Package: cyrus-imapd / 2.5.10-3+deb9u2

Metadata

Package Version Patches format
cyrus-imapd 2.5.10-3+deb9u2 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
0001 Fix FAQ and virtual domains installation docs.patch | (download)

doc/faq.html | 2 1 + 1 - 0 !
doc/install-virtdomains.html | 4 4 + 0 - 0 !
lib/imapoptions | 11 9 + 2 - 0 !
3 files changed, 14 insertions(+), 3 deletions(-)

 fix faq and virtual domains installation docs


0002 Fix some minor things in manpages fix program names .patch | (download)

imap/deliver.c | 2 1 + 1 - 0 !
imap/quota.c | 2 1 + 1 - 0 !
imap/reconstruct.c | 2 1 + 1 - 0 !
man/chk_cyrus.8 | 2 1 + 1 - 0 !
man/ctl_cyrusdb.8 | 2 1 + 1 - 0 !
man/ctl_deliver.8 | 2 1 + 1 - 0 !
man/ctl_mboxlist.8 | 2 1 + 1 - 0 !
man/cyr_expire.8 | 2 1 + 1 - 0 !
man/cyrus.conf.5 | 8 4 + 4 - 0 !
man/deliver.8 | 8 4 + 4 - 0 !
man/fud.8 | 2 1 + 1 - 0 !
man/idled.8 | 4 2 + 2 - 0 !
man/imapd.8 | 4 2 + 2 - 0 !
man/lmtpd.8 | 4 2 + 2 - 0 !
man/master.8 | 31 20 + 11 - 0 !
man/nntpd.8 | 4 2 + 2 - 0 !
man/notifyd.8 | 4 2 + 2 - 0 !
man/pop3d.8 | 4 2 + 2 - 0 !
man/quota.8 | 14 7 + 7 - 0 !
man/reconstruct.8 | 24 12 + 12 - 0 !
man/smmapd.8 | 2 1 + 1 - 0 !
man/timsieved.8 | 2 1 + 1 - 0 !
man/tls_prune.8 | 2 1 + 1 - 0 !
23 files changed, 71 insertions(+), 62 deletions(-)

 fix some minor things in manpages,
 fix program names in manpages and program sources


0003 Disable runpath checking.patch | (download)

configure.ac | 3 0 + 3 - 0 !
1 file changed, 3 deletions(-)

 disable runpath checking

@DPATCH@

0004 Shutdown and close sockets cleanly.patch | (download)

imap/fud.c | 9 9 + 0 - 0 !
imap/imapd.c | 4 4 + 0 - 0 !
imap/lmtpd.c | 3 3 + 0 - 0 !
imap/pop3d.c | 3 3 + 0 - 0 !
4 files changed, 19 insertions(+)

 shutdown and close sockets cleanly

Cleanly shutdown and close sockets, this is supposed to allow for better
TCP teardown on the remote end, and reduces CLOSE_WAIT time.

This patch was written 8 years ago, it is possible that nowadays nothing
will benefit from a shutdown() right before close().  The commit log
from eight years ago mentions that SHUT_RD should be upgraded to
SHUT_RDWR where possible, but only after verification that this is not
going to cause problems (e.g. by discarding data still on flight to the
remote).

Also, it is possible that new daemons and utils in Cyrus 2.2 and 2.3 may
need similar patches.

0005 Fix syslog prefix.patch | (download)

imap/global.c | 7 6 + 1 - 0 !
ptclient/ptexpire.c | 2 1 + 1 - 0 !
ptclient/test.c | 2 1 + 1 - 0 !
ptclient/test2.c | 2 1 + 1 - 0 !
4 files changed, 9 insertions(+), 4 deletions(-)

 fix syslog prefix

Make sure all programs log (to syslog) with "cyrus/<program>" as the
log prefix.

@DPATCH@

0006 silence erroneous RLIMIT_NUMFDS related log messages.patch | (download)

master/master.c | 4 2 + 2 - 0 !
1 file changed, 2 insertions(+), 2 deletions(-)

 silence erroneous rlimit_numfds-related log messages

Fixes setrlimit(RLIMIT_NUMFDS) handling to be less obnoxious and
not barf error messages to syslog incorrectly, nor log nonsense
if getrlimit(RLIMIT_NUMFDS) failed.

0007 Fix xmalloc usage.patch | (download)

lib/map_stupidshared.c | 1 1 + 0 - 0 !
lib/xmalloc.h | 4 2 + 2 - 0 !
2 files changed, 3 insertions(+), 2 deletions(-)

 fix xmalloc usage


0008 Fix MIB file for cyrus.patch | (download)

master/CYRUS-MASTER.mib | 11 7 + 4 - 0 !
1 file changed, 7 insertions(+), 4 deletions(-)

