Ubuntu
dovecot package

Merge ~bryce/ubuntu/+source/dovecot:merge-v1e2.3.19.1adfsg1-2-kinetic into ubuntu/+source/dovecot:debian/sid

  1. Git
  2. lp:~bryce/ubuntu/+source/dovecot
  3. merge-v1e2.3.19.1adfsg1-2-kinetic
  4. Merge into debian/sid
Proposed by Bryce Harrington
Status: Merged
Approved by: git-ubuntu bot
Approved revision: not available
Merge reported by: Bryce Harrington
Merged at revision: 3ac1a7a620dfea7848bb580b11959611cea5794e
Proposed branch: ~bryce/ubuntu/+source/dovecot:merge-v1e2.3.19.1adfsg1-2-kinetic
Merge into: ubuntu/+source/dovecot:debian/sid
Diff against target: 172 lines (+118/-3)
3 files modified
debian/changelog (+114/-0)
debian/control (+3/-2)
debian/rules (+1/-1)
Reviewer Review Type Date Requested Status
git-ubuntu bot Approve
Sergio Durigan Junior (community) Approve
Canonical Server Reporter Pending
Review via email: mp+428171@code.launchpad.net

Description of the change

Merge with Debian's package. I'd held off on merging this due to some earlier build/test failures but these seem resolved now.

By this point most delta has been dropped, the one remaining piece is disabling lto, which was done due to Debian and Ubuntu shipping different default gcc versions. Theoretically we should be able to drop this at some point, but I haven't gotten a successful build locally yet.

PPA with test packages: https://launchpad.net/~bryce/+archive/ubuntu/dovecot-merge-v1e2.3.19.1adfsg1-2

    $ sudo add-apt-repository -yus ppa:bryce/dovecot-merge-v1e2.3.19.1adfsg1-2
    $ sudo apt-get install dovecot-lite

* gnome-terminal
  - lp-test-ppa ppa:bryce/dovecot-merge-v1e2.3.19.1adfsg1-2 --release kinetic --showpass

Usual tags pushed for review:
  - tags/old/debian f3c2e9144
  - tags/new/debian 9b315688d
  - tags/old/ubuntu 7f78e9014
  - tags/logical/1%2.3.16+dfsg1-3ubuntu4 502b33a57
  - tags/reconstruct/1%2.3.16+dfsg1-3ubuntu4 256bf0e77
  - tags/split/1%2.3.16+dfsg1-3ubuntu4 95758b5a7

To post a comment you must log in.
Revision history for this message
Bryce Harrington (bryce) wrote :

Autopkgtest Results: (from http://autopkgtest.ubuntu.com/results/autopkgtest-kinetic-bryce-dovecot-merge-v1e2.3.19.1adfsg1-2/?format=plain)
  dovecot @ amd64:
    10.08.22 15:06:21 Log πŸ—’οΈ βœ… Triggers: dovecot/1:2.3.19.1+dfsg1-2ubuntu1~kinetic1
  dovecot @ arm64:
    10.08.22 15:16:42 Log πŸ—’οΈ βœ… Triggers: dovecot/1:2.3.19.1+dfsg1-2ubuntu1~kinetic1
  dovecot @ armhf:
    10.08.22 15:12:36 Log πŸ—’οΈ βœ… Triggers: dovecot/1:2.3.19.1+dfsg1-2ubuntu1~kinetic1
  dovecot @ ppc64el:
    10.08.22 15:07:40 Log πŸ—’οΈ βœ… Triggers: dovecot/1:2.3.19.1+dfsg1-2ubuntu1~kinetic1
  dovecot @ s390x:
    10.08.22 15:05:16 Log πŸ—’οΈ βœ… Triggers: dovecot/1:2.3.19.1+dfsg1-2ubuntu1~kinetic1

Revision history for this message
Sergio Durigan Junior (sergiodj) wrote :

I'll take this one.

Revision history for this message
Sergio Durigan Junior (sergiodj) wrote :

Thanks for the MP, Bryce.

LGTM. Package builds fine, autopkgtest is still OK. The LTO change is really minimal and (unfortunately) a relatively common sight in our packages. It'd be interesting to monitor what will happen in Debian when they switch to GCC 12, and maybe send a report upstream to let them know of this problem, but for now I think it's totally fine to keep things as is.

I verified that the dropped changes are indeed included in this new release.

