summaryrefslogtreecommitdiffstats
path: root/debian
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-15 17:36:49 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-15 17:36:49 +0000
commit35283b11095f157c99b0e5dcd115de15fe61d3a4 (patch)
treef9673e8aa4515bd1d93fd3ae7ed6f6f795e4db27 /debian
parentAdding upstream version 1:2.3.21+dfsg1. (diff)
downloaddovecot-35283b11095f157c99b0e5dcd115de15fe61d3a4.tar.xz
dovecot-35283b11095f157c99b0e5dcd115de15fe61d3a4.zip
Adding debian version 1:2.3.21+dfsg1-2.debian/1%2.3.21+dfsg1-2
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'debian')
-rwxr-xr-xdebian/autogen.sh6
-rw-r--r--debian/changelog2859
-rw-r--r--debian/control285
-rw-r--r--debian/copyright271
-rw-r--r--debian/dh.pem13
-rw-r--r--debian/dovecot-core.NEWS181
-rw-r--r--debian/dovecot-core.README.Debian35
-rw-r--r--debian/dovecot-core.bug-control1
-rw-r--r--debian/dovecot-core.bug-script28
-rw-r--r--debian/dovecot-core.dirs4
-rw-r--r--debian/dovecot-core.docs3
-rw-r--r--debian/dovecot-core.dovecot.default4
-rw-r--r--debian/dovecot-core.dovecot.init185
-rw-r--r--debian/dovecot-core.dovecot.pam6
-rw-r--r--debian/dovecot-core.examples1
-rw-r--r--debian/dovecot-core.install5
-rw-r--r--debian/dovecot-core.lintian-overrides73
-rw-r--r--debian/dovecot-core.manpages1
-rw-r--r--debian/dovecot-core.postinst87
-rw-r--r--debian/dovecot-core.postrm48
-rw-r--r--debian/dovecot-core.triggers2
-rw-r--r--debian/dovecot-dev.README.Debian10
-rw-r--r--debian/dovecot-dev.lintian-overrides2
-rw-r--r--debian/dovecot-gssapi.links1
-rw-r--r--debian/dovecot-imapd.links1
-rw-r--r--debian/dovecot-imapd.lintian-overrides2
-rw-r--r--debian/dovecot-imapd.postinst19
-rw-r--r--debian/dovecot-imapd.postrm29
-rw-r--r--debian/dovecot-imapd.prerm12
-rw-r--r--debian/dovecot-imapd.triggers1
-rw-r--r--debian/dovecot-imapd.ufw.profile11
-rw-r--r--debian/dovecot-ldap.links1
-rw-r--r--debian/dovecot-ldap.postinst22
-rw-r--r--debian/dovecot-ldap.postrm27
-rw-r--r--debian/dovecot-ldap.triggers2
-rw-r--r--debian/dovecot-lmtpd.links1
-rw-r--r--debian/dovecot-lmtpd.postinst19
-rw-r--r--debian/dovecot-lmtpd.postrm29
-rw-r--r--debian/dovecot-lmtpd.prerm12
-rw-r--r--debian/dovecot-lmtpd.triggers2
-rw-r--r--debian/dovecot-managesieved.README.Debian17
-rw-r--r--debian/dovecot-managesieved.install1
-rw-r--r--debian/dovecot-managesieved.links1
-rw-r--r--debian/dovecot-managesieved.lintian-overrides1
-rw-r--r--debian/dovecot-managesieved.postinst19
-rw-r--r--debian/dovecot-managesieved.postrm29
-rw-r--r--debian/dovecot-managesieved.prerm12
-rw-r--r--debian/dovecot-managesieved.triggers2
-rw-r--r--debian/dovecot-mysql.links1
-rw-r--r--debian/dovecot-mysql.triggers2
-rw-r--r--debian/dovecot-openssl.cnf23
-rw-r--r--debian/dovecot-pgsql.links1
-rw-r--r--debian/dovecot-pgsql.triggers2
-rw-r--r--debian/dovecot-pop3d.links1
-rw-r--r--debian/dovecot-pop3d.postinst19
-rw-r--r--debian/dovecot-pop3d.postrm29
-rw-r--r--debian/dovecot-pop3d.prerm12
-rw-r--r--debian/dovecot-pop3d.triggers2
-rw-r--r--debian/dovecot-pop3d.ufw.profile11
-rw-r--r--debian/dovecot-sieve.install2
-rw-r--r--debian/dovecot-sieve.links1
-rw-r--r--debian/dovecot-sieve.lintian-overrides4
-rw-r--r--debian/dovecot-sieve.postinst18
-rw-r--r--debian/dovecot-sieve.postrm24
-rw-r--r--debian/dovecot-sieve.triggers2
-rw-r--r--debian/dovecot-solr.README.Debian2
-rw-r--r--debian/dovecot-solr.install1
-rw-r--r--debian/dovecot-solr.links1
-rw-r--r--debian/dovecot-solr.triggers2
-rw-r--r--debian/dovecot-sqlite.links1
-rw-r--r--debian/dovecot-sqlite.triggers2
-rw-r--r--debian/dovecot-submissiond.postinst23
-rw-r--r--debian/dovecot-submissiond.postrm29
-rw-r--r--debian/dovecot-submissiond.prerm12
-rw-r--r--debian/dovecot-submissiond.triggers1
-rw-r--r--debian/gbp.conf14
-rw-r--r--debian/maildirmake.dovecot28
-rw-r--r--debian/maildirmake.dovecot.146
-rw-r--r--debian/patches/Avoid-usage-of-PATH_MAX-not-available-on-hurd.patch22
-rw-r--r--debian/patches/Cleanup-temporary-build-files.patch28
-rw-r--r--debian/patches/Correct-misspellings.patch138
-rw-r--r--debian/patches/Debug-flaky-unit-test.patch65
-rw-r--r--debian/patches/Fix-32bit-sign-comparisons.patch25
-rw-r--r--debian/patches/Fix-uninitialized-read-in-doveadm-oldstats.patch33
-rw-r--r--debian/patches/Improve-cross-compile-support.patch116
-rw-r--r--debian/patches/Silence-LTO-related-compiler-warning.patch28
-rw-r--r--debian/patches/Silence-prototype-conflicts.patch67
-rw-r--r--debian/patches/Support-openssl-3.0.patch45
-rw-r--r--debian/patches/Use-_FORTIFY_SOURCE-level-3.patch57
-rw-r--r--debian/patches/auth-Add-a-comment-about-updating-userdb_find.patch22
-rw-r--r--debian/patches/auth-Fix-handling-passdbs-with-identical-driver-args-but-.patch130
-rw-r--r--debian/patches/default-mail_location.patch35
-rw-r--r--debian/patches/doveadm-director.1-drop-acute-accent.patch46
-rw-r--r--debian/patches/dovecot_name.patch121
-rw-r--r--debian/patches/fix-mail_plugin_dir-default.patch24
-rw-r--r--debian/patches/mboxlocking.patch60
-rw-r--r--debian/patches/md4-md5-disable-optimization-causing-unaligned-access.patch51
-rw-r--r--debian/patches/series25
-rw-r--r--debian/patches/skip-rfc-subdir.patch47
-rw-r--r--debian/patches/split-protocols.patch56
-rw-r--r--debian/patches/ssl-cert-location.patch73
-rw-r--r--debian/patches/ssl-dh-params-location.patch24
-rw-r--r--debian/patches/tcpwrapper.patch45
-rw-r--r--debian/patches/test-backtrace.patch53
-rw-r--r--debian/po/nl.po102
-rwxr-xr-xdebian/rules219
-rw-r--r--debian/salsa-ci.yml8
-rw-r--r--debian/source/format1
-rw-r--r--debian/source/lintian-overrides10
-rw-r--r--debian/source_dovecot.py38
-rw-r--r--debian/tests/control14
-rwxr-xr-xdebian/tests/doveadm7
-rwxr-xr-xdebian/tests/systemd22
-rwxr-xr-xdebian/tests/testmails256
-rwxr-xr-xdebian/tests/usage/00_setup50
-rwxr-xr-xdebian/tests/usage/imap38
-rwxr-xr-xdebian/tests/usage/pop331
-rw-r--r--debian/upstream/metadata5
-rw-r--r--debian/upstream/signing-key.asc51
-rw-r--r--debian/watch8
120 files changed, 6995 insertions, 0 deletions
diff --git a/debian/autogen.sh b/debian/autogen.sh
new file mode 100755
index 0000000..ba3a3cb
--- /dev/null
+++ b/debian/autogen.sh
@@ -0,0 +1,6 @@
+#!/bin/sh
+
+set -eu
+
+autoreconf -f -i -v -Wall
+(cd pigeonhole && autoreconf -f -i -v -Wall)
diff --git a/debian/changelog b/debian/changelog
new file mode 100644
index 0000000..d09b2b7
--- /dev/null
+++ b/debian/changelog
@@ -0,0 +1,2859 @@
+dovecot (1:2.3.21+dfsg1-2) unstable; urgency=medium
+
+ [ Christian Göttsche ]
+ * [a2fbc2f] split-protocols.patch: patch all-settings.c to successfully build twice (Closes: #1044797)
+
+ [ Noah Meyerhans ]
+ * [70e4426] Drop arm64 from libunwind builddep arch list
+
+ -- Noah Meyerhans <noahm@debian.org> Mon, 30 Oct 2023 13:40:35 -0700
+
+dovecot (1:2.3.21+dfsg1-1) unstable; urgency=medium
+
+ [ Noah Meyerhans ]
+ * [753b4fe] Don't build the unmaintained lucene fts plugin (Closes: #1040884)
+ * [5597486] New upstream version 2.3.21+dfsg1
+
+ [ Christian Göttsche ]
+ * [b8017f1] Cleanup temporary build files
+ * [35e1afe] Silence prototype conflicts
+ * [8dda8b9] Update Lintian overrides
+ * [6bae82f] Bump to standards version 4.6.2 (no further changes)
+ * [1f973d2] Mark hurd patch forwarded
+
+ -- Noah Meyerhans <noahm@debian.org> Sat, 14 Oct 2023 08:52:10 -0700
+
+dovecot (1:2.3.20+dfsg1-1) unstable; urgency=medium
+
+ [ Christian Göttsche ]
+ * [fb2a5b7] d/rules: enable stack clash protection
+ * [2666970] d/patches: bump _FORTIFY_SOURCE to level 3
+
+ [ Noah Meyerhans ]
+ * [eab5171] New upstream version 2.3.20+dfsg1
+ * [d6135a4] Drop dependency on obsolete lsb-base package
+
+ -- Noah Meyerhans <noahm@debian.org> Sun, 25 Jun 2023 16:17:56 -0700
+
+dovecot (1:2.3.19.1+dfsg1-2.1) unstable; urgency=medium
+
+ * Non-maintainer upload.
+ * [b02ebc9] Don't use deprecated crypt module.
