Recommended update for dovecot22

Announcement ID: SUSE-RU-2017:1902-1
Rating: moderate
References:
Affected Products:
  • SUSE Linux Enterprise Desktop 12 SP2
  • SUSE Linux Enterprise High Performance Computing 12 SP2
  • SUSE Linux Enterprise Server 12 SP2
  • SUSE Linux Enterprise Server for SAP Applications 12 SP2
  • SUSE Linux Enterprise Server for the Raspberry Pi 12-SP2
  • SUSE Linux Enterprise Software Development Kit 12 12-SP2

An update that has one fix can now be installed.

Description:

This update provides Dovecot version 2.2.31, which brings many fixes and enhancements:

  • Do not generate dhparams smaller than 2048 in FIPS mode. (bsc#1045662)
  • Removed "(Dovecot)" from added Received headers. Some installations want to hide it, and there's not really any good reason for anyone to have it.
  • Add ssl_alt_cert and ssl_alt_key settings to add support for having both RSA and ECDSA certificates.
  • Strip trailing whitespace from headers when matching mails in dsync/imapc and pop3-migration plugin.
  • Add acl_globals_only setting to disable looking up per-mailbox dovecot-acl files.
  • Parse invalid message addresses better. This mainly affects the generated IMAP ENVELOPE replies.
  • Fix potential corruption of dovecot.index.cache that could lead to deleting wrong mail's cache.
  • Fix crash in mail-crypt-acl plugin.
  • Fix welcome plugin.
  • Various fixes to handling mailbox listing. Especially related to handling non-existent autocreated or autosubscribed mailboxes and ACLs.
  • Global ACL file was parsed as if it was local ACL file.
  • Only the first forward_* field was working, and only if the first passdb lookup succeeded.
  • Using mail_sort_max_read_count sometimes caused "Broken sort-* indexes, resetting" errors.
  • Using mail_sort_max_read_count may have caused very high CPU usage.
  • Message address parsing could have crashed on invalid input.
  • imapc_features=fetch-headers wasn't always working correctly and caused the full header to be fetched.
  • Various bug fixes related to connection failure handling in imapc.
  • Unnecessary FETCH RFC822.SIZE sent to server when expunging mails if quota=imapc.
  • Add support for "ns" parameter to quota=count.
  • Fix incremental syncing for mails that don't have Date or Message-ID headers.
  • Fix hang when client sends pipelined SEARCH + EXPUNGE/CLOSE/LOGOUT.
  • Token validation in oauth2 didn't accept empty server responses.
  • Adjusts Pigeonhole to several changes in the Dovecot API, making it depend on Dovecot v2.2.31.
  • Fixed bug in handling of implicit keep in some cases. Implicit side-effects, such as assigned flags, were not always applied correctly.
  • Fixed segmentation fault that could occur when the global script location was left unconfigured.

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  • SUSE Linux Enterprise Server for the Raspberry Pi 12-SP2
    zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-1177=1
  • SUSE Linux Enterprise Software Development Kit 12 12-SP2
    zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-1177=1
  • SUSE Linux Enterprise High Performance Computing 12 SP2
    zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-1177=1
  • SUSE Linux Enterprise Server 12 SP2
    zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-1177=1
  • SUSE Linux Enterprise Server for SAP Applications 12 SP2
    zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-1177=1

Package List:

  • SUSE Linux Enterprise Server for the Raspberry Pi 12-SP2 (aarch64)
    • dovecot22-backend-mysql-debuginfo-2.2.31-19.1
    • dovecot22-backend-mysql-2.2.31-19.1
    • dovecot22-backend-sqlite-debuginfo-2.2.31-19.1
    • dovecot22-2.2.31-19.1
    • dovecot22-debuginfo-2.2.31-19.1
    • dovecot22-debugsource-2.2.31-19.1
    • dovecot22-backend-sqlite-2.2.31-19.1
    • dovecot22-backend-pgsql-2.2.31-19.1
    • dovecot22-backend-pgsql-debuginfo-2.2.31-19.1
  • SUSE Linux Enterprise Software Development Kit 12 12-SP2 (aarch64 ppc64le s390x x86_64)
    • dovecot22-debuginfo-2.2.31-19.1
    • dovecot22-debugsource-2.2.31-19.1
    • dovecot22-devel-2.2.31-19.1
  • SUSE Linux Enterprise High Performance Computing 12 SP2 (aarch64 x86_64)
    • dovecot22-backend-mysql-debuginfo-2.2.31-19.1
    • dovecot22-backend-mysql-2.2.31-19.1
    • dovecot22-backend-sqlite-debuginfo-2.2.31-19.1
    • dovecot22-2.2.31-19.1
    • dovecot22-debuginfo-2.2.31-19.1
    • dovecot22-debugsource-2.2.31-19.1
    • dovecot22-backend-sqlite-2.2.31-19.1
    • dovecot22-backend-pgsql-2.2.31-19.1
    • dovecot22-backend-pgsql-debuginfo-2.2.31-19.1
  • SUSE Linux Enterprise Server 12 SP2 (aarch64 ppc64le s390x x86_64)
    • dovecot22-backend-mysql-debuginfo-2.2.31-19.1
    • dovecot22-backend-mysql-2.2.31-19.1
    • dovecot22-backend-sqlite-debuginfo-2.2.31-19.1
    • dovecot22-2.2.31-19.1
    • dovecot22-debuginfo-2.2.31-19.1
    • dovecot22-debugsource-2.2.31-19.1
    • dovecot22-backend-sqlite-2.2.31-19.1
    • dovecot22-backend-pgsql-2.2.31-19.1
    • dovecot22-backend-pgsql-debuginfo-2.2.31-19.1
  • SUSE Linux Enterprise Server for SAP Applications 12 SP2 (ppc64le x86_64)
    • dovecot22-backend-mysql-debuginfo-2.2.31-19.1
    • dovecot22-backend-mysql-2.2.31-19.1
    • dovecot22-backend-sqlite-debuginfo-2.2.31-19.1
    • dovecot22-2.2.31-19.1
    • dovecot22-debuginfo-2.2.31-19.1
    • dovecot22-debugsource-2.2.31-19.1
    • dovecot22-backend-sqlite-2.2.31-19.1
    • dovecot22-backend-pgsql-2.2.31-19.1
    • dovecot22-backend-pgsql-debuginfo-2.2.31-19.1

References: