"This release contains an important fix for IMAP users, mostly affecting
Gmail with the $trash folder set. If you use this, you are strongly
encouraged to update."
On timestamps such as " 4-Mar-2018 16:49:25 -0500", mbsync would abort if
the Channel option `CopyArrivalDate' was set.
The IMAP protocol specifies a date format beginning with a day-of-month
space-padded to two characters. The "%d" specifier in glibc's strptime(3)
will consume a space-padded day of month, but OpenBSD's "%d" only accepts
leading zeroes.
Prodded by this issue, our strptime(3) now strips leading spaces with "%e"
as of lib/libc/time/strptime.c r1.25.
Found, analysed and patch (using "%n%d" instead of "%e") from
Evan Silberman <evan at jklol dot net>, thanks!
and brittle with future changes to make(1).
Also FIX_PERMISSIONS so that it's easy to work with it.
okay naddy@, no answer from maintainer in ~two months
OK giovanni@
Comment:
iterative DMARC validation for mails
Description:
This module can be used to validate mails against DMARC policies
like specified in RFC 7208. The main difference to Mail::DMARC is
that it does no blocking operations. Instead it implements a state
machine where user input is fed into and instructions what the
machine wants is returned. The state machine only wants the data
from the mail and the result of specific DNS lookups. With each
new data fed into the machine it will provide new information what
it needs next, until it finally has enough input and returns the
final result. Because of this design the DMARC policy validation
can be easily integrated into event-driven programs or coupled with
a specific DNS resolver.
OK sthen@
Comment:
iterative DKIM validation of records or signing of mails
Description:
With this module one can validate DKIM Signatures in mails and also
create DKIM signatures for mails.
The main difference to Mail::DKIM is that the validation can be
done iterative, that is the mail can be streamed into the object
and if DNS lookups are necessary their results can be added to the
DKIM object asynchronously. There are no blocking operation or
waiting for input, everything is directly driven by the user/application
feeding the DKIM object with data.
This module implements only DKIM according to RFC 6376. It does not
support the historic DomainKeys standard (RFC 4870).
ok brad (maintainer)
* CVE-2019-3814: If imap/pop3/managesieve/submission client has trusted
certificate with missing username field (ssl_cert_username_field), under
some configurations Dovecot mistakenly trusts the username provided via
authentication instead of failing.
* ssl_cert_username_field setting was ignored with external SMTP
AUTH, because none of the MTAs (Postfix, Exim) currently send the
cert_username field. This may have allowed users with trusted
certificate to specify any username in the authentication. This bug
didn't affect Dovecot's Submission service.