+ (closes: #1028513)
+
+ -- Bas Couwenberg <sebastic@debian.org> Fri, 20 Jan 2023 07:01:26 +0100
+
+dovecot (1:2.3.19.1+dfsg1-2) unstable; urgency=medium
+
+ [ Christian Göttsche ]
+ * [281fb2c] d/patches: cherry-pick fix for CVE-2022-30550 (Closes: #1016351)
+ * [9c58e71] d/patches: fix uninitialized read in doveadm-oldstats
+ * [a76a24d] d/control: bump to standards version 4.6.1 (no further changes)
+ * [4aaaa8b] Update Lintian overrides
+
+ -- Noah Meyerhans <noahm@debian.org> Fri, 29 Jul 2022 19:58:28 -0700
+
+dovecot (1:2.3.19.1+dfsg1-1) unstable; urgency=medium
+
+ [ Christian Göttsche ]
+ * [e40f93f] d/patches: avoid usage of PATH_MAX not available on hurd
+ * [19e00cd] d/rules: enable backtrace generation
+ * [5bf1c43] d/patches: debug flaky unit test
+
+ [ Noah Meyerhans ]
+ * [b73422f] New upstream version 2.3.19.1+dfsg1
+ * [c88bfc0] Update changelog for 1:2.3.19.1+dfsg1-1 release
+ * [ca59548] Update lintian overrides
+ * [d6406c2] d/copyright: update declarations for current maintainers
+
+ -- Noah Meyerhans <noahm@debian.org> Wed, 22 Jun 2022 09:27:01 -0700
+
+dovecot (1:2.3.19+dfsg1-1) unstable; urgency=medium
+
+ [ Christian Göttsche ]
+ * [0d29e45] d/rules: enable LTO via DEB_BUILD_MAINT_OPTIONS instead of custom flags
+ * [560cceb] d/source/lintian-overrides: update very-long-line-length-in-source-file overrides
+ * [b99d09e] d/copyright: update years
+ * [9ee8271] d/dovecot-core.prerm: drop as superseded by debhelper
+ * [907f85c] d/maintscripts: update
+ * [2b38240] d/dovecot-core.postinst: drop support for version skips
+ * [dcb76d1] d/dovecot-core.postinst: only link certs if existent (Closes: #1009872)
+ * [d223bbd] d/patches: add patch to support openssl 3.0 (Closes: #996273)
+
+ [ Noah Meyerhans ]
+ * [9f3175e] New upstream version 2.3.19+dfsg1
+
+ -- Noah Meyerhans <noahm@debian.org> Sun, 05 Jun 2022 18:29:18 +0000
+
+dovecot (1:2.3.18+dfsg1-1) unstable; urgency=medium
+
+ [ Noah Meyerhans ]
+ * [36966c8] New upstream version 2.3.18+dfsg1
+ * [042bda4] Refresh patches for 1:2.3.18+dfsg1-1
+
+ -- "Noah Meyerhans" <noahm@debian.org> Thu, 10 Feb 2022 20:05:50 +0000
+
+dovecot (1:2.3.17.1+dfsg1-1) unstable; urgency=medium
+
+ [ Christian Göttsche ]
+ * [40b0010] New upstream version 2.3.17+dfsg1
+ * [3c377e0] New upstream version 2.3.17.1+dfsg1
+ * [e2f1ce2] d/patches: rebase and drop upstream applied ones
+ * [533b7ad] d/control: bump to standards version 4.6.0 (no further changes)
+ * [02ed6cf] debian: reduce Lintian issues
+ * [bb3ae48] d/salsa-ci.yml: skip cross build and do not fail on Lintian
+ warnings
+ * [bcda7e4] d/control: build against Lua 5.4
+ * [9eed0dd] d/control: enable libunwind support on available archs
+ * [1990699] d/patches: cherry-pick memory leak commit
+ * [426df46] d/patches: cherry-pick imapsieve fix
+ * [e3d0747] d/patches: add patch for LTO by avoiding unaligned access
+ (Closes: #997513)
+
+ -- Noah Meyerhans <noahm@debian.org> Tue, 14 Dec 2021 09:24:23 -0800
+
+dovecot (1:2.3.16+dfsg1-3) unstable; urgency=medium
+
+ * [7b858b6] Fix FTBFS on mips(64)el. Stacktrace generation on these
+ architectures requires -funwind-tables, as with 32-bit arm.
+
+ -- Noah Meyerhans <noahm@debian.org> Thu, 16 Sep 2021 08:41:27 -0700
+
+dovecot (1:2.3.16+dfsg1-2) unstable; urgency=medium
+
+ [ Christian Göttsche ]
+ * [e1e9ece] d/patches: rework backtrace test patch
+ * [be404bf] d/patches: add big-endian patch
+
+ -- Noah Meyerhans <noahm@debian.org> Fri, 10 Sep 2021 16:10:50 -0700
+
+dovecot (1:2.3.16+dfsg1-1) unstable; urgency=medium
+
+ [ Christian Göttsche ]
+ * [ff4a227] New upstream version 2.3.14+dfsg1
+ * [963fa3b] New upstream version 2.3.15+dfsg1 (Closes: #991323, #983510)
+ * [5e0c898] d/watch: adjust dversionmangle for dfsg suffix
+ * [9ffb0f5] d/patches: update
+ * [850e1d6] New upstream version 2.3.16+dfsg1
+ * [7140b87] d/patches: rebase patches
+ * [fb1b77e] d/rules: enable LTO
+ * [ce7055d] d/control: add libsystemd-dev dependency
+ * [db93263] d/copyright: drop unused section
+ * [aeec1e8] d/rules: update how to set systemdsystemunitdir
+ * [ebe9709] d/patches: resolve compiler warnings
+ * [19b2bb0] d/changelog: bump to 1:2.3.16+dfsg1-1
+ * [58a4078] d/patches: update 32bit warnings patch
+
+ [ Noah Meyerhans ]
+ * [f217c2e] Fix indexer crash
+ * [b075317] Import upstream patch for indexer crash on client disconnect
+ * [36e8740] drop debian/dovecot-core.maintscript
+
+ -- Noah Meyerhans <noahm@debian.org> Thu, 02 Sep 2021 13:22:16 -0700
+
+dovecot (1:2.3.13+dfsg1-2) unstable; urgency=high
+
+ * Import upstream fixes for security issues (Closes: #990566):
+ - CVE-2021-29157: Path traversal issue allowing an attacker with
+ access to the local filesystem can trick OAuth2 authentication into
+ using an HS256 validation key from an attacker-controlled location
+ - CVE-2021-33515: Sensitive information could be redirected to an
+ attacker-controlled address because of a STARTTLS command injection
+ bug in the submission service
+
+ -- Noah Meyerhans <noahm@debian.org> Tue, 20 Jul 2021 08:05:19 -0700
+
+dovecot (1:2.3.13+dfsg1-1) unstable; urgency=medium
+
+ [ Christian Göttsche ]
+ * [6829237] New upstream version 2.3.13 (Closes: #979363)
+ - CVE-2020-24386: IMAP hibernation allows accessing other peoples mail
+ - CVE-2020-25275: MIME parsing crashes with particular messages
+
+ * [6d25736] Add libzstd-dev to build-dependencies (Closes: #969165)
+ * [5956798] Rebase patches
+ * [2cb63c3] Bump to standards version 4.5.1 (no further changes)
+ * [548bac5] Drop unmatched copyright src/lib-ntlm/* wildcard
+ * [6f33f3f] Ignore package-contains-documentation-outside-usr-share-doc
+ false-positives
+ * [dde9c94] Handle removed configuration file in postinst
+
+ [ Pino Toscano ]
+ * [04a60e3] d/{control,rules}: disable apparmor support on !linux archs
+ (Closes: #951869)
+
+ [ Helmut Grohne ]
+ * [e5f9fcb] d/patches: improve cross-compile support (Closes: #979370)
+
+ -- Noah Meyerhans <noahm@debian.org> Mon, 25 Jan 2021 15:38:17 -0800
+
+dovecot (1:2.3.11.3+dfsg1-2) unstable; urgency=medium
+
+ [ Christian Göttsche ]
+ * [44770f6] Add patch for 32bit compiler warnings
+ * [053865a] Lintian: remove unused override
+ * [4ece2e1] Lintian: add forwarded header to Debian specific patches
+ * [67872b7] Lintian: ignore Debian only man page
+ * [d30bd7e] Lintian: tag manpage-without-executable got renamed to
+ spare-manual-page
+ * [3bdf952] Limit libcap-dev build-dependency to linux-any
+ * [28f6425] Drop acute accent in man page
+ * [8c15850] Add patch allowing GSSAPI containing NULL
+
+ -- Noah Meyerhans <noahm@debian.org> Wed, 19 Aug 2020 12:06:07 -0700
+
+dovecot (1:2.3.11.3+dfsg1-1) unstable; urgency=high
+
+ * New upstream release fixes security issues (Closes: #968302)
+ - CVE-2020-12100 - Receiving mail with deeply nested MIME parts leads to
+ resource exhaustion as Dovecot attempts to parse it.
+ - CVE-2020-12673 - Dovecot's NTLM implementation does not correctly check
+ message buffer size, which leads to reading past allocation which can
+ lead to crash.
+ - CVE-2020-12674 - Dovecot's RPA mechanism implementation accepts
+ zero-length message, which leads to assert-crash later on.
+ * Add libcap-dev to build-dependencies to support dropping linux
+ capabilities.
+
+ -- Noah Meyerhans <noahm@debian.org> Thu, 13 Aug 2020 16:21:24 -0700
+
+dovecot (1:2.3.10.1+dfsg1-2) unstable; urgency=medium
+
+ * Support sd_notify with systemd (Closes: #951722)
+ * Add necessary CFLAGS and LDFLAGS settings to ensure functional backtrace
+ generation. (Closes: #962630)
+ * Suppress additional library-not-linked-against-libc lintian warnings some
+ plugins as false-positives, observed on armel systems
+
+ [ Andreas Hasenack ]
+ * d/t/control, d/t/testmails: cherry-pick updated autopkgtests from
+ Ubuntu's 1:2.2.35-2ubuntu1:
+ - d/t/testmails: dropped the hardcoded "Ubuntu" name from the banner
+ text and made it distribution agnostic
+ - d/t/control: added lsb-release to test dependencies, used to get the
+ distribution name
+
+ -- Noah Meyerhans <noahm@debian.org> Tue, 16 Jun 2020 08:29:02 -0700
+
+dovecot (1:2.3.10.1+dfsg1-1) unstable; urgency=medium
+
+ * New upstream release addresses multiple security issues
+ - CVE-2020-10957
+ - CVE-2020-10958
+ - CVE-2020-10967
+ (Closes: #960963, #930919, #928492)
+ * Refresh patches
+ * Strip non-DFSG-compliant docs from .orig archives
+ * Incorporate a number of improvements to debian/ metadata contributed by
+ Christian Göttsche <cgzones@googlemail.com>
+ * Move pid file to /run (Closes: #925443)
+ * Add noahm@debian.org to Uploaders
+ * Work around flakiness in autopkgtest suite
+ * Suppress library-not-linked-against-libc lintian warnings some plugins as
+ false-positives
+
+ -- Noah Meyerhans <noahm@debian.org> Wed, 10 Jun 2020 10:41:37 -0700
+
+dovecot (1:2.3.7.2-1) unstable; urgency=medium
+
+ * [dcaf24e] New upstream version 2.3.7.2
+ - Fixes CVE-2019-11500 for dovecot-core
+ * [111beef] Update pigeonhole to 0.5.7.2
+ - Fixes CVE-2019-11500 for pigeonhole/managesieve
+ * [a422c4c] Bump Standards-Version to 4.4.0; no changes needed
+ * [56e37ed] Bump dh compat to 12; no changes needed.
+ - Drop d/compat in favor debhelper-compat B-D.