There's a very small nit in the changelog entry; feel free to address it before uploading.

+1

review: Approve
Revision history for this message
git-ubuntu bot (git-ubuntu-bot) wrote :

Approvers: bryce, sergiodj
Uploaders: bryce, sergiodj
MP auto-approved

review: Approve
Revision history for this message
Bryce Harrington (bryce) wrote :

Thanks, fix added and branch updated.

stirling: ~/pkg/Dovecot/merge-v1e2.3.19.1adfsg1-2/dovecot-gu$ grep ^Vcs ../dovecot_2.3.19.1+dfsg1-2ubuntu1_source.changes
Vcs-Git: https://git.launchpad.net/~bryce/ubuntu/+source/dovecot
Vcs-Git-Commit: 48e8e18c5f014bdcfc83dd02d452419f0bb75937
Vcs-Git-Ref: refs/heads/merge-v1e2.3.19.1adfsg1-2-kinetic
stirling: ~/pkg/Dovecot/merge-v1e2.3.19.1adfsg1-2/dovecot-gu$ dput ubuntu ../dovecot_2.3.19.1+dfsg1-2ubuntu1_source.changes
Checking signature on .changes
gpg: ../dovecot_2.3.19.1+dfsg1-2ubuntu1_source.changes: Valid signature from E603B2578FB8F0FB
Checking signature on .dsc
gpg: ../dovecot_2.3.19.1+dfsg1-2ubuntu1.dsc: Valid signature from E603B2578FB8F0FB
Package includes an .orig.tar.gz file although the debian revision suggests
that it might not be required. Multiple uploads of the .orig.tar.gz may be
rejected by the upload queue management software.
Uploading to ubuntu (via ftp to upload.ubuntu.com):
  Uploading dovecot_2.3.19.1+dfsg1-2ubuntu1.dsc: done.
  Uploading dovecot_2.3.19.1+dfsg1.orig-pigeonhole.tar.gz: done.
  Uploading dovecot_2.3.19.1+dfsg1.orig.tar.gz: done.
  Uploading dovecot_2.3.19.1+dfsg1-2ubuntu1.debian.tar.xz: done.
  Uploading dovecot_2.3.19.1+dfsg1-2ubuntu1_source.buildinfo: done.
  Uploading dovecot_2.3.19.1+dfsg1-2ubuntu1_source.changes: done.
Successfully uploaded packages.

~bryce/ubuntu/+source/dovecot:merge-v1e2.3.19.1adfsg1-2-kinetic updated
a29a9aa... by Bryce Harrington

  * d/control: Build against Lua 5.3 rather than 5.4 for kinetic

3ac1a7a... by Bryce Harrington

changelog

Revision history for this message
Bryce Harrington (bryce) wrote :

This finally migrated over the weekend, along with a couple other dovecot-* source packages that were depending on it.

 dovecot | 1:2.3.16+dfsg1-3ubuntu2 | jammy
 dovecot | 1:2.3.16+dfsg1-3ubuntu2.1 | jammy-security
 dovecot | 1:2.3.16+dfsg1-3ubuntu2.1 | jammy-updates
 dovecot | 1:2.3.19.1+dfsg1-2ubuntu2 | kinetic

dovecot | 1:2.3.4.1-5+deb10u1~bpo9+1 | stretch-backports
dovecot | 1:2.3.4.1-5+deb10u1~bpo9+1 | stretch-backports-debug
dovecot | 1:2.3.13+dfsg1-2 | stable
dovecot | 1:2.3.13+dfsg1-2+deb11u1 | proposed-updates
dovecot | 1:2.3.13+dfsg1-2+deb11u1 | proposed-updates-debug
dovecot | 1:2.3.19.1+dfsg1-2 | testing
dovecot | 1:2.3.19.1+dfsg1-2 | unstable
dovecot | 1:2.3.19.1+dfsg1-2 | unstable-debug