 fix mib file for cyrus


0009 Updates calling of the perl interpreter to what we e.patch | (download)

perl/imap/examples/auditmbox.pl | 2 1 + 1 - 0 !
perl/imap/examples/imapcollate.pl | 2 1 + 1 - 0 !
perl/imap/examples/imapdu.pl | 2 1 + 1 - 0 !
perl/sieve/scripts/installsieve.pl | 4 1 + 3 - 0 !
perl/sieve/scripts/sieveshell.pl | 4 1 + 3 - 0 !
snmp/snmpgen | 20 1 + 19 - 0 !
tools/config2header | 20 1 + 19 - 0 !
tools/config2man | 20 1 + 19 - 0 !
tools/dohash | 19 1 + 18 - 0 !
tools/masssievec | 24 3 + 21 - 0 !
tools/mkimap | 20 1 + 19 - 0 !
tools/mknewsgroups | 25 3 + 22 - 0 !
tools/translatesieve | 19 1 + 18 - 0 !
tools/undohash | 2 1 + 1 - 0 !
tools/upgradesieve | 19 1 + 18 - 0 !
15 files changed, 19 insertions(+), 183 deletions(-)

 updates calling of the perl interpreter to what we expect in debian

More precisely: Call /usr/bin/perl directly instead of using some
shell magic to locate perl and run it.

NOTE: only some script use the "-w" or even the "-T" flag for perl.
This should be the default actually.

0010 Fix paths on Debian in tools rehash.patch | (download)

tools/rehash | 4 2 + 2 - 0 !
1 file changed, 2 insertions(+), 2 deletions(-)

 fix paths on debian in tools/rehash


0011 Adds some enhancements to sieveshell and fixes some .patch | (download)

perl/imap/IMAP/Shell.pm | 4 2 + 2 - 0 !
perl/sieve/scripts/sieveshell.pl | 68 56 + 12 - 0 !
2 files changed, 58 insertions(+), 14 deletions(-)

 adds some enhancements to sieveshell and fixes some paths.


0012 Accept invalid From header in email.patch | (download)

imap/message.c | 17 14 + 3 - 0 !
1 file changed, 14 insertions(+), 3 deletions(-)

 accept invalid from: header in email

This stops Cyrus from ruining everything all by itself; Your MTA is
the point where the validity of headers should be checked. For more
information on such and so forth, see (amongst others):

    http://www.postfix.org/header_checks.5.html

If one chooses to allow slightly invalid headers in the MTA, then
Cyrus should not raise problems.

0013 Normalize the authentication ID.patch | (download)

imap/global.c | 2 2 + 0 - 0 !
lib/auth_unix.c | 18 18 + 0 - 0 !
lib/imapoptions | 5 5 + 0 - 0 !
lib/libcyr_cfg.c | 4 4 + 0 - 0 !
lib/libcyr_cfg.h | 2 2 + 0 - 0 !
5 files changed, 31 insertions(+)

 normalize the authentication id

By normalize, it is intended that;

    1) Authentication IDs all can be lowercased for more accurate
       comparison without being volatile to, say, user error, and
    2) Any leading or trailing blank space can be stripped

0014 Fix PATH_MAX on GNU Hurd.patch | (download)

imap/pop3d.c | 4 4 + 0 - 0 !
master/master.c | 4 4 + 0 - 0 !
master/service.c | 4 4 + 0 - 0 !
3 files changed, 12 insertions(+)

 fix path_max on gnu/hurd


0015 Fix extra libpci in SNMP_LIBS.patch | (download)

cmulocal/ucdsnmp.m4 | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 fix extra libpci in snmp_libs


0016 Use UnicodeData.txt from system.patch | (download)

Makefile.am | 4 2 + 2 - 0 !
1 file changed, 2 insertions(+), 2 deletions(-)

 use unicodedata.txt from system


0017 libisieve has to be noinst_LTLIBRARY for PIC code to.patch | (download)

Makefile.am | 4 2 + 2 - 0 !
perl/sieve/managesieve/Makefile.PL.in | 2 1 + 1 - 0 !
2 files changed, 3 insertions(+), 3 deletions(-)

 libisieve has to be noinst_ltlibrary for pic code to compile


0018 Replace struct sched_param with struct caldav_sched_.patch | (download)

imap/http_caldav.c | 36 18 + 18 - 0 !
imap/http_caldav_sched.h | 6 3 + 3 - 0 !
imap/http_ischedule.c | 4 2 + 2 - 0 !
3 files changed, 23 insertions(+), 23 deletions(-)

 replace 'struct sched_param' with 'struct caldav_sched_param'


0019 CVE 2019 11356.patch | (download)

imap/http_caldav.c | 2 1 + 1 - 0 !
imap/httpd.c | 2 1 + 1 - 0 !
2 files changed, 2 insertions(+), 2 deletions(-)

 fix for cve-2019-11356
0020 CVE 2019 19783.patch | (download)

imap/lmtp_sieve.c | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 fix for cve-2019-19783
 When creating a missing mailbox as part of a sieve 'fileinto' directive,
 lmtpd would create it as administrator, bypassing ACL checks.
 .
 lmtpd creates missing mailboxes as part of a sieve 'fileinto' directive if:
 .
    (2.5+) the anysievefolder option is enabled (default: not), or
    (3.0+) the sieve_extensions option has the 'mailbox' extension enabled
    (default: enabled) and the 'fileinto' directive contains the ":create"
    argument
 .
 Under these conditions, a user with the ability to upload a custom sieve
 script to their account could use it to create any valid mailbox on the
 server (with ACL inherited from the parent mailbox as usual).
 .
 lmtpd no longer creates these mailboxes as administrator, so users may no
 longer use a 'fileinto' directive to create a mailbox they couldn’t create
 otherwise.