+ * [476edbd] Refresh dovecot_name.patch and ssl-cert-location.patch
+ * [9dc7904] Drop patches included in 2.3.7.2.
+ - CVE-2019-10691
+ - CVE-2019-11494
+ - CVE-2019-11499
+ - CVE-2019-7524
+ - avoid-double-closing-mysql.patch
+ - lib-master-test-event-stats-Use-PRIu64-format.patch
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Thu, 29 Aug 2019 11:55:51 +0300
+
+dovecot (1:2.3.4.1-5) unstable; urgency=medium
+
+ * [bd00402] Fix CVE-2019-11494 and CVE-2019-11499 (Closes: #928235)
+ - submission-login: fix null pointer dereference when client
+ disconnects during authentication (CVE-2019-11494)
+ - submission-login: fix assert-crash when receiving an invalid
+ authentication message over TLS (CVE-2019-11499)
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Mon, 29 Apr 2019 23:35:05 +0300
+
+dovecot (1:2.3.4.1-4) unstable; urgency=high
+
+ * [d04d4ba] Fix assert-crash in JSON encoder (CVE-2019-10691)
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Thu, 18 Apr 2019 10:21:19 +0300
+
+dovecot (1:2.3.4.1-3) unstable; urgency=high
+
+ * [07c9212] Fix two buffer overflows when reading oversized FTS headers
+ and/or oversized POP3-UIDL headers (CVE-2019-7524).
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Mon, 25 Mar 2019 23:06:01 +0200
+
+dovecot (1:2.3.4.1-2) unstable; urgency=medium
+
+ [ Laurent Bigonville ]
+ * [ac99918] Fix double-free crash in mysql driver
+ Fix double closing of the connection in the mysql driver, this should
+ fix the crash in the dovecot auth process, taken from upstream.
+ (Closes: #918339)
+
+ [ Apollon Oikonomopoulos ]
+ * [8a30446] Bump Standards-Version to 4.3.0; no changes needed
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Thu, 14 Mar 2019 11:02:39 +0200
+
+dovecot (1:2.3.4.1-1) unstable; urgency=high
+
+ * [bebf0b4] New upstream version 2.3.4.1
+ + Fixes CVE-2019-3814: TLS client auth username handling
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Tue, 05 Feb 2019 16:19:12 +0200
+
+dovecot (1:2.3.4-2) unstable; urgency=medium
+
+ * [51d1317] Fix FTBFS on 32-bit platforms.
+ Cherry-pick upstream commit de42b54, fixing the event-stats test on
+ 32-bit platforms.
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Sat, 24 Nov 2018 02:02:17 +0200
+
+dovecot (1:2.3.4-1) unstable; urgency=medium
+
+ * [14c247f] New upstream version 2.3.4
+ * [7fed004] Update pigeonhole to 0.5.4
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Fri, 23 Nov 2018 22:00:06 +0200
+
+dovecot (1:2.3.3-1) unstable; urgency=medium
+
+ [ Jelmer Vernooij ]
+ * Trim trailing whitespace.
+
+ [ Apollon Oikonomopoulos ]
+ * [6591a99] New upstream version 2.3.3
+ * [3d718ec] Bump Standards-Version to 4.2.1; no changes needed
+ * [123bd32] Update pigeonhole to 0.5.3
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Thu, 04 Oct 2018 17:29:40 +0300
+
+dovecot (1:2.3.2.1-1) unstable; urgency=medium
+
+ * [40ba9f0] New upstream bugfix release 2.3.2.1
+ * [87045ac] Drop fix-ftbfs-on-32bit.patch; merged upstream
+ * [5bb22a4] Bump Standards-Version to 4.1.5; no changes needed
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Tue, 10 Jul 2018 17:51:43 +0300
+
+dovecot (1:2.3.2-2) unstable; urgency=medium
+
+ * [48067de] Fix FTBFS on 32-bit platforms by cherry-picking upstream commit
+ 1e23986f.
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Wed, 04 Jul 2018 12:43:14 +0300
+
+dovecot (1:2.3.2-1) unstable; urgency=medium
+
+ * [bb03669] New upstream version 2.3.2
+ + Upload to unstable
+ * [d29da3a] Merge 2.3 package changes from experimental. Important changes:
+ + [b3d1e17] Enable AppArmor support, see
+ https://wiki2.dovecot.org/Plugins/Apparmor
+ • B-D on libapparmor-dev
+ + [c0c55bd] Enable Lua scripting support for authdb/passdb.
+ • B-D on liblua5.3-dev
+ • New binary package, dovecot-auth-lua
+ + [4f6792e] Build with sodium support, enabling the ARGON2I and ARGON2ID
+ password schemes.
+ • B-D on libsodium-dev
+ + [54347e7] Build with ICU support enabling FTS unicode normalization
+ • B-D on libicu-dev
+ + New dovecot-submissiond binary package for the dovecot submission agent;
+ see https://wiki2.dovecot.org/Submission.
+ * [4db4813] Change maintainer address to dovecot@packages.d.o
+ * [5118354] Update pigeonhole to 0.5.2
+ * [52a7af4] Drop murmur3-big-endian.patch; merged upstream
+ * [22a6eee] Refresh dovecot_name.patch
+ * [3af7568] dovecot_name.patch: apply to submissiond as well
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Wed, 04 Jul 2018 08:57:45 +0300
+
+dovecot (1:2.2.36-1) unstable; urgency=medium
+
+ * [19f2274] d/gbp.conf: set merge-mode to "merge" to preserve pigeonhole/
+ when importing new dovecot sources
+ * [6b9bf0d] New upstream version 2.2.36
+ * [be12f22] Bump pigeonhole version to 0.4.24
+ + Remove new file under doc/rfc
+ + Ship the new imap_filter_sieve module in dovecot-sieve
+ * [b77be59] Bump Standards-Version to 4.1.4; no changes needed
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Wed, 06 Jun 2018 09:31:49 +0300
+
+dovecot (1:2.2.35-2) unstable; urgency=medium
+
+ * [7665652] Use git-subtree to generate pigeonhole patch from git; add
+ single-debian-patch to d/source/local-options
+ * [bfa0f10] d/rules: specify libdir manually; previous upload moved modules
+ under /usr/lib/<triplet>, which was bound to break existing setups
+ * [982e826] d/copyright: adjust pigeonhole path and bump years
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Thu, 22 Mar 2018 16:56:40 +0200
+
+dovecot (1:2.2.35-1) unstable; urgency=medium
+
+ * [8108cba] New upstream version 2.2.35
+ * [6cbbaa1] Update pigeonhole to 0.4.23 (Closes: #892137)
+ * [9ace5f2] Switch Vcs-* URLs to salsa.d.o
+ * [ef40625] d/rules: call configure via dh_auto_configure.
+ Thanks to Helmut Grohne (Closes: #885854)
+ * [a459455] Drop B-D on libcurl4-gnutls-dev; removed upstream since 2.2
+ * [235af9d] Update upstream signing key
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Tue, 20 Mar 2018 11:15:42 +0200
+
+dovecot (1:2.2.34-2) unstable; urgency=high
+
+ * [868dc65] Update pigeonhole to 0.4.22
+ * Set urgency to high due to the security fixes in 2.2.34-1
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Fri, 02 Mar 2018 18:36:23 +0200
+
+dovecot (1:2.2.34-1) unstable; urgency=medium
+
+ * [f53dc9a] New upstream version 2.2.34 (Closes: #921529)
+ Fixes the following security issues:
+ + CVE-2017-15130: TLS SNI config lookups may lead to excessive memory
+ usage (Closes: #891820)
+ + CVE-2017-14461: rfc822_parse_domain information leak vulnerability
+ (Closes: #891819)
+ + CVE-2017-15132: auth client leaks memory if SASL authentication is
+ aborted (Closes: #888432)
+ * [0dc98c6] Do not patch all-settings.c; regenerate it at build time
+ instead. Thanks to Aki Tuomi!
+ * [e678e3b] Bump dh compat to 11
+ + B-D on debhelper (>= 11~)
+ + Use dh_installsystemd instead of dh_systemd_enable
+ * [271b290] Bump Standards-Version to 4.1.3; no changes needed
+ * [3cd6715] d/copyright: bump upstream and debian years
+ * [380d1ac] Drop the ENABLED flag from /etc/default/dovecot (but let the
+ initscript handle it if it exists)
+ * [97d6fae] d/watch: switch upstream URL to https://
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Thu, 01 Mar 2018 10:55:49 +0200
+
+dovecot (1:2.2.33.2-1) unstable; urgency=medium
+
+ * [8216f38] New upstream version 2.2.33.2
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Sat, 11 Nov 2017 20:59:43 +0200
+
+dovecot (1:2.2.33.1-1) unstable; urgency=medium
+
+ * [dbd1132] New upstream version 2.2.33.1
+ + [b3d1f2d] Refresh split-protocols.patch
+ + [e0de123] Update pigeonhole to 0.4.21
+ * [ef6a1eb] Set mail_privileged_group to 'mail' by default (Closes: #711856)
+ * [aeb6cf3] d/copyright: convert to Format 1.0
+ * [5961f9d] Use dh-autoreconf for both, dovecot and pigeonhole.
+ * [85f1f0f] Bump Standards to 4.1.1; no changes needed
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Fri, 13 Oct 2017 16:28:14 +0300
+
+dovecot (1:2.2.32-2) unstable; urgency=medium
+
+ * [fa71c69] dovecot-core.postinst: remove dovecot-common's postrm
+ (Closes: #696382)
+ * [e835c67] Ship decode2text.sh as an example (Closes: #767313)
+ * [63fb486] Deprecate dovecot-dbg in favor of auto dbgsyms
+ * [36b44b9] Handle unsupported SSLv2/SSLv3 in the ssl_protocols setting
+ gracefully (Closes: #866752)
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Tue, 19 Sep 2017 16:59:38 +0300
+
+dovecot (1:2.2.32-1) unstable; urgency=medium
+
+ * [6652d9c] New upstream version 2.2.32.
+ * [c9cb096] Update pigeonhole to 0.4.20.
+ * [b499950] dovecot-core: remove SSL key/cert symlinks on purge
+ (Closes: #867157)
+ * [dbdcc66] dovecot-core.postinst: ignore adduser errors (Closes: #867849)
+ * [476c950] Bump Standards to 4.1.0; no changes needed.
+ * [2914efa] Drop B-D on autotools-dev, it is depended on by debhelper 10.
+ * [305d022] Remove Fabio, Joel and Marco from Uploaders. Thanks for your work!
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Tue, 12 Sep 2017 16:15:52 +0300
+
+dovecot (1:2.2.31-1) unstable; urgency=medium
+
+ * [9b058f3] New upstream version 2.2.31
+ + [2b577c1] Bump pigeonhole version to 0.4.19
+ * Enable TLS by default:
+ + [7ca4b1c] Update SSL cert location patch; cert/key should reside under
+ /etc/dovecot/private by default.