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/debian/changelog b/debian/changelog
2index 14c1e62..335cec2 100644
3--- a/debian/changelog
4+++ b/debian/changelog
5@@ -1,3 +1,31 @@
6+dovecot (1:2.3.19.1+dfsg1-2ubuntu2) kinetic; urgency=medium
7+
8+ * d/control: Build against Lua 5.3 rather than 5.4 for kinetic
9+
10+ -- Bryce Harrington <bryce@canonical.com> Fri, 12 Aug 2022 01:08:37 +0000
11+
12+dovecot (1:2.3.19.1+dfsg1-2ubuntu1) kinetic; urgency=medium
13+
14+ * Merge with Debian unstable (LP: #1971273). Remaining changes:
15+ - d/rules: Package references hidden symbols during an LTO link.
16+ This needs further investigation. Until then, disable LTO.
17+ Disable Debian's recent enablement of LTO as well,
18+ as it FTBFS when building with gcc 11.
19+ (LP #1951325)
20+ * Dropped:
21+ - d/p/OpenSSL3.patch: Workaround to fix EC key handling when building
22+ with OpenSSL 3.0.
23+ (LP: #1945763)
24+ [Fixed in Debian release 1:2.3.19+dfsg1-1]
25+ - privilege escalation via multiple passdbs
26+ + d/p/CVE-2022-30550.patch: fix handling passdbs with
27+ identical driver/args but different mechanisms/username_filter in
28+ src/auth/auth-request.c, src/auth/auth.c, src/auth/auth.h,
29+ src/auth/passdb.c, src/auth/passdb.h.
30+ [Fixed in Debian release 1:2.3.19.1+dfsg1-2]
31+
32+ -- Bryce Harrington <bryce@canonical.com> Tue, 09 Aug 2022 23:02:29 -0700
33+
34 dovecot (1:2.3.19.1+dfsg1-2) unstable; urgency=medium
35
36 [ Christian GΓΆttsche ]
37@@ -67,6 +95,58 @@ dovecot (1:2.3.17.1+dfsg1-1) unstable; urgency=medium
38
39 -- Noah Meyerhans <noahm@debian.org> Tue, 14 Dec 2021 09:24:23 -0800
40
41+dovecot (1:2.3.16+dfsg1-3ubuntu4) kinetic; urgency=medium
42+
43+ * SECURITY UPDATE: privilege escalation via multiple passdbs
44+ - debian/patches/CVE-2022-30550.patch: fix handling passdbs with
45+ identical driver/args but different mechanisms/username_filter in
46+ src/auth/auth-request.c, src/auth/auth.c, src/auth/auth.h,
47+ src/auth/passdb.c, src/auth/passdb.h.
48+ - CVE-2022-30550
49+
50+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Mon, 11 Jul 2022 10:21:41 -0400
51+
52+dovecot (1:2.3.16+dfsg1-3ubuntu3) kinetic; urgency=medium
53+
54+ * No-change rebuild against libicu71
55+
56+ -- Steve Langasek <steve.langasek@ubuntu.com> Sat, 30 Apr 2022 01:54:59 +0000
57+
58+dovecot (1:2.3.16+dfsg1-3ubuntu2) jammy; urgency=medium
59+
60+ * No-change rebuild for icu soname change.
61+
62+ -- Matthias Klose <doko@ubuntu.com> Wed, 09 Feb 2022 09:13:08 +0100
63+
64+dovecot (1:2.3.16+dfsg1-3ubuntu1) jammy; urgency=medium
65+
66+ [ Bryce Harrington ]
67+ * Merge with Debian unstable. (LP: #1946855)
68+ Remaining changes:
69+ - Package references hidden symbols during an LTO link. This needs further
70+ investigation. Until then, disable LTO.
71+ * Dropped:
72+ - SECURITY UPDATE: incorrectly escapes kid and azp fields in JWT tokens
73+ + debian/patches/CVE-2021-29157.patch: improve escaping in
74+ src/lib-dict-extra/dict-fs.c, src/lib-oauth2/oauth2-jwt.c,
75+ src/lib-oauth2/test-oauth2-jwt.c.
76+ [Included in Debian 1:2.3.13+dfsg1-2]
77+ - SECURITY UPDATE: plaintext command injection before STARTTLS
78+ + debian/patches/CVE-2021-33515.patch: properly handle command queue in
79+ src/lib-smtp/smtp-server-cmd-starttls.c,
80+ src/lib-smtp/smtp-server-connection.c.
81+ [Included in Debian 1:2.3.13+dfsg1-2]
