-
Wed Nov 03 2021 Michal Hlavinka <mhlavink@redhat.com> - 1:2.3.16-3
- re-enable LTO build (#1990080)
-
Wed Oct 27 2021 Michal Hlavinka <mhlavink@redhat.com> - 1:2.3.16-2
- set first_valid_uid to 1000 to match system default (#2009716)
-
Fri Aug 20 2021 Michal Hlavinka <mhlavink@redhat.com> - 1:2.3.16-1
- dovecot updated to 2.3.16, pigeonhole to 0.5.16
- fixes several regressions (#1997583)
-
Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 1:2.3.15-2
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
-
Wed Jul 21 2021 Michal Hlavinka <mhlavink@redhat.com> - 1:2.3.15-1
- dovecot updated to 2.3.15, pigeonhole updated to 0.5.15
- CVE-2021-29157: Dovecot does not correctly escape kid and azp fields in
JWT tokens. This may be used to supply attacker controlled keys to
validate tokens, if attacker has local access (#1979833)
- CVE-2021-33515: On-path attacker could have injected plaintext commands
before STARTTLS negotiation that would be executed after STARTTLS
finished with the client
- Add TSLv1.3 support to min_protocols.
-
Wed Jul 14 2021 Michal Hlavinka <mhlavink@redhat.com> - 1:2.3.14-5
- fix mail storage block count parsing (#1974281)
-
Wed Jun 16 2021 Mohan Boddu <mboddu@redhat.com> - 1:2.3.14-4
- Rebuilt for RHEL 9 BETA for openssl 3.0
Related: rhbz#1971065
-
Fri Jun 04 2021 Michal Hlavinka <mhlavink@redhat.com> - 1:2.3.14-3
- compatibility with openssl 3.0 (#1962035)
-
Thu Apr 15 2021 Mohan Boddu <mboddu@redhat.com> - 1:2.3.14-2
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
-
Mon Mar 22 2021 Michal Hlavinka <mhlavink@redhat.com> - 1:2.3.14-1
- dovecot updated to 2.3.14, pigeonhole to 0.5.14
- use OpenSSL's implementation of HMAC
- Remove autocreate, expire, snarf and mail-filter plugins.
- Remove cydir storage driver.
- Remove XZ/LZMA write support. Read support will be removed in future release.