| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: dovecot24-backend-sqlite | Distribution: openSUSE Tumbleweed |
| Version: 2.4.2 | Vendor: openSUSE |
| Release: 3.2 | Build date: Thu Jan 22 19:04:34 2026 |
| Group: Productivity/Networking/Email/Servers | Build host: reproducible |
| Size: 26740 | Source RPM: dovecot24-2.4.2-3.2.src.rpm |
| Packager: https://bugs.opensuse.org | |
| Url: https://www.dovecot.org | |
| Summary: SQLite support for Dovecot | |
Dovecot is an IMAP and POP3 server for Linux and UNIX-like systems, written primarily with security in mind. Although it is written in C, it uses several coding techniques to avoid most of the common pitfalls. Dovecot can work with standard mbox and maildir formats and is fully compatible with UW-IMAP and Courier IMAP servers as well as mail clients accessing the mailboxes directly. This package holds the files needed for SQLite support.
BSD-3-Clause AND LGPL-2.1-or-later AND MIT
* Thu Jan 22 2026 Hans-Peter Jansen <hpj@urpla.net>
- dovecot will not compile with older gcc's. Force a newer one.
* Tue Dec 23 2025 Marcus Rueckert <mrueckert@suse.de>
- While we are at it backport some fixes for the authentication
stack, after recommendation from upstream:
0001-auth-Fix-dashes-to-underscores-in-driver-names-in-fi.patch
0002-auth-Fix-crypt-CRYPT-in-passdb_passwd-passdb_ldap-de.patch
0003-auth-Make-the-default-passdb_static-passdb_default_p.patch
0004-auth-Set-CRYPT-as-default-passdb_default_password_sc.patch
* Tue Dec 23 2025 Marcus Rueckert <mrueckert@suse.de>
- backport patches to fix sieve regex support after the switch to
pcre2
0001-lib-regex-Separate-maximum-capture-groups-and-match-.patch
0002-lib-regex-Set-DREGEX_MAX_MATCHES-to-library-default.patch
0003-lib-regex-Limit-number-of-capture-groups-correctly.patch
- ------------------------------------------------------------------
* Wed Oct 29 2025 Marcus Rueckert <mrueckert@suse.de>
- Add patches to fix the 32bit build failures:
dovecot24-32bit-1.patch
dovecot24-32bit-2.patch
* Wed Oct 29 2025 Marcus Rueckert <mrueckert@suse.de>
- drop dovecot-fix-gssapi.patch
* Wed Oct 29 2025 Marcus Rueckert <mrueckert@suse.de>
- Update dovecot to 2.4.2 (boo#1252839 CVE-2025-30189)
- Critical bug fixes
- CVE-2025-30189: Passdb oauth2 (not oauth2 mechanism), passdb
passwd, passdb bsdauth, and userdb passwd drivers would cause
users to be cached with same cache key when auth cache was
enabled.
- Changes
- auth: Remove proxy_always field.
- config: Change settings history parsing to use python3.
- doveadm: Print table formatter - Print empty values as "-".
- imapc: Propagate remote error codes properly.
- lda: Default mail_home=$HOME environment if not using userdb
lookup
- lib-dcrypt: Salt for new version 2 keys has been increased to
16 bytes.
- lib-dregex: Add libpcre2 based regular expression support to
Dovecot, if the library is missing, disable all regular
expressions. This adds libpcre2-32 as build dependency.
- lib-oauth2: jwt - Allow nbf and iat to point 1 second into
future.
- lib: Replace libicu with our own unicode library. Removes
libicu as build dependency.
- login-common: If proxying fails due to remote having invalid
SSL cert, don't reconnect.
- New features
- auth: Add ssl_client_cert_fp and ssl_client_cert_pubkey_fp
fields, see
https://doc.dovecot.org/latest/core/summaries/settings.html#ssl_peer_certificate_fingerprint_hash
for more information.
- config: Add support for $SET:filter/path/setting.
- config: Improve @group includes to work with overwriting
their settings.
- doveadm kick: Add support for kicking multiple usernames
- doveadm mailbox status: Add support for deleted status item.
- imap, imap-client: Add experimental partial IMAP4rev2
support.
- imap: Implement support for UTF8=ACCEPT for APPEND
- lib-oauth2, oauth2: Add oauth2_token_expire_grace setting.
- lmtp: lmtp-client - Support command pipelining.
- login-common: Support local/remote blocks better.
- master: accept() unix/inet connections before creating child
process to handle it. This reduces timeouts when child
processes are slow to spawn themselves.
- Bug fixes
- SMTPUTF8 was accepted even when it wasn't enabled.
- auth, *-login: Direct logging with -L parameter was not
working.
- auth: Crash occured when OAUTH token validation failed with
oauth2_use_worker_with_mech=yes.
- auth: Invalid field handling crashes were fixed.
- auth: ldap - Potential crash could happen at deinit.
- auth: mech-gssapi - Server sending empty initial response
would cause errors.
- auth: mech-winbind - GSS-SPNEGO mechanism was erroneously
marked as
- not accepting NUL.
- config: Multiple issues with $SET handling has been fixed.
- configure: Building without LDAP didn't work.
- doveadm: If source user didn't exist, a crash would occur.
- imap, pop3, submission, imap-urlauth: USER environment usage
was broken when running standalone.
- imap-hibernate: Statistics would get truncated on
unhibernation.
- imap: "SEARCH MIMEPART FILENAME ENDS" command could have
accessed memory outside allocated buffer, resulting in a
crash.
- imapc: Fetching partial headers would cause other cached
headers to be cached empty, breaking e.g. imap envelope
responses when caching to disk.
- imapc: Shared namespace's INBOX mailbox was not always
uppercased.
- imapc: imapc_features=guid-forced GUID generation was not
working correctly.
- lda: USER environment was not accepted if -d hasn't been
specified.
- lib-http: http-url - Significant path percent encoding
through parse and create was not preserved. This is mainly
important for Dovecot's Lua bindings for lib-http.
- lib-settings: Crash would occur when using %variables in
SET_FILE type settings.
- lib-storage: Attachment flags were attempted to be added for
readonly mailboxes with mail_attachment_flags=add-flags.
- lib-storage: Root directory for unusable shared namespaces
was unnecessarily attempted to be created.
- lib: Crash would occur when config was reloaded and logging
to syslog.
- login-common: Crash might have occured when login proxy was
destroyed.
- sqlite: The sqlite_journal_mode=wal setting didn't actually
do anything.
- Many other bugs have been fixed.
- Update pigeonhole to 2.4.2
- Changes
- lib-sieve: Use new regular expression library in core.
- managesieve: Add default
service_extra_groups=$SET:default_internal_group.
- New features
- lib-sieve: Add support for "extlists" extension.
- lib-sieve: regex - Allow unicode comparator.
- Bug fixes
- lib-sieve-tool: sieve-tool - All sieve_script settings were
overriden.
- lib-sieve: storage: dict: sieve_script_dict filter was
missing from settings.
- sieve-ldap-storage: Fix compile without LDAP.
* Fri Aug 22 2025 Giacomo Leidi <giacomo.leidi@suse.com>
- Allow for %is_opensuse to be unset, following up to
https://src.suse.de/products/SLFO/pulls/204 (bsc#1248485).
* Thu Aug 14 2025 Dominique Leuenberger <dimstar@opensuse.org>
- Enable build for all arches again. The build failure on 32bit has
been addressed upstream.
* Tue Aug 05 2025 Peter Varkoly <varkoly@suse.com>
- [SLFO:Main] [SLES16.0] Please lower the libldap2 dependency for dovecot24
(bsc#1247601)
* Thu Jun 26 2025 Peter Varkoly <varkoly@suse.com>
- Update to actual version (Fri May 30 17:05:02 2025) in main branch to fix bsc#1245075
[sle16][ppc64le][dovecot] dovecot service failed to start and coredump on ppc64le
Turn off tests.
* lib-auth: Fix linking due to duplicate symbols
* lib-settings: test-settings - Refactor initialization of params3
* lib-var-expand: Test hierarchical SETTINGS_EVENT_VAR_EXPAND_PARAMS
* lib-settings: Pad initial var expand context with empty tables and providers when needed
* Panic: file settings.c: line 1560 (settings_var_expand_init_add): assertion failed: (I_MAX(num_tables, num_provs) == num_ctx)
* auth: db-oauth2 - Don't mix table and providers_arr
* lib: test-file-cache - Ignore RLIMIT_AS enforcement failure
* If the OS does not respect RLIMIT_AS here, lets skip all the rest of the tests.
* auth: Fix using passdb_fields with passdb_ldap_bind_userdn=yes
* Fri May 23 2025 Paul Zirnik <paul.zirnik@suse.com>
- dovecot gssapi authentication fails when starting with empty auth data
(bsc#1243489)
dovecot-fix-gssapi.patch applied to fix gssapi
* Thu May 08 2025 Peter Varkoly <varkoly@suse.com>
- Dovecot: /etc/dovecot/conf.d/ doesn't exist after installing dovecot
(bsc#1242774)
Dovecot misses many configuration files (bsc#1242687)
Remove list of not delivered files
- dovecot fails to build (bsc#1242418)
Do not use libunwind on s390x
* Sat Apr 05 2025 Peter Varkoly <varkoly@suse.com>
- Fix bsc#1240399 dovecot24 has incomplete config.
Ignore the broken config in the sources and deliver a minimal
configuration for the system users.
* Fri Mar 28 2025 Arjen de Korte <suse+build@de-korte.org>
- update to 2.4.1
* auth: Change unix_listener/auth-userdb/group = $SET:default_internal_group
This change needs dovecot_config_version=2.4.1.
* auth: lua - Remove support for single string result.
* imap: Unconditionally advertise SPECIAL-USE capability.
* lib-dcrypt: Install dcrypt_openssl.so into dovecot modules directory.
* lib-master: For glibc, default MALLOC_MMAP_THRESHOLD_=131072.
* lib-storage: Change default mail_cache_fields to:
hdr.date hdr.subject hdr.from hdr.sender hdr.reply-to hdr.to
hdr.cc hdr.bcc hdr.in-reply-to hdr.message-id
date.received size.virtual imap.bodystructure mime.parts hdr.references
hdr.importance hdr.x-priority hdr.x-open-xchange-share-url
pop3.uidl pop3.order. This change needs dovecot_config_version=2.4.1.
* lib-var-expand: Use moduledir instead of pkglibdir for crypt.
* lmtp: Change the default lmtp_user_concurrency_limit to 10.
This change needs dovecot_config_version=2.4.1.
* lmtp: Change the default service_restart_request_count to 1.
This change needs dovecot_config_version=2.4.1.
+ auth: Allow configuring passdb/userdb sql to use auth-workers.
+ config: Add default group @mailbox_defaults = english.
+ config: Improve "Unknown setting" error with more details and
suggestions.
+ doveconf: Add -U parameter to ignore unknown settings in config file.
+ fts-flatcurve: Support lock files in VOLATILEDIR.
+ imap-acl: Add support for the IMAP LIST-MYRIGHTS capability (RFC 8440).
+ imap-client: Support ANONYMOUS authentication.
+ imap: Implement support for the REPLACE capability.
- Many bugs have been fixed.
* Thu Feb 27 2025 Peter Varkoly <varkoly@suse.com>
- Adapt dependency for SLES.
* Wed Feb 26 2025 Peter Varkoly <varkoly@suse.com>
- Remove not used macro
* Thu Feb 06 2025 Marcus Rueckert <mrueckert@suse.de>
- make apparmor conditional more readable
* Wed Feb 05 2025 Peter Varkoly <varkoly@suse.com>
- Remove apparmor support from SLES
* Tue Feb 04 2025 Peter Varkoly <varkoly@suse.com>
- Adapt requirement for dovecot pacakage
* Sat Feb 01 2025 Arjen de Korte <suse+build@de-korte.org>
- fix rpmlint errors and warnings
+ dovecot-2.3.17-env_script_interpreter.patch
% dovecot-rpmlintrc
* Thu Jan 30 2025 Arjen de Korte <suse+build@de-korte.org>
- fix build checks and enable by default
+ dovecot-2.4.0-lua_json.patch
* Thu Jan 30 2025 Marcus Rueckert <mrueckert@suse.de>
- we no longer need to set LIBS="-pie" and -fpic/-DPIC in CFLAGS
as upstream does it for us.
* Thu Jan 30 2025 Marcus Rueckert <mrueckert@suse.de>
- Disable 32bit arm and x86 builds:
https://dovecot.org/mailman3/archives/list/dovecot@dovecot.org/message/PCUTU3IE6RZXQQMWCAB7UP4XN6SPFPFX/
* Thu Jan 30 2025 Marcus Rueckert <mrueckert@suse.de>
- Bump BuildRequires for openldap to 2.6.8. The version on code15
is not supported anymore.
* Thu Jan 30 2025 Marcus Rueckert <mrueckert@suse.de>
- drop the LIBS and extra CFLAGS. no longer needed
* Thu Jan 30 2025 Marcus Rueckert <mrueckert@suse.de>
- drop clucene support. there is no upstream support for it
anymore.
* Fri Jan 24 2025 Marcus Rueckert <mrueckert@suse.de>
- add the unversioned provides and conflicts for fts-flatcurve
* Fri Jan 24 2025 Marcus Rueckert <mrueckert@suse.de>
- finish handling of of example config files
* Fri Jan 24 2025 Marcus Rueckert <mrueckert@suse.de>
- cleanup spec file from old conditionals
- transfer all buildrequires to pkgconfig() style where possible
* Fri Jan 24 2025 Marcus Rueckert <mrueckert@suse.de>
- Update to 2.4.0
https://github.com/dovecot/core/releases/tag/2.4.0
https://github.com/dovecot/pigeonhole/releases/tag/2.4.0
New 2.4 packages are not compatible with old 2.3 configuration,
please carefully review
https://doc.dovecot.org/2.4.0/installation/upgrade/2.3-to-2.4.html
before installing the new packages.
https://doc.dovecot.org/2.4.0/installation/installation.html
* Thu Nov 21 2024 Dominique Leuenberger <dimstar@opensuse.org>
- Add dovecot-link-icu76.patch: configure: Explicitly check for icu-uc
Ensure we link against libicu-uc when it's split in v76
(boo#1233582).
- Call autoreconf in build section, as above patch touches the
build system.
* Wed Aug 14 2024 Arjen de Korte <suse+build@de-korte.org>
- update to 2.3.21.1 and pigeonhole 0.5.21.1
Dovecot 2.3.21.1
- CVE-2024-23184: A large number of address headers in email resulted
in excessive CPU usage. [boo#1229184]
- CVE-2024-23185: Abnormally large email headers are now truncated or
discarded, with a limit of 10MB on a single header and 50MB for all
the headers of all the parts of an email. [boo#1229183]
- oauth2: Dovecot would send client_id and client_secret as POST parameters
to introspection server. These need to be optionally in Basic auth
instead as required by OIDC specification.
- oauth2: JWT key type check was too strict.
- oauth2: JWT token audience was not validated against client_id as
required by OIDC specification.
- oauth2: XOAUTH2 and OAUTHBEARER mechanisms were not giving out
protocol specific error message on all errors. This broke OIDC discovery.
- oauth2: JWT aud validation was not performed if aud was missing
from token, but was configured on Dovecot.
* Mon Nov 06 2023 Dominique Leuenberger <dimstar@opensuse.org>
- Fix build with RPM 4.19: unnumbered patches are no longer
supported.
* Fri Sep 15 2023 Arjen de Korte <suse+build@de-korte.org>
- update to 2.3.21 and pigeonhole 0.5.21
Dovecot 2.3.21
* lib-oauth2: Allow JWT tokens to be validated with missing typ field.
The typ field is left out by some key issuers to conserve space,
notably kubernetes. Now missing typ is tolerated, but if present, it
still must be "jwt".
+ auth: Auth passdb and userdb reply can contain "event_<name>=value"
which will be added to login event and mail user event respectively.
+ lib-master: Set process title during various initialization stages to
clearly describe what the process is waiting on.
+ lib-storage: The mail_temp_scan_interval is now fuzzed incrementing it
by 0..30% based on username's hash to reduce the chance of load spikes.
+ lib-storage: The temp file scan has been moved from the open of the
mailbox to the close, to reduce the latency perceived by users.
+ stats: If metric has fields specified, all these fields are
exported as counters to prometheus exposition.
See https://doc.dovecot.org/configuration_manual/stats/openmetrics/.
- *-login: Processes might have crashed when a SSL connection disconnects
uncleanly.
- acl: When plugin was loaded \HasChildren and \HasNoChildren flags
were calculated incorrectly for mailboxes containing '*' and '%'
in their names.
- auth: Crash occured if a connection to PostgreSQL database server
failed during startup.
- auth: Logins with invalid passwords (e.g. unknown scheme) in passdb
were failing with "password mismatch" instead of "internal error".
- auth: XOAUTH2 and OAUTHBEARER mechanisms were not giving out protocol
specific error message on all errors. This especially broke OIDC
discovery.
- dbox: When last_temp_file_scan header wasn't set (especially after
dsync migration), the next mailbox open always triggers the temp file
scan. This could have caused a load spike after migrations. Fixed by
using the mailbox directory's atime when the header isn't set, which
usually moves the scan time into the future.
- dict-redis: A crash would occur on transaction rollback.
- dsync: Infinite loop causing out of memory would occur when handling
mailbox deletion from remote end and hierarchy separators would differ.
- dsync: Incremental dsync failed for folder names ending with '%',
unless BROKENCHAR was set. Also folder names with '%' elsewhere in
them caused each incremental dsync to unnecessarily rename the folder
to a temporary name and back. v2.3.19 regression.
- imap-hibernate: If an IMAP client unhibernation timed out with
"(version received)", the unhibernation could still have successfully
finished later on and continued working normally. This was rather
confusing, because imap-hibernate already logged that the client got
disconnected. Avoid this by forcing the connection to shutdown on
unhibernation timeout.
- imapc: Crashed when a folder mapped through the virtual plugin
disappears from the storage.
- imapc: EXPUNGE, EXISTS or FETCH replies from a server for a previously
selected mailbox could have been processed as if they belonged to the
new mailbox currently being selected. This could have caused warnings.
- lib-http: Dovecot HTTP server (doveadm, stats/openmetrics) may have
disconnected HTTP clients before the response is fully sent. This
happened only on busy servers where kernel's socket buffers were
rather full.
- lib-http: Fixed a potential crash on http-server if a client
disconnected early. v2.3.18 regression.
- lib-index: Index file corruption could have caused a crash. Fixes:
Panic: file mail-transaction-log-view.c: line 165 (mail_transaction_log_view_set):
assertion failed: (min_file_seq <= max_file_seq).
- lib-index: Purging an existing >1GB cache file can crash. Now cache
files still above 1GB after purging are removed. Fixes:
Panic: file mail-index-util.c: line 10 (mail_index_uint32_to_offset):
assertion failed: (offset < 0x40000000)
- lib-lua: A HTTP client could not resolve DNS names in mail processes,
because it expected "the dns-client" socket to exist in the current
directory.
- lib-oauth2: Dovecot would send client_id and client_secret as POST
parameters to the introspection server. These need to be optionally in
Basic auth instead.
- lib-oauth2: JWT aud validation was not performed if aud was missing
from a token, but was configured on Dovecot.
- lib-oauth2: JWT key type check was too strict.
- lib-oauth2: JWT token audience was not validated against client_id as
required by the specification.
- lib-ssl-iostream: Using the ssl_require_crl=yes setting may have caused
CRL check failures for outgoing SSL/TLS connections, although it was
supposed to affect checking CRLs only for client-side SSL
certificates. v2.3.17 regression.
- lib-sql: MySQL driver leaked memory when connection failed.
- lib-storage: Various fixes when running into out of disk space.
- master: Service idle_kill setting didn't work properly on busy
servers. It was very unlikely that any process was idling long enough
to become killed. Also the idle_kill handling code was using quite a
lot of CPU on the master process when there were a lot of processes
(e.g. imap). The new behavior is to track the lowest number of idling
processes every idle_kill time interval and then kill that many idling
processes.
- mdbox: Temp file scan was done for always empty directories.
- mdbox: The fdatasync() call was done in wrong parent directory when
writing mails. Also on a failure it crashed instead of logging an error.
- notify_status: The plugin crashes if any user initialization fails.
- pop3: Sending command with the ':' character caused an assert-crash.
v2.3.18 regression. Fixes: Panic: event_reason_code_prefix(): name has ':'
- stats: Fix panic when a nonexistent event exporter was referenced while
adding a new metric dynamically via doveadm stats add. This produces
a proper error now.
- stats: If process exported a lot of events and then exited, some of
the last events may have become lost.
- stats: Invalid Prometheus label names were created with specific
histogram group_by configurations. Prometheus rejected these labels.
- welcome: The plugin didn't execute in some situations that created
INBOX but didn't open it, e.g. if GETMETADATA was used before the
INBOX was opened.
Pigeonhole v0.5.21
- sieve: Using the deleteheader action on a message with a broken/invalid
header can cause the Sieve interpreter to crash with an assert panic.
This can happen e.g. when the message is missing the empty EOH line
between the headers and the body of the message. Fixes:
Panic: file edit-mail.c: line 820 (edit_mail_headers_parse):
assertion failed: (body_offset > 0).
- sieve: Pigeonhole added an extra Message-ID header during mail
forwarding when the existing one was invalid. Now it adds the
Message-ID only if it is entirely missing. Existing Message-ID(s) are
left unchanged.
* Mon Mar 27 2023 Martin Liška <mliska@suse.cz>
- Add upstream fix-strict-aliasing.patch that addresses violation
of strict aliasing.
* Thu Mar 23 2023 Martin Liška <mliska@suse.cz>
- Enable LTO now as it works now (boo#1156301).
* Sun Feb 05 2023 Arjen de Korte <suse+build@de-korte.org>
- Add patch to fix building with OpenSSL-3 (boo#1207958)
+ fix-build-with-openssl-3.patch
/usr/lib64/dovecot/modules/auth/libdriver_sqlite.so /usr/lib64/dovecot/modules/dict/libdriver_sqlite.so /usr/lib64/dovecot/modules/libdriver_sqlite.so
Generated by rpm2html 1.8.1
Fabrice Bellet, Thu Mar 5 22:58:08 2026