+ + [05d3d0f] Use ssl-cert-snakeoil certificates to setup SSL by default
+ (Closes: #376146, #786570)
+ + [862901f] dovecot-core.postinst: manage 10-ssl.conf using ucf
+ (Closes: #850538)
+ + [418df05] README.Debian: document the new TLS setup
+ + [47bade9] dovecot-core.NEWS: document TLS support
+ * [8356bc0] Handle /etc/dovecot/private mode using dpkg-statoverride
+ * dovecot-core.postinst: cleanup
+ + [afbd33f] dovecot-core.postinst: always call adduser
+ + [ee22dc5] dovecot-core.postinst: remove obsolete conffile handling
+ + [7bb298b] dovecot-core.postinst: do not remove the imapd user/group
+ * [815a2d1] README.Debian: cleanup
+ * [91115a3] Use noawait dpkg triggers (lintian warning)
+ * [e845cec] Add basic usage DEP-8 test, doing end-to-end tests involving
+ LDA, IMAP and POP3.
+ * [71c73ef] systemd: convert service to Type=simple and start after
+ network-online.target (Closes: #865546, #825562)
+ * [1534fac] dovecot.service: enable ProtectSystem=full
+ * [d276c69] B-D only on default-libmysqlclient-dev
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Tue, 27 Jun 2017 18:18:12 +0300
+
+dovecot (1:2.2.30.2-1) unstable; urgency=medium
+
+ * [401e83d] New upstream version 2.2.30.2
+ * [1ea8321] Bump pigeonhole version to 0.4.18
+ * [97bf8ec] Drop CVE-2017-2669 patch
+ * [9c1bbe2] Drop fix-sha3-on-big-endian.patch
+ * [d3c607b] Refresh dovecot_name.patch
+ * [5c64268] Bump Standards to 4.0.0; no changes needed
+ * [0b884fc] Bump compat to 10
+ + B-D on debhelper (>= 10)
+ + Drop B-D on dh-systemd, now provided by debhelper
+ + Run dh --without=autoreconf, since we use autotools-dev
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Thu, 22 Jun 2017 22:22:59 +0300
+
+dovecot (1:2.2.27-3) unstable; urgency=high
+
+ * [117285a] Remove /etc/dovecot/README (Closes: #849290)
+ * [04e8ce3] auth: Do not double-expand key in passdb dict when
+ authenticating (CVE-2017-2669) (Closes: #860049)
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Tue, 11 Apr 2017 00:46:54 +0300
+
+dovecot (1:2.2.27-2) unstable; urgency=medium
+
+ * [30586e3] Fix SHA3 on big-endian architectures.
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Thu, 15 Dec 2016 22:24:56 +0200
+
+dovecot (1:2.2.27-1) unstable; urgency=medium
+
+ [ Jaldhar H. Vyas ]
+ * [b1e4693] Imported Upstream version 2.2.27
+ + Includes fix for CVE-2016-8652 (Closes: #846605)
+
+ [ Apollon Oikonomopoulos ]
+ * [b25993a] Drop patches merged upstream:
+ + call_openssl_cleanup_at_deinit.patch
+ + disable_sslv23.patch
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Wed, 14 Dec 2016 21:48:46 +0200
+
+dovecot (1:2.2.26.0-4) unstable; urgency=medium
+
+ * [3015f35] Drop references to SSLv2 in the default SSL protocols (Closes: #844271)
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Mon, 14 Nov 2016 17:55:26 +0200
+
+dovecot (1:2.2.26.0-3) unstable; urgency=medium
+
+ * [b03027b] Call OPENSSL_cleanup() on dcrypt_openssl unload. Fixes FTBFS
+ with OpenSSL 1.1.0c.
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Sun, 13 Nov 2016 10:56:30 +0200
+
+dovecot (1:2.2.26.0-2) unstable; urgency=medium
+
+ * [9db7d1b] Fix upgrades from 2.2.25 (Closes: #843028)
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Tue, 08 Nov 2016 15:06:16 +0200
+
+dovecot (1:2.2.26.0-1) unstable; urgency=medium
+
+ [ Apollon Oikonomopoulos ]
+ * [18fc181] New upstream version 2.2.26.0 (Closes: #828286, #834837)
+ * [3ecfd3c] Update pigeonhole to 0.4.16
+ * [61ff825] Move libdovecot-ldap and libdict_ldap to dovecot-ldap (Closes:
+ #830135).
+ * [b3a1650] Ubuntu: disable -Bsymbolic-functions ld flag.
+ Thanks to Christian Ehrhardt <christian.ehrhardt@canonical.com>
+ (Closes: #842151) (LP: #1636781)
+ * [5828ab1] B-D on default-libmysqlclient-dev (but keep plain
+ libmysqlclient-dev as an alternative to ease backports).
+ * [0086110] Drop DRAC plugin.
+ Thanks to Christian Ehrhardt <christian.ehrhardt@canonical.com>
+ (Closes: #842153)
+
+ [ Jaldhar H. Vyas ]
+ * [60808eb] Move aclocal *.m4 files into -dev package.
+ * [52fd869] Move lib95_imap_sieve_plugin.so into dovecot-sieve (Closes:
+ #832046).
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Thu, 07 Jul 2016 10:17:58 +0200
+
+dovecot (1:2.2.25-1) unstable; urgency=medium
+
+ * [cc29a81] Imported Upstream version 2.2.25
+ * [d19bcca] Updated pigeonhole patch to 0.4.14
+ * [16db179] Merged in some features of the Ubuntu dovecot package.
+ + dovecot-core: added lsb-base dependency.
+ + dovecot-core: Added apport hook.
+ + dovecot-imapd,dovecot-pop3d: Added ufw profiles.
+ Thanks to Christian Erhardt <christian.ehrhardt@canonical.com>
+ (Closes: #828864)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Fri, 01 Jul 2016 17:07:03 -0400
+
+dovecot (1:2.2.24-1) unstable; urgency=medium
+
+ * [26020b6] Imported Upstream version 2.2.24 (Closes: #818652)
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Mon, 09 May 2016 10:42:08 +0300
+
+dovecot (1:2.2.23-1) unstable; urgency=medium
+
+ [ Jaldhar H. Vyas ]
+ * Drop missing-expunges.patch, merged upstream
+
+ [ Apollon Oikonomopoulos ]
+ * [8a01915] Imported Upstream version 2.2.23
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Tue, 12 Apr 2016 17:30:03 +0300
+
+dovecot (1:2.2.22-1) unstable; urgency=medium
+
+ [ Jaldhar H. Vyas ]
+ * [2321581] Imported Upstream version 2.2.22
+ * [3fa8a62] Updated pigeonhole patch to 0.4.13
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Fri, 18 Mar 2016 19:18:34 -0400
+
+dovecot (1:2.2.21-1) unstable; urgency=medium
+
+ [ Jaldhar H. Vyas ]
+ * [d9c0630] Imported Upstream version 2.2.21 (Closes: #809666, #708539,
+ #801346, 803223)
+ * [5360548] Updated pigeonhole patch to 0.4.12
+ * [5e6783f] Fixed typo in dovecot-core.README.Debian.
+ Thanks to Ingo Wichmann <iw-debian@linuxhotel.de> (Closes: #809717)
+ * [d00d0c7] Create /var/lib/dovecot in the package. (Closes: #801752)
+ * [6510373] Upstream patch for sync problem which could cause expunged
+ messages to keep reappearing. (Closes: #684499)
+ * [040f7fa] dovecot-core: dovecot.socket not enabled on installation
+ (Closes: #814999)
+ * [fc29003] /etc/dovecot/10-ssl.conf no longer managed by ucf or modified by
+ postinst. Thanks to Santiago Vila <sanvila@unex.es> (Closes: #773237)
+ * [0d16e16] Fixed some lintian warnings.
+ * [801ba7e] Added Apollon to uploaders
+
+ [ Apollon Oikonomopoulos ]
+ * [99ef3d8] Build with lz4 support (Closes: #784321)
+ * [92f68aa] Fix nss userdb (Closes: #712764)
+ * [41b9bde] Disable dovecot.socket in existing installations.
+ * [49c5b97] d/rules: specify systemd unit dir manually (Closes: #720854)
+ * [a377ccb] Convert to dh sequencer
+ * [48af954] B-D on debhelper >= 9
+ * [591c315] Bump standards to 3.9.7; no changes needed
+ * [ceb629e] Use dh_installinit --name
+ * [ef8d8ac] d/rules: refactor file installation
+ * [a899bcc] dovecot-core: use dh_installman
+ * [6159e00] d/rules: build in parallel if requested
+ * [51014e6] d/control: use HTTPS Vcs-* URLs
+ * [b385cf5] dovecot-sieve: replace Conflicts with Breaks
+ * [b4a9e68] Add basic DEP-8 tests
+ * [7452649] Add DEP-8 tests for systemd support
+ * [e5101aa] Re-enable PIE and bindnow
+ * [5717808] Fix invoke-rc.d calls and never call init.d directly
+ * [3504241] Drop debconf remains
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Tue, 01 Mar 2016 19:31:42 -0500
+
+dovecot (1:2.2.20-1) UNRELEASED; urgency=medium
+
+ * [68d5038] Imported Upstream version 2.2.20
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Sun, 13 Dec 2015 10:21:21 -0500
+
+dovecot (1:2.2.19-1) UNRELEASED; urgency=medium
+
+ * [146ef57] Imported Upstream version 2.2.19
+ * [3af7cad] Updated pigeonhole patch to 0.4.9
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Sun, 13 Dec 2015 09:41:56 -0500
+
+dovecot (1:2.2.18-2) unstable; urgency=high
+
+ * [3f3bf71] Updated pigeonhole patch to 0.4.8 (Closes: #792669)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Sun, 23 Aug 2015 23:16:28 -0400
+
+dovecot (1:2.2.18-1) unstable; urgency=medium
+
+ * [cce20a5] Imported Upstream version 2.2.18. Closes: #786760
+ * [36d2ec1] Refresh patch dovecot_name.patch.
+ * [109e6f8] Drop patch cve-2015-3420.patch: applied upstream.
+ * [6c59f09] Depend on krb5-multidev rather than libkrb5-dev.
+
+ -- Jelmer Vernooij <jelmer@debian.org> Sun, 24 May 2015 15:01:19 +0000
+
+dovecot (1:2.2.16-1) unstable; urgency=medium
+
+ * [e9d9193] Imported Upstream version 2.2.16
+ * [976c256] Remove gbp- prefix from section names in debian/gbp.conf.
+ * [762b9a6] Add Dutch translation. Thanks, Frans Spiesschaert. Closes: #766203
+ * [dea3dd6] Drop bye_logout_not_sent.patch: already included upstream.
+
+ -- Jelmer Vernooij <jelmer@debian.org> Mon, 04 May 2015 12:23:05 +0000
+
+dovecot (1:2.2.13-12) unstable; urgency=high
+
+ * [48f6fe4] Add patch cve-2015-3420.patch: Fix SSL/TLS handshake failures
+ leading to a crash of the login process with newer versions of OpenSSL.
+ Closes: #783649 (CVE-2015-3420)
+
+ -- Jelmer Vernooij <jelmer@debian.org> Mon, 04 May 2015 11:38:30 +0000
+
+dovecot (1:2.2.13-11) unstable; urgency=high
+
+ * [ebc0377] Don't allow install of dovecot-sieve without a new enough
+ dovecot-core. (Closes: #772885)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Sun, 14 Dec 2014 12:27:50 -0500
+
+dovecot (1:2.2.13-10) unstable; urgency=high
+
+ [ Jelmer Vernooij ]
+ * [93db7f0] Fix path to 90-sieve-extprograms.conf in dovecot-sieve.postinst.
+ Closes: #772703, #772711
+
+ [ Jaldhar H. Vyas ]
+ * [8c627a4] Add another db_stop this time for triggers. Die #770695 die!
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Wed, 10 Dec 2014 19:56:20 -0500
+
+dovecot (1:2.2.13-9) unstable; urgency=high
+
+ * [5b689f6] Made some overlooked configuration files into conffiles;
+ deleted excess files from /usr/share/doc/dovecot-core.
+ * [83f2fc4] Explicitly stop debconf in dovecot-core postinst which hopefully
+ fixes the last of the install hangs.
+ Thanks to Chris Gilbert <zeke.gilbert@gmail.com> (Closes: #770695)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Tue, 09 Dec 2014 06:17:23 -0500
+
+dovecot (1:2.2.13-8) unstable; urgency=medium
+
+ * [b2f652f] Turn off SSL by default and leave SSL cert locations commented
+ out. Hopefully this will be a satisfactory lowest common denominator for
+ new installs without messing with upgrades.
+ (Closes: #771334, #771407)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Tue, 02 Dec 2014 00:21:30 -0500
+
+dovecot (1:2.2.13-7) unstable; urgency=high
+
+ * [daea09a] Commented out cert locations so install doesn't bomb if the
+ certs haven't been created yet.
+ (Closes: #706216, #732263, #767154, #768253, #769461, #770697)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Fri, 28 Nov 2014 00:27:03 -0500
+
+dovecot (1:2.2.13-6) unstable; urgency=medium
+
+ * [f7205c0] dovecot-dev: removed dependency on dovecot-core
+ * [e393868] Removed SSL certificate generation from postinst. From now on
+ you have to do this yourself. See dovecot-core's README.debian for
+ instructions. (Closes: #730828)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Sat, 25 Oct 2014 23:31:42 -0400
+
+dovecot (1:2.2.13-5) unstable; urgency=medium
+
+ * Fix name of organizationName field in SSL configuration for self-
+ signed certs. Closes: #760653
+
+ -- Jelmer Vernooij <jelmer@debian.org> Sat, 06 Sep 2014 23:19:51 +0200
+
+dovecot (1:2.2.13-4) unstable; urgency=medium
+
+ * Add Provides with dovecot ABI version, for plugins to depend on.
+ Closes: #456021
+
+ -- Jelmer Vernooij <jelmer@debian.org> Sun, 20 Jul 2014 19:31:09 +0200
+
+dovecot (1:2.2.13-3) unstable; urgency=medium
+
+ * Build-depend on clucene 2.3 or later, which upstream lists as the
+ minimum version. Closes: #754141
+ * Use configuration file for openssl certificate configuration.
+ * Use canonical address for Vcs-Browser header.
+ * Remove unnecessary asterisk from NEWS entry; fixes lintian warning.
+ * Remove unused lintian override for usr/lib/dovecot/imap.
+ * dovecot-core: Ignore lintian warnings for empty directories.
+
+ -- Jelmer Vernooij <jelmer@debian.org> Tue, 08 Jul 2014 01:48:08 +0200
+
+dovecot (1:2.2.13-2) unstable; urgency=medium
+
+ * [bd5e34b] Patches from upstreams' hg repo to fix BYE and LOGOUT not being
+ sent. (Closes: #751682)
+ * [452e336] Czech translation for debconf.
+ Thanks to Michal Šimůnek (Closes: #751389)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Wed, 25 Jun 2014 01:38:59 -0400
+
+dovecot (1:2.2.13-1) unstable; urgency=medium
+
+ * [0680040] Imported Upstream version 2.2.13
+
+ -- Jelmer Vernooij <jelmer@debian.org> Sun, 25 May 2014 18:45:38 +0200
+
+dovecot (1:2.2.13~rc1-1) unstable; urgency=medium
+
+ * [7751508] Imported Upstream version 2.2.13~rc1
+ + Fixes denial of service vulnerability (CVE-2014-3430). Closes: #747549
+
+ -- Jelmer Vernooij <jelmer@debian.org> Sat, 10 May 2014 14:34:14 +0200
+
+dovecot (1:2.2.12-3) unstable; urgency=medium
+
+ * [0383db0] Break long line.
+ * [c961b6a] Fix installation of sieve plugins. Closes: #742770, #684271
+ * [388d2bf] Strip body.rfc5173.txt from the pigeonhole patch, as it is
+ non-free. Closes: #745398
+
+ -- Jelmer Vernooij <jelmer@debian.org> Wed, 23 Apr 2014 02:56:56 +0200
+
+dovecot (1:2.2.12-2) unstable; urgency=medium
+
+ * [c882a38] Add build dependencies libstemmer-dev and libexttextcat-dev,
+ used by dovecot-lucene.
+ * [67762d4] Use autotools-dev to update config.guess and config.sub.
+ * [33e79b7] Update Japenese po file. Thanks, victory. Closes: #730171
+ * [cbf213b] Add non-standard-dir-perm override for /etc/dovecot/private.
+
+ -- Jelmer Vernooij <jelmer@debian.org> Sun, 23 Mar 2014 17:57:04 +0000
+
+dovecot (1:2.2.12-1) experimental; urgency=medium
+
+ * [52b67de] Update watch file for 2.2 series.
+ * [c4eac1f] Verify upstream tarball signature in watch file.
+ * [3a81ff9] Imported Upstream version 2.2.12
+ * [8950a86] Bump standards version to 3.9.5 (no changes).
+ * [cd82417] Add myself to uploaders.
+
+ -- Jelmer Vernooij <jelmer@debian.org> Thu, 06 Mar 2014 22:45:19 +0000
+
+dovecot (1:2.2.10-1) unstable; urgency=low
+
+ * [0496c52] Imported Upstream version 2.2.10
+ * [515dd61] Added new package for Lucene full text search support.
+ Thanks to Jelmer Vernooij <jelmer@debian.org> for the patch.
+ (Closes: #685979)
+ * [718a68e] Fix old private key location in README.Debian.
+ Thanks to Jelmer Vernooij <jelmer@debian.org> for the patch.
+ (Closes: #702385)
+ * [42da568] dovecot-solr: Make sure solr-schema.xml gets installed.
+ (In /usr/share/dovecot)
+ (Closes: #695185)
+ * [77acbf7] Added /usr/share/dovecot/dovecot-abi file in dovecot-dev to
+ document -- you guessed it! -- the dovecot ABI version.
+ * [feb597a] Added support for xz compression.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Thu, 06 Mar 2014 02:51:34 -0500
+
+dovecot (1:2.2.9-1) unstable; urgency=low
+
+ [ Jaldhar H. Vyas ]
+ * [77468cf] Imported Upstream version 2.2.9
+ * [43e08f3] Place dovenull user in its own group. (Closes: #725164)
+ * [e1a3e9c] Handled the fact that dovecot-db.conf.ext is no longer used.
+ (Closes: #728107, #730403)
+
+ [Debconf translation updates]
+ * Russian (Yuri Kozlov). (Closes: #729106)
+ * German (Chris Leick). (Closes: #729358)
+ * Danish (Joe Hansen). (Closes: #729425)
+ * French (Julien Patriarca). (Closes: #729966)
+ * Portuguese (Américo Monteiro). (Closes: #730006)
+ * Polish (Michał Kułach). (Closes: #730061)
+ * Italian (Beatrice Torracca). (Closes: #730136)
+ * Japanese (victory). (Closes: #73017)
+ * Swedish (Martin Bagge / brother). (Closes: #730188)
+ * Spanish; (Camaleón). (Closes: #730354)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Thu, 16 Jan 2014 15:42:13 -0500
+
+dovecot (1:2.2.8-1) UNRELEASED; urgency=low
+
+ * [6157a2b] New upstream version 2.2.8
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Thu, 21 Nov 2013 16:54:46 -0500
+
+dovecot (1:2.2.5-1) experimental; urgency=low
+ [ Micah Anderson ]
+ * [a0035bf] New upstream version 2.2.5
+ * [a053c49] Update pigeonhole patch to 0.4.1
+ * [689cd67] refreshed patches
+
+ [ Jaldhar H. Vyas ]
+ * Caused bugs and then fixed them again.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Mon, 09 Sep 2013 00:57:32 -0400
+
+dovecot (1:2.1.17-2) unstable; urgency=low
+
+ * [e8286e0] New version of drac patch taken from Ubuntu which works better
+ with 2.x (Closes: #716764)
+ * [23acb40] Add a patch from Ubuntu to report the distro name in the login
+ banner why not.
+ * [f8d566e] Don't need dovecot-common package anymore; get rid of it.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Sat, 07 Sep 2013 14:58:05 -0400
+
+dovecot (1:2.1.17-1) experimental; urgency=low
+
+ [ Jaldhar H. Vyas ]
+ * [fa0d6aa] Re-enable mbox write locking patch to comply with policy 11.6
+ (Closes: #720502)
+ * [38691fb] New upstream version (Closes: #719021)
+ * [1361144] prompts in dovecot-core postinst debconfiscated.
+ * IN MEMORIAM: Goldy the Goldfish (2000-2013) You were a prince (or
+ perhaps princess?) among fish and we shall all miss you dearly.
+ May your karmas merit much punya in future lives.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Fri, 23 Aug 2013 01:46:20 -0400
+
+dovecot (1:2.1.16-1) experimental; urgency=low
+
+ * [9741bd8] New Upstream version
+ * [3476489] Updated pigeonhole patch to 0.3.5
+ * [d4f236f] Removed some patches which are no longer required.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Fri, 14 Jun 2013 16:25:19 -0400
+
+dovecot (1:2.1.7-8) experimental; urgency=low
+
+ * This version is not actually intended for upload. It merely undoes
+ some changes made for the the wheezy release. Namely, the following
+ features are back:
+ - TCP Wrappers support
+ - Hurd compatibility support
+ - Triggers.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Thu, 13 Jun 2013 16:14:21 -0400
+
+dovecot (1:2.1.7-7) unstable; urgency=high
+
+ * If you are upgrading from stable or earlier versions of this package
+ from testing/unstable please carefully read
+ /usr/share/doc/dovecot-core/README.Debian.gz for important information
+ about changes.
+ * [0d74b31] Move Breaks/Replaces mailavenger from dovecot-common to
+ dovecot-core (Closes: #694376)
+ * [a8030a1] Revamped dovecot-cores README.Debian by adding any info I could
+ think of in order to ease upgrade problems. (Closes: #696820)
+ * [04798d3] Don't touch 10-ssl.conf at all. Eventually I will DTRT with
+ regards to the default generated ssl certificates but in the mean time
+ this will do the least mischief. (Closes: #696817)
+ * [fde17d1] Patch to make /etc/dovecot/readme point to the right place for
+ the example configuration. (Closes: #698941)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Mon, 04 Feb 2013 16:27:17 -0500
+
+dovecot (1:2.1.7-6) unstable; urgency=high
+
+ * WARNING: in order to get this package into wheezy some functionality
+ from the previous release had to be removed. Namely:
+ - TCP Wrappers support
+ - Hurd compatibility support
+ - Triggers
+ All this will be coming back in the next version but for now, if you need
+ any of it, stick with -5.
+ * [1f869e0] NEWS.Debian was not getting added to the package (Closes: #693621)
+ * [564c5e2] Add breaks and replaces mailavenger for debian-common
+ (Closes: #694376)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Fri, 14 Dec 2012 17:01:33 -0500
+
+dovecot (1:2.1.7-5) unstable; urgency=high
+
+ * [132bc3b] Remove call to ntp-wait in init script. Dovecot handles a
+ skewed clock much better now. (Closes: #693225)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Wed, 14 Nov 2012 14:45:29 -0500
+
+dovecot (1:2.1.7-4) unstable; urgency=high
+
+ * [68ef7ad] piuparts complained /etc/dovecot/private was left unowned on
+ purge which is against policy (Closes: #692944)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Sun, 11 Nov 2012 23:45:07 -0500
+
+dovecot (1:2.1.7-3) unstable; urgency=high
+
+ [ Jaldhar H. Vyas ]
+ * [03d5499] Do not generate new dovecot cert if key or cert is already
+ present (Closes: #685896,#631257) Thanks to Alexander Ufimtsev
+ <alexu@ucd.ie> and Jörg-Volker Peetz <jvpeetz@web.de> for patches.
+ * [5be6c2a] You should be able to upgrade and remove dovecot-managesieved
+ without errors (Closes: #665487)
+ * [1a9ad5c] Fixes instances where UTF-8 was misused instead of mUTF-7
+ (Closes: #680035)
+ * [c0ac3ba] Backport of fix for failure to autocreate mailboxes
+ (Closes: #623440) This also requires setting the default mail_location.
+ * [ba1d3f5] Fix FTBS on Hurd (Closes: #686931) via upstream patch backported
+ from mercurial.
+ * [cfa92b5] Upgrade pigeonhole page to 0.3.1 (Closes: #688407)
+ * [58f01c2] Generated certificates will now be created in /etc/dovecot
+ (Closes: #608719)
+ * [8e40ea5] Patch to build with PIE and bindnow
+ by intrigeri@debian.org (Closes: #679017)
+ * [87d982b] Use libwrap (Closes: #685850)
+ * [ebb5421] Start after nslcd (Closes: #692632)
+ * [2db5c1a] Add support for dpkg triggers. This means dovecot will not be
+ repeatedly restarted when installing or removing lots of plugins
+ (Closes: #601744)
+ * [bc66629] Patch to document -k in dsync.1
+ by Luca Capello <luca@pca.it> (Closes: #680992)
+ * [ba67766] Add lintian overrides.
+
+ [ Marco Nenciarini ]
+ * [ffba408] Updated watch file
+ * [9777434] Install missing default configuration files from upstream
+ * [9496828] Backport fix for segfault in managesieve triggered by
+ CHECKSCRIPT command. (Closes: #688197)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Sat, 10 Nov 2012 03:50:30 -0500
+
+dovecot (1:2.1.7-2) unstable; urgency=low
+
+ * [e23a136] Just a quick upload to make dovecot buildable on non-linux
+ platforms again. (Closes: #676817) I did it by removing the systemd
+ build-dep altogether. sd-daemon.[ch] is included in the source so if
+ systemd is installed on a system, it should be detected and socket
+ activation should happen. That is, assuming I've got everything right
+ (and documented) which is something I'll be looking into for the next
+ version.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Thu, 21 Jun 2012 23:54:47 -0400
+
+dovecot (1:2.1.7-1) unstable; urgency=low
+
+ * [7668742] Imported upstream 2.1.7 (Closes: #663243)
+ + doveadm.1 documents the move command. (Closes: #641750)
+ * [4db927a] Patch to enable systemd support. (Closes: #672266)
+ Thanks Riku Voipio.
+ * [e17ac86] Previous attempt at setting hardening flags did not include the
+ drac plugin. Simon Ruderich provided an extra patch.
+ (Closes: #653530)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Wed, 30 May 2012 16:27:21 -0400
+
+dovecot (1:2.1.4-1) experimental; urgency=low
+
+ * [6cc1e7d] Imported upstream 2.1.4
+
+ -- Micah Anderson <micah@debian.org> Tue, 10 Apr 2012 11:33:05 -0400
+
+dovecot (1:2.1.3-1) experimental; urgency=low
+
+ * [49ecc33] Imported upstream 2.1.3
+
+ -- Micah Anderson <micah@debian.org> Fri, 16 Mar 2012 22:04:46 -0400
+
+dovecot (1:2.1.2-1) experimental; urgency=low
+
+ * [70c3f6e] Imported upstream 2.1.2
+ * Add missing dependency on dpkg-dev 1.16.1
+
+ -- Micah Anderson <micah@debian.org> Thu, 15 Mar 2012 20:26:35 -0400
+
+dovecot (1:2.1.1-1) experimental; urgency=low
+
+ * [e113636] Imported upstream 2.1.1
+ * Updated pigeonhole patch to 0.3.0, supporting 2.1
+
+ -- Micah Anderson <micah@debian.org> Tue, 13 Mar 2012 23:08:06 -0400
+
+dovecot (1:2.0.18-1) unstable; urgency=low
+
+ * [85ae320] Imported Upstream version 2.0.18
+ * [9cfd1da] Upped standards version to 3.9.3
+ * [afb4164] Patch to dovecot-core/postinst so that permissions of symlinked
+ certificates aren't modified. (Closes: #646508)
+ Thanks Michael Kuhn.
+ * [bf642ee] Patch to enable hardened build flags. (Closes: #653530)
+ Thanks Moritz Muehlenhoff.
+ * [00b0d0c] Updated pigeonhole to 0.2.6
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Fri, 09 Mar 2012 00:55:13 -0500
+
+dovecot (1:2.0.15-1) unstable; urgency=low
+
+ * [a22575a] New upstream version 2.0.15: (Closes: #642045)
+ + doveadm altmove: Added -r parameter to move mails back to primary
+ storage.
+ - v2.0.14: Index reading could have eaten a lot of memory in some
+ situations
+ - doveadm index no longer affects future caching decisions
+ - mbox: Fixed crash during mail delivery when mailbox didn't yet have
+ GUID assigned to it.
+ - zlib+mbox: Fetching last message from compressed mailboxes crashed.
+ - lib-sql: Fixed load balancing and error
+ * [8ce5abc] Update pigeonhole to release 0.2.4
+ * [87658d2] Add dovecot-solr to dovecot-core's Suggests line.
+
+ -- Marco Nenciarini <mnencia@debian.org> Mon, 19 Sep 2011 19:26:48 +0200
+
+dovecot (1:2.0.14-3) unstable; urgency=low
+
+ * [f37a9ec] Enable solr full text search plugin. (LP: #620959)
+ * [cdd8b84] Build dovecot-common as architecture-all package.
+ * [af90444] Fix mail_plugin_dir default value in conf.d/10-mail.conf
+ (Closes: #624294)
+ * [61347cb] Bump debhelper build-depends to (>= 7.2.3~) because we use
+ dh_bugfiles.
+ * [4b757b6] Fix wrong configuration files path in sieve manpages.
+
+ -- Marco Nenciarini <mnencia@debian.org> Fri, 16 Sep 2011 02:26:21 +0200
+
+dovecot (1:2.0.14-2) unstable; urgency=low
+
+ [ Marco Nenciarini ]
+ * [a6896d6] Rename dovecot-common to dovecot-core. (Closes: #624835)
+ * [c36ca96] Manage protocols during package configuration and
+ deconfiguration phases.
+ * [599b55b] Update pigeonhole to release 0.2.3.
+ * [c654db0] Add a bug-script which will append doveconf -n output to bug
+ reports.
+ * [5270323] Add notes about upgrading from 1.2 to README.Debian.
+ (Closes: #635351)
+ * [5cd77a3] Add build-arch and build-indep target to debian/rules as
+ required by lintian.
+ * [be05d2a] Avoid ucf question when upgrading from squeeze and the only
+ difference in dovecot.conf is at the "protocols" line.
+ * [3c73782] Remove ucf backups during purge.
+ * [3ccf508] Make /etc/dovecot/*.ext readable by dovecot group members.
+ (Closes: #639005)
+ * [665bcc5] Use -c ${CONF} when calling doveconf to determine PIDBASE.
+ Thanks to Jonathan Hall (Closes: #627794)
+ * [325042c] Purge obsolete unmodified config files from /etc.
+ (Closes: #629397)
+ * [a9b9afb] Modified init script to report failures. (Closes: #629654)
+ * [d4622fd] Make dovecot-core suggesting all other packages containing
+ additional features.
+
+ -- Marco Nenciarini <mnencia@debian.org> Thu, 15 Sep 2011 19:43:55 +0200
+
+dovecot (1:2.0.14-1) unstable; urgency=low
+
+ * [50a947e] New upstream version 2.0.14: (Closes: #640143)
+ + doveadm: Added support for running mail commands by proxying to
+ another doveadm server.
+ + Added "doveadm proxy list" and "doveadm proxy kick" commands to
+ list/kick proxy connections (via a new "ipc" service).
+ + Added "doveadm director move" to assign user from one server to
+ another, killing any existing connections.
+ + Added "doveadm director ring status" command.
+ + userdb extra fields can now return name+=value to append to an
+ existing name, e.g. "mail_plugins+= quota".
+ - script-login attempted an unnecessary config lookup, which usually
+ failed with "Permission denied".
+ - lmtp: Fixed parsing quoted strings with spaces as local-part for
+ MAIL FROM and RCPT TO.
+ - imap: FETCH BODY[HEADER.FIELDS (..)] may have crashed or not
+ returned all data sometimes.
+ - ldap: Fixed random assert-crashing with with sasl_bind=yes.
+ - Fixes to handling mail chroots
+ - Fixed renaming mailboxes under different parent with FS layout when
+ using separate ALT, INDEX or CONTROL paths.
+ - zlib: Fixed reading concatenated .gz files.
+ * [0297425] Use xz compression for dbg packages.
+ * [4464ccf] Support parallel builds in debian/rules
+ * [19667f0] Acknowledge NMU 1:2.0.13-1.1.
+ Thanks to Luk Claes
+
+ -- Marco Nenciarini <mnencia@debian.org> Tue, 06 Sep 2011 23:18:46 +0200
+
+dovecot (1:2.0.13-1.1) unstable; urgency=low
+
+ * Non-maintainer upload.
+ * Don't ship .la files (Closes: #621297).
+
+ -- Luk Claes <luk@debian.org> Sat, 18 Jun 2011 12:31:28 +0200
+
+dovecot (1:2.0.13-1) unstable; urgency=high
+
+ [ Marco Nenciarini ]
+ * [8af9e4d] New upstream version 2.0.13:
+ + Added "doveadm index" command to add unindexed messages into
+ index/cache. If full text search is enabled, it also adds unindexed
+ messages to the fts database.
+ + added "doveadm director dump" command.
+ + pop3: Added support for showing messages in "POP3 order", which can
+ be different from IMAP message order. This can be useful for
+ migrations from other servers. Implemented it for Maildir as 'O'
+ field in dovecot-uidlist.
+ - doveconf: Fixed a wrong "subsection has ssl=yes" warning.
+ - mdbox purge: Fixed wrong warning about corrupted extrefs.
+ - sdbox: INBOX GUID changed when INBOX was autocreated, leading to
+ trouble with dsync.
+ - script-login binary wasn't actually dropping privileges to the
+ user/group/chroot specified by its service settings.
+ - Fixed potential crashes and other problems when parsing header names
+ that contained NUL characters. (CVE-2011-1929)
+ (Closes: #627443)
+
+ -- Marco Nenciarini <mnencia@debian.org> Sat, 21 May 2011 23:58:06 +0200
+
+dovecot (1:2.0.12-1) unstable; urgency=low
+
+ [ Jaldhar H. Vyas ]
+ * [66cbb94] New upstream major release. Imported Upstream version 2.0.12
+ * [a48c7fd] Updated standards version
+
+ [ Marco Nenciarini ]
+ * [5c6b334] Updated watch file
+ * [0ba683e] Updated init script to new configuration scheme. (Closes: #593527)
+ * [8370be4] Fix upgrading from rename-it.nl packages
+ * [ae804e3] Update changelog
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Mon, 25 Apr 2011 17:03:26 -0400
+
+dovecot (1:2.0.11-1) experimental; urgency=low
+
+ * [a4764a4] New upstream major release (Closes: #573889, #580929,
+ #597476, #603951, #606089, #606646, #606649, #608075, #612369, #610919)
+ * [461f667] Updated copyright and package descriptions. Thanks Stephan
+ Bosch.
+ * [7fbd92a] Drop all patches but drac support. Update pigeonhole to
+ release 0.2.1
+ * [05a5a1e] Update debian/rules to work with dovecot 2.0. Thanks
+ Stephan Bosch.
+ * [a36193e] Update debian/dovecot-common.{postinst,postrm} to handle
+ the new config file layout. Thanks Stephan Bosch.
+ * [3589afd] Remove debian/dovecot.1 manpage because is provided by
+ upstream.
+ * [f1703e1] Remove debian/dovecotpw.1 manpage as there is no dovecotpw
+ executable in dovecot 2.0. Same feature is provided through 'doveadm
+ pw' command.
+ * [e30283d] Remove expire-tool.sh wrapper as there is no expire-tool
+ in dovecot 2.0. Same feature is provided through 'doveadm expunge'
+ command.
+ * [3385061] Remove daily cron script and the related configuration
+ from the default file.
+ * [bec19a0] Update debian/dovecot-common.NEWS.Debian with upgrading
+ instructions
+ * [1e56f1c] Call dh_makeshlibs with --no-script option to avoid
+ {postinst,postrm}-has-useless-call-to-ldconfig lintian errors.
+ * [325f055] Disable numbers in patches (requires git-buildpackage >=0.5.13)
+ * [74d6ebe] Added debian/source/local-options with "unapply-patches".
+ * [0edef17] Set default protocols value as empty and enable each
+ protocol in its own configuration file in
+ /usr/share/dovecot/protocols.d (LP: #661453)
+ * [e88860c] Removed code about upgrading from pre-etch packages.
+ * [95c5d47] Removed obsolete Build-Conflict (Closes: #614053)
+ * [41dddf4] Move configurations for imapd and pop3d to the appropriate
+ packages. (Closes: #606648)
+ * [b8b66dc] Removed obsolete README.Debian and NEWS.Debian from
+ dovecot-pop3d and dovecot-imapd packages
+ * [0bda8ac] Added packages dovecot-lmtpd and dovecot-managesieved.
+ * [9a954f1] Build databases, ldap and gssapi support as plugins
+ * [1a3f323] Deregister obsolete configuration files from ucf in
+ dovecot-common postinst on upgrades.
+ * [fae4b76] Added packages dovecot-pgsql, dovecot-mysql, dovecot-sqlite,
+ dovecot-ldap, dovecot-gssapi and dovecot-sieve (Closes: #251433)
+ * [aa8983d] Imported Upstream version 2.0.11
+
+ -- Marco Nenciarini <mnencia@debian.org> Mon, 07 Mar 2011 18:23:59 +0100
+
+dovecot (1:1.2.15-3) unstable; urgency=low
+
+ * [096c373] Fix file overwrite error when upgrading from lenny
+ (Closes: #601980)
+ * [37b3220] Add --no-create-home to adduser invocation in dovecot-
+ common.postinst script (Closes: #601767)
+ * [b00b527] Fall back to `hostname` if `hostname -f` invocation fails
+ (Closes: #562780)
+ * [9102fec] Make self-generated certificates key length 2048 bits.
+
+ -- Marco Nenciarini <mnencia@debian.org> Tue, 02 Nov 2010 11:12:53 +0100
+
+dovecot (1:1.2.15-2) unstable; urgency=low
+
+ * [a0744a5] Switch vcs fields to git
+ * [d8a1bd4] Add debian/gbp.conf to make easy the usage of git-
+ buildpackage
+ * [c0dc21f] Warn that the generated SSL certificate will expire in 10
+ years instead of 365 days, as it's the lifetime of of self-generated
+ certificates since 1:1.2.13-1
+ * [6472d63] Switch to gbp-pq patch management.
+ * [bf2fc17] Upgraded sieve plugin to version 0.1.18
+ * [6b9809d] Upgraded managesieve plugin to version 0.11.12
+ * [d67cd17] Upgraded dovecot-managesieve.patch to version 0.11.12
+
+ -- Marco Nenciarini <mnencia@debian.org> Thu, 28 Oct 2010 22:50:19 +0200
+
+dovecot (1:1.2.15-1) unstable; urgency=high
+
+ [ Marco Nenciarini ]
+ * New upstream release (Closes: #587036,#597529)
+ * Updated policy version to 3.9.1.0 (no changes needed)
+
+ [ Jaldhar H. Vyas ]
+ * [SECURITY] Fixes two bugs with acls which could have allowed a user to
+ gain improper access or admin rights to shared mailboxes.
+ (Closes: #599521)
+ * Warn that the generated SSL certificate will expire in 365 days. Thanks
+ Phillip Weis. (Closes: #576455)
+ * Wherever the path to sendmail is given as /usr/lib/sendmail, change to
+ /usr/sbin/sendmail. (Closes: #570814,#595671)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Fri, 08 Oct 2010 17:34:19 -0400
+
+dovecot (1:1.2.13-1) unstable; urgency=low
+
+ [ Jaldhar H. Vyas ]
+ * dovecot-common: Upped expiration date of self-generated certificates to
+ 10 years from 1 year. (Closes: #587371)
+
+ [ Marco Nenciarini ]
+ * New upstream release:
+ - Fixed iconv() crash when it was processing several kilobytes of
+ broken continuous input. This mainly could have caused a problem
+ with IMAP SEARCH. Possibly also with some Sieve checks.
+ - If MIME encoded-words contained line feeds, Dovecot logged
+ cache corruption errors.
+ - mbox: Renaming mailbox under newly created dir didn't move index
+ directory.
+ - mbox: When generating envelope to From_-line, don't append a second
+ @owndomain if username already has one.
+ * Updated policy version to 3.9.0.0 (no changes needed)
+
+ -- Marco Nenciarini <mnencia@debian.org> Mon, 26 Jul 2010 17:03:38 +0200
+
+dovecot (1:1.2.12-1) unstable; urgency=low
+
+ * New upstream release
+ * Upgraded sieve plugin to version 0.1.17
+ * Refreshed dovecot-managesieve.patch
+ * debian/patches/sieve-fix-imapflags.patch: Removed. Fixed upstream.
+
+ -- Marco Nenciarini <mnencia@debian.org> Sat, 26 Jun 2010 18:14:15 +0200
+
+dovecot (1:1.2.11-1) unstable; urgency=high
+
+ * New upstream release
+ * urgency set to high, because under particular circumstances you could
+ cause a DoS by sending a message with a huge header.
+ * sieve: Fix addflags command in deprecated imapflags extension
+ (Closes: #570058)
+ * Include a daily expire script with a setting in /etc/default/dovecot
+ to enable it. The new script is disabled by default as it requires
+ some configurations by the system administrator. Thanks to Hans Spaans
+ * Mark expire-tool.sh as a bash script
+ * Bump Standards-Version to 3.8.4, no changes needed
+
+ -- Marco Nenciarini <mnencia@debian.org> Mon, 08 Mar 2010 22:25:46 +0100
+
+dovecot (1:1.2.10-1) unstable; urgency=low
+
+ * New upstream release (Closes: #566796)
+ * Upgraded sieve plugin to version 0.1.15
+ * Upgraded managesieve plugin to version 0.11.11
+ * Upgraded dovecot-managesieve.patch to version 0.11.11
+
+ -- Marco Nenciarini <mnencia@debian.org> Mon, 25 Jan 2010 17:21:09 +0100
+
+dovecot (1:1.2.9-2) unstable; urgency=low
+
+ * Upgraded sieve plugin to version 0.1.14
+ * Upgraded managesieve plugin to version 0.11.10
+ * Upgraded dovecot-managesieve.patch to version 0.11.10
+ * debian/patches/dovecot-example.patch: Refreshed.
+ * Added expire-tool wrapper script (Closes: #565538)
+ * Added ${misc:Depends} to the dependencies of each binary package,
+ to make lintian happy (debhelper-but-no-misc-depends)
+
+ -- Marco Nenciarini <mnencia@debian.org> Sun, 17 Jan 2010 09:39:42 +0100
+
+dovecot (1:1.2.9-1) unstable; urgency=low
+
+ * New upstream release.
+ * debian/patches/gold-fix.patch: Removed. Fixed upstream.
+
+ -- Marco Nenciarini <mnencia@debian.org> Thu, 17 Dec 2009 10:52:53 +0100
+
+dovecot (1:1.2.8-2) unstable; urgency=low
+
+ * Moved libexec to lib corrections in dovecot-managesieve.patch and
+ dovecot-managesieve-dist.patch to dovecot-example.patch
+ * debian/patches/dovecot-mboxlocking.patch: Regenerated to avoid FTBFS
+ when quilt isn't installed.
+ * debian/patches/quota-mountpoint.patch: Removed. Not needed anymore.
+ * debian/patches/dovecot-quota.patch: Removed. Quotas aren't properly
+ enabled unless mail_plugins = quota imap_quota.
+ * debian/patches/gold-fix.patch: Fixed configure script to build even
+ with binutils-gold or --no-add-needed linker flag (Closes: #554306)
+ * debian/dovecot-common.init: fixed LSB headers. Thanks to Pascal Volk.
+ (Closes: #558040)
+ * debian/changelog: added CVE references to previous changelog entry.
+ * debian/rules: checked up the build system. It's not fragile anymore.
+ (Closes: 493803)
+ * debian/dovecot-common.postinst: Now invoking dpkg-reconfigure
+ on dovecot-common is enough to generate new certificates
+ if the previous ones were removed. (Closes: #545582)
+ * debian/rules: No longer install convert-tool in /usr/bin.
+ It isn't an user utility and it should stay in /usr/lib/dovecot
+ like all other similar tool.
+
+ -- Marco Nenciarini <mnencia@debian.org> Tue, 08 Dec 2009 12:24:04 +0100
+
+dovecot (1:1.2.8-1) unstable; urgency=high
+
+ [ Marco Nenciarini ]
+ * New upstream release. (Closes: #557601)
+ * [SECURITY] Fixes local information disclosure and denial of service.
+ (see: http://www.dovecot.org/list/dovecot-news/2009-November/000143.html
+ and CVE-2009-3897)
+ * Added myself to uploaders.
+ * Switched to the new source format "3.0 (quilt)":
+ - removed dpatch from build-depends
+ - removed debian/README.source because now we use only standard
+ dpkg features
+ - regenerated all patches
+ * Prepared to switch to multi-origin source:
+ - recreated dovecot-libsieve.patch and dovecot-managesieve-dist.patch
+ starting from the upstream tarball
+ - removed all autotools related build-depends and build-conflict
+ - renamed dovecot-libsieve and dovecot-managesieve directories
+ to libsieve and managesieve.
+ * debian/rules: Moved the configuration of libsieve and managesieve from
+ the build phase to the configuration phase
+
+ [ Jaldhar H. Vyas ]
+ * Added dovecot-dbg package with debugging symbols. Thanks Stephan Bosch.
+ (Closes: #554710)
+ * Fixed some stray libexec'isms in the default configuration.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Mon, 23 Nov 2009 17:04:14 -0500
+
+dovecot (1:1.2.7-1) unstable; urgency=low
+
+ * New upstream release.
+ * debian/dovecot-common.init:
+ - use $CONF when starting the daemon. (Closes: #549944)
+ - always output start/stop messages. (Closes: #523810)
+
+ -- Fabio Tranchitella <kobold@debian.org> Sat, 14 Nov 2009 11:28:33 +0100
+
+dovecot (1:1.2.6-1) unstable; urgency=low
+
+ * New upstream release.
+ * debian/patches/v1.2.5-exec-mail_fix.dpatch: removed, merged upstream.
+
+ -- Fabio Tranchitella <kobold@debian.org> Mon, 12 Oct 2009 06:56:55 +0000
+
+dovecot (1:1.2.5-2) unstable; urgency=low
+
+ * debian/dpatches/v1.2.5-exec-mail_fix.dpatch: added.
+ (Closes: #546694, #546695)
+ * debian/dovecot-common.dirs: removed /etc, /etc/ssl/{private,certs}, they
+ are handled by openssl; this should fix the piuparts test.
+
+ -- Fabio Tranchitella <kobold@debian.org> Sun, 27 Sep 2009 20:53:52 +0200
+
+dovecot (1:1.2.5-1) unstable; urgency=low
+
+ * New upstream release.
+
+ -- Fabio Tranchitella <kobold@debian.org> Mon, 14 Sep 2009 14:34:06 +0200
+
+dovecot (1:1.2.4-2) unstable; urgency=low
+
+ * debian/patches/dovecot-libsieve.dpatch: updated to 0.1.12.
+ (Closes: #539527)
+
+ -- Fabio Tranchitella <kobold@debian.org> Wed, 02 Sep 2009 07:28:23 +0200
+
+dovecot (1:1.2.4-1) unstable; urgency=low
+
+ * New upstream release. (Closes: #537186, #540058)
+ * Bumped Standards-Version to 3.8.3, no changes needed.
+ * debian/control: only suggests ntp. (Closes: #542152)
+ * debian/patches/dovecot-managesieve-dist.dpatch: updated to the 0.11.9
+ release. (Closes: #539527)
+ * debian/rules: dovecot should be started with sequence number 20.
+ (Closes: #543473)
+
+ -- Fabio Tranchitella <kobold@debian.org> Sat, 29 Aug 2009 17:27:59 +0200
+
+dovecot (1:1.2.2-2) unstable; urgency=high
+
+ * Er that should be fcntl not fnctl. (Closes: #539474, #539486)
+ * For the sake of completeness, fixed some errors in the example config file.
+ (They are in the !include statements which are commented out by default
+ so it is unlikely that most users will actually be affected.)
+ (Closes: #539391)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Sat, 01 Aug 2009 11:38:03 -0400
+
+dovecot (1:1.2.2-1) unstable; urgency=low
+
+ [Joel Johnson]
+ * New upstream version, updated ManageSieve patch
+ - fixes index corruption condition (Closes: #537388)
+ * Set default for mbox_write_locks to "fnctl dotlock" according to
+ Debian Policy (Closes: #537326)
+ * Set MySQL build dependency to use version-agnostic -dev package
+ * Drop postgres-configure patch, functionality included upstream
+ * Updated dovecot-libsieve to version 0.1.9
+ - fixes subaddress matching (Closes: #537386)
+ - check additional address-list headers (Closes: #537379)
+
+ [Jaldhar H. Vyas]
+ * Remove unneeded build-dependencies on byacc and flex now that we no longer
+ use cmusieve.
+
+ -- Joel Johnson <mrjoel@lixil.net> Tue, 28 Jul 2009 20:35:57 -0600
+
+dovecot (1:1.2.1-2) unstable; urgency=low
+
+ * Update to use default automake (Closes: #536880) now that current upstream
+ successfully builds with 1.10 (was previously a problem in bug 473754.
+ * Updated Standards-Verson to 3.8.2 (no action required)
+ * Remove ./var/run directories to fix lintian warnings.
+ * Updated dovecot-libsieve patch to version 0.1.8, removed autogen.sh,
+ tests, and doc/rfc
+ * Updated dovecot-managesieve patch to version 0.11.7
+ * Updated dovecot-managesieve-dist patch to Mercurial revision 12b9733ee8b0
+ (0.11.7+), removed lib-cmusieve, doc/rfs, autogen.sh
+ * Add additional upgrading note to README.Debian to clarify the ManageSieve
+ configuration changes needed - existing configurations break if not
+ updated! (Closes: #537158)
+ * Include the ChangeLog and README for sieve and ManageSieve
+
+ -- Joel Johnson <mrjoel@lixil.net> Wed, 15 Jul 2009 20:29:33 -0600
+
+dovecot (1:1.2.1-1) unstable; urgency=low
+
+ [ Joel Johnson ]
+ * New upstream release
+ * Update packaging for 1.2 release
+ - update SIEVE patch to use Dovecot rewrite (version 0.1.7,
+ removed RFCs and tests for a DFSG patch)
+ - update ManageSieve patch and software to hg revision 2c9b4b4ab6a8
+ (0.11.6+) for 1.2.1 support
+ + removed lib-cmusieve since building against newer sieve
+ + removed doc/rfc for DFSG compliance
+ + removed autogen.sh since we run autotools during the build
+ - updated other misc patches
+
+ -- Joel Johnson <mrjoel@lixil.net> Sun, 12 Jul 2009 11:15:01 -0600
+
+dovecot (1:1.1.16-1) unstable; urgency=low
+
+ * New upstream release. (Closes: #531599)
+
+ -- Fabio Tranchitella <kobold@debian.org> Thu, 04 Jun 2009 12:38:59 +0200
+
+dovecot (1:1.1.15-1) unstable; urgency=low
+
+ * New upstream release; sorry, no time to include extra upstream patches
+ which are not released, feel free to submit them as dpatch files and I will
+ add them to the package. (Closes: #529923)
+ * debian/control: updated Standards-Version, no changes needed.
+ * debian/dovecot-common.init: patched to support ENABLED=0 in
+ /etc/default/dovecot, useful if dovecot is used as local-only IMAP server
+ through PREAUTH interface. (Closes: #524302)
+ * debian/dovecot-common.README.Debian: simplyfied, we only point the user to
+ wiki.dovecot.org; added a note about how to regenerate the SSL certificate.
+ (Closes: #528934)
+ * debian/dovecot-common.postrm: do not break if /etc/ssl/certs does not
+ exist. (Closes: #524865)
+ * debian/patches/dovecot-managesieve-dist: updated to 0.10.6.
+
+ -- Fabio Tranchitella <kobold@debian.org> Sun, 31 May 2009 20:13:26 +0200
+
+dovecot (1:1.1.13-2) unstable; urgency=high
+
+ * New upload, urgency set to high: the package in testing is broken.
+ * debian/dovecot-common.init: fixed a typo.
+ * debian/patches/dovecot-example.dpatch: fixed a few paths.
+ (Closes: #521544)
+
+ -- Fabio Tranchitella <kobold@debian.org> Sun, 29 Mar 2009 21:16:02 +0200
+
+dovecot (1:1.1.13-1) unstable; urgency=low
+
+ * New upstream release.
+ * This version fixes problems accessing mailboxes in some setups.
+ (Closes: #520310)
+
+ -- Fabio Tranchitella <kobold@debian.org> Thu, 19 Mar 2009 17:31:56 +0100
+
+dovecot (1:1.1.12-1) unstable; urgency=low
+
+ * New upstream release, it fixes some wrong defaults in the configuration
+ file. (Closes: #518631)
+ * debian/rules: add support for libdb. (Closes: #518630)
+ * debian/dovecot-common.postinst: create the dovecot certificate only at
+ install time. (Closes: #518738, #518598)
+
+ -- Fabio Tranchitella <kobold@debian.org> Mon, 16 Mar 2009 14:26:32 +0100
+
+dovecot (1:1.1.11-4) unstable; urgency=low
+
+ * debian/dovecot-common.init: fixed a typo from the last upload.
+ (Closes: #518504)
+
+ -- Fabio Tranchitella <kobold@debian.org> Fri, 06 Mar 2009 18:39:09 +0100
+
+dovecot (1:1.1.11-3) unstable; urgency=low
+
+ * debian/dovecot-common.init: applied patch from Håkon Stordahl to call
+ ntp-wait if available. (Closes: #517808)
+
+ -- Fabio Tranchitella <kobold@debian.org> Wed, 04 Mar 2009 17:38:59 +0100
+
+dovecot (1:1.1.11-2) unstable; urgency=low
+
+ * debian/dovecot-common.init: fixed a bug in the init script, adding a
+ missing slash in the PIDFILE path. (Closes: #516845)
+ * debian/dovecot-common.init: fixed a bug in the init script, sending the HUP
+ signal for reloading the configuration. (Closes: #512197)
+ * debian/dovecot-common.init: check if /etc/inetd.conf exists.
+ (Closes: #509259, #497148)
+ * debian/control: dovecot-common suggests ntp and ntpdate. (Closes: #511060)
+ * debian/dovecot-common.postinst: migration hook for default_mail_env =>
+ mail_location. (Closes: #517073)
+ * debian/dovecot.1: fixed the path of the configuration file.
+ (Closes: #501493)
+
+ -- Fabio Tranchitella <kobold@debian.org> Fri, 27 Feb 2009 17:24:09 +0100
+
+dovecot (1:1.1.11-1) unstable; urgency=low
+
+ * New upstream release, upload to unstable. (Closes: #507122)
+ * debian/patches/dovecot-quota.dpatch: fixed a bug in the imap quota plugin.
+ (Closes: #484677)
+ * debian/dovecot-common.init: added the status action, thanks Fladischer
+ Michael for the patch. (Closes: #509694)
+ * debian/dovecotpw.1: added manpage for dovecotpw, thanks Xavier Luthi for
+ the patch. (Closes: #504712)
+
+ -- Fabio Tranchitella <kobold@debian.org> Fri, 20 Feb 2009 20:39:38 +0100
+
+dovecot (1:1.1.9-1) experimental; urgency=low
+
+ [ Fabio Tranchitella ]
+ * debian/control: dovecot-common suggests ntp.
+
+ [ Joel Johnson ]
+ * New upstream release
+ * updated managesieve patch to apply against new version
+
+ -- Joel Johnson <mrjoel@lixil.net> Sat, 24 Jan 2009 04:12:42 +0000
+
+dovecot (1:1.1.8-1) experimental; urgency=low
+
+ * New upstream release.
+ * debian/control: added LDA to the description of dovecot-common.
+
+ -- Fabio Tranchitella <kobold@debian.org> Wed, 07 Jan 2009 23:14:29 +0100
+
+dovecot (1:1.1.7-1) experimental; urgency=low
+
+ * New upstream release
+ * Updated dovecot-ssh.patch for new release
+ * Updated MANAGESIEVE to 0