github dovecot/core 2.4.1
Dovecot v2.4.1

6 days ago

Installation

You can install pre-built binaries from https://repo.dovecot.org

Docker images can be found at https://hub.docker.com/r/dovecot/dovecot

Please review https://doc.dovecot.org/2.4.1/installation/upgrade/2.3-to-2.4.html and https://doc.dovecot.org/2.4.1/installation/installation.html.

Important

We have changed the signing key for 2.4 going forward, releases are signed with EF0882079FD4ED32BF8B23B2A1B09EF84EDC5219, which can be found at https://repo.dovecot.org/DOVECOT-REPO-GPG-2.4 and is signed with the previous key.

The old key has been renamed to https://repo.dovecot.org/DOVECOT-REPO-GPG-2.3.

Warning

New 2.4 packages are not compatible with old 2.3 configuration, please carefully review https://doc.dovecot.org/2.4.1/installation/upgrade/2.3-to-2.4.html before installing the new packages.

We are happy to provide experimental arm64 support in the form of a Docker image. There are now three kinds of images, latest, latest-dev and latest-root.

The latest docker image is now ran rootless, with UID 1000 as vmail. Please take this into consideration when upgrading. The latest-root image still runs as root. Latest 2.3 image can be used with tag 2.3-latest still.

Changes

  • auth: Change unix_listener/auth-userdb/group = $SET:default_internal_group
    This change needs dovecot_config_version=2.4.1.
  • auth: lua - Remove support for single string result.
  • imap: Unconditionally advertise SPECIAL-USE capability.
  • lib-dcrypt: Install dcrypt_openssl.so into dovecot modules directory.
  • lib-master: For glibc, default MALLOC_MMAP_THRESHOLD_=131072.
  • lib-storage: Change default mail_cache_fields to:
    hdr.date hdr.subject hdr.from hdr.sender hdr.reply-to hdr.to
    hdr.cc hdr.bcc hdr.in-reply-to hdr.message-id
    date.received size.virtual imap.bodystructure mime.parts hdr.references
    hdr.importance hdr.x-priority hdr.x-open-xchange-share-url
    pop3.uidl pop3.order. This change needs dovecot_config_version=2.4.1.
  • lib-var-expand: Use moduledir instead of pkglibdir for crypt.
  • lmtp: Change the default lmtp_user_concurrency_limit to 10.
    This change needs dovecot_config_version=2.4.1.
  • lmtp: Change the default service_restart_request_count to 1.
    This change needs dovecot_config_version=2.4.1.

New features and additions

  • auth: Allow configuring passdb/userdb sql to use auth-workers.
  • config: Add default group @mailbox_defaults = english.
  • config: Improve "Unknown setting" error with more details and
    suggestions.
  • doveconf: Add -U parameter to ignore unknown settings in config file.
  • fts-flatcurve: Support lock files in VOLATILEDIR.
  • imap-acl: Add support for the IMAP LIST-MYRIGHTS capability (RFC 8440).
  • imap-client: Support ANONYMOUS authentication.
  • imap: Implement support for the REPLACE capability.

Bug fixes

  • auth: ldap - Passdb fields were ignored with
    passdb_ldap_bind_userdn=yes.
  • auth: lua - Fix error result handling in lua passdb/userdb.
  • auth: oauth2 - When building oauth2 failure reply, memory would leak.
  • config: local_name handling would work wrong with multiple names and
    wildcards.
  • fts-flatcurve: A potential crash could occur when searching virtual
    mailboxes.
    Fixes: Panic: file fts-search.c: line 87 (level_scores_add_vuids):
    assertion failed: (array_count(&vuids_arr) == array_count(&br->scores))
  • fts-flatcurve: Maybe queries were done wrong.
  • fts-flatcurve: Non-selectable mailboxes were not ignored when doing
    optimize/rescan.
  • fts-flatcurve: Signal 11 crash could happen with fts rescan.
  • fts: Fix crash caused by event object lifecycle mishandling.
  • imap-hibernate: Client counters would get reset on unhibernation,
    affecting imap_logout_format variables.
  • imap: Crash would occur with Maildir when trying to send INPROGRESS
    during mailbox syncing.
  • ldap: Dovecot could not be compiled without LDAP.
  • lib-dcrypt: Output stream encryption can cause assert crash if
    attempting to encrypt over 64 GiB of data with GCM. This is still not
    supported with GCM, but it fails better.
  • lib-http: HTTP client context memory usage was increasing.
  • lib-http: Pipeline corruption could happen after 100 Continue response.
  • lib-settings: Variable expansion initialization could crash with
    Panic: file settings.c: line 1560 (settings_var_expand_init_add):
    assertion failed: (I_MAX(num_tables, num_provs) == num_ctx)
  • lib-smtp: Pipelining initial SASL response after AUTH was broken.
  • lib-var-expand: If filter failed, memory leak would occur.
  • lib-var-expand: Older bison versions did not have error symbol for
    handling causing unexpected behaviour on the parser on error conditions.
  • quota: Quota calculations had minor bugs causing small errors.

Don't miss a new core release

NewReleases is sending notifications on new releases.