dropping redirect actions when it points to the sending account. This header is already added by the redirect action, so this improvement only adds an additional use of this header.
    • sieve: Prevent execution of implicit keep upon temporary failure occurring at runtime.
OpenSUSE Leap 15.0 icon

OpenSUSE Leap 15.0 update/oss: Updated from 2.3.3-lp150.3.3.1 to 2.3.3-lp150.11.1

Jun 17
  • bsc#1132501 VUL-0: EMBARGOED: CVE-2019-10691: dovecot23,dovecot: Escape invalid UTF-8 as unicode bytes
    applyed upstream patches: 0001-lib-json-Escape-invalid-UTF-8-as-unicode-bytes.patch
OpenSUSE Leap 15.0 icon

OpenSUSE Leap 15.0 update/oss: Version 2.3.3-lp150.3.3.1 reintroduced

Mar 23
  • bsc#1123022 (CVE-2019-3814) Vulnerability in Dovecot related to SSL client certificate authentication
    applyed upstream patches:

    0001-auth-Do-not-import-empty-certificate-username.patch
    0002-auth-Fail-authentication-if-certificate-username-was.patch
    0003-login-common-Ensure-we-get-username-from-certificate.patch

OpenSUSE Leap 15.0 icon

OpenSUSE Leap 15.0 update/oss: Version 2.3.3-lp150.3.3.1 removed

Mar 22
OpenSUSE Leap 15.0 icon

OpenSUSE Leap 15.0 update/oss: Version 2.3.3-lp150.3.3.1 introduced

Feb 26
  • bsc#1123022 (CVE-2019-3814) Vulnerability in Dovecot related to SSL client certificate authentication
    applyed upstream patches:

    0001-auth-Do-not-import-empty-certificate-username.patch
    0002-auth-Fail-authentication-if-certificate-username-was.patch
    0003-login-common-Ensure-we-get-username-from-certificate.patch

OpenSUSE Tumbleweed icon

OpenSUSE Tumbleweed oss: Updated from 2.3.4-3.2 to 2.3.4.1-1.1

Feb 12
  • update to 2.3.4.1 (boo#1123022)
    • CVE-2019-3814: If imap/pop3/managesieve/submission client has trusted certificate with missing username field
      (ssl_cert_username_field), under some configurations Dovecot mistakenly trusts the username provided via authentication instead of failing.
    • ssl_cert_username_field setting was ignored with external SMTP AUTH, because none of the MTAs (Postfix, Exim) currently send the cert_username field. This may have allowed users with trusted certificate to specify any username in the authentication. This bug didn't affect Dovecot's Submission service.
OpenSUSE Tumbleweed icon

OpenSUSE Tumbleweed oss: Updated from 2.3.4-3.1 to 2.3.4-3.2

Feb 03
  • add buildrequires zlib-devel which used to be pulled in by other buildrequires, but no longer is
OpenSUSE Tumbleweed icon

OpenSUSE Tumbleweed oss: Updated from 2.3.4-2.1 to 2.3.4-3.1

Jan 26
  • add buildrequires zlib-devel which used to be pulled in by other buildrequires, but no longer is
OpenSUSE Leap 15.1 icon

OpenSUSE Leap 15.1 oss: Version 2.3.3-lp151.1.3 introduced

Jan 23
  • update pigeonhole to 0.5.3
    • Fix assertion panic occurring when managesieve service fails to open INBOX while saving a Sieve script. This was caused by a lack of cleanup after failure.
    • Fix specific messages causing an assert panic with actions that compose a reply (e.g. vacation). With some rather weird input from the original message, the header folding algorithm (as used for composing the References header for the reply) got confused, causing the panic.
    • IMAP FILTER=SIEVE capability: Fix FILTER SIEVE SCRIPT command parsing. After finishing reading the Sieve script, the command parsing sometimes didn't continue with the search arguments. This is a time- critical bug that likely only occurs when the Sieve script is sent in the next TCP frame.
OpenSUSE Leap 15.0 icon

OpenSUSE Leap 15.0 oss: Version 2.3.1-lp150.2.1 introduced

Jan 17
  • bnc#1088911 - dovecot23 can not build ond s390
    add: 35497604d80090a02619024aeec069b32568e4b4.diff
    add: 5522b8b3d3ed1a99c3b63bb120216af0bd427403.diff
OpenSUSE Tumbleweed icon

OpenSUSE Tumbleweed oss: Version 2.3.4-2.1 introduced

Jan 17
  • added 3c5101ffdd2a8115e03ed7180d53578765dea4c9.patch:
    fix crash with mysql/mariadb

Related packages

dovecot23 - IMAP and POP3 Server Written Primarily with Security in Mind
dovecot23-backend-mysql-debuginfo - Debug information for package dovecot23-backend-mysql
⇧ Top