82+ * d/rules: Disable Debian's recent enablement of LTO as well, as it
83+ FTBFS when building with gcc 11.
84+ (LP: #1951325)
85+
86+ [ Simon Chopin ]
87+ * d/p/OpenSSL3.patch: Workaround to fix EC key handling when building
88+ with OpenSSL 3.0.
89+ (LP: #1945763)
90+
91+ -- Bryce Harrington <bryce@canonical.com> Wed, 17 Nov 2021 13:46:08 -0800
92+
93 dovecot (1:2.3.16+dfsg1-3) unstable; urgency=medium
94
95 * [7b858b6] Fix FTBFS on mips(64)el. Stacktrace generation on these
96@@ -118,6 +198,40 @@ dovecot (1:2.3.13+dfsg1-2) unstable; urgency=high
97
98 -- Noah Meyerhans <noahm@debian.org> Tue, 20 Jul 2021 08:05:19 -0700
99
100+dovecot (1:2.3.13+dfsg1-1ubuntu3) impish; urgency=medium
101+
102+ * No-change rebuild due to OpenLDAP soname bump.
103+
104+ -- Sergio Durigan Junior <sergio.durigan@canonical.com> Mon, 21 Jun 2021 17:46:46 -0400
105+
106+dovecot (1:2.3.13+dfsg1-1ubuntu2) impish; urgency=medium
107+
108+ * SECURITY UPDATE: incorrectly escapes kid and azp fields in JWT tokens
109+ - debian/patches/CVE-2021-29157.patch: improve escaping in
110+ src/lib-dict-extra/dict-fs.c, src/lib-oauth2/oauth2-jwt.c,
111+ src/lib-oauth2/test-oauth2-jwt.c.
112+ - CVE-2021-29157
113+ * SECURITY UPDATE: plaintext command injection before STARTTLS
114+ - debian/patches/CVE-2021-33515.patch: properly handle command queue in
115+ src/lib-smtp/smtp-server-cmd-starttls.c,
116+ src/lib-smtp/smtp-server-connection.c.
117+ - CVE-2021-33515
118+
119+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Wed, 16 Jun 2021 09:02:15 -0400
120+
121+dovecot (1:2.3.13+dfsg1-1ubuntu1) hirsute; urgency=medium
122+
123+ * Package references hidden symbols during an LTO link. This needs further
124+ investigation. Until then, disable LTO.
125+
126+ -- Matthias Klose <doko@ubuntu.com> Tue, 30 Mar 2021 17:23:55 +0200
127+
128+dovecot (1:2.3.13+dfsg1-1build1) hirsute; urgency=high
129+
130+ * No change rebuild against clucene-core
131+
132+ -- Balint Reczey <rbalint@ubuntu.com> Thu, 18 Feb 2021 18:19:47 +0100
133+
134 dovecot (1:2.3.13+dfsg1-1) unstable; urgency=medium
135
136 [ Christian GΓΆttsche ]
137diff --git a/debian/control b/debian/control
138index 47c8d63..15f8b31 100644
139--- a/debian/control
140+++ b/debian/control
141@@ -1,7 +1,8 @@
142 Source: dovecot
143 Section: mail
144 Priority: optional
145-Maintainer: Dovecot Maintainers <dovecot@packages.debian.org>
146+Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
147+XSBC-Original-Maintainer: Dovecot Maintainers <dovecot@packages.debian.org>
148 Uploaders: Jaldhar H. Vyas <jaldhar@debian.org>,
149 Jelmer Vernooij <jelmer@debian.org>,
150 Apollon Oikonomopoulos <apoikos@debian.org>,
151@@ -18,7 +19,7 @@ Build-Depends: debhelper-compat (= 13),
152 libexttextcat-dev,
153 libicu-dev,
154 libldap2-dev,
155- liblua5.4-dev,
156+ liblua5.3-dev,
157 liblz4-dev,
158 liblzma-dev,
159 libpam0g-dev,
160diff --git a/debian/rules b/debian/rules
161index 724068f..403540f 100755
162--- a/debian/rules
163+++ b/debian/rules
164@@ -6,7 +6,7 @@
165 SHELL=/bin/bash -O extglob
166 PIGEONHOLE_DIR=$(CURDIR)/pigeonhole
167
168-export DEB_BUILD_MAINT_OPTIONS=hardening=+all optimize=+lto
169+export DEB_BUILD_MAINT_OPTIONS=hardening=+all optimize=-lto
170
171 # LP: 1636781 - strip incompatible default linker option
172 ifeq ($(shell dpkg-vendor --derives-from Ubuntu && echo yes),yes)

Subscribers

People subscribed via source and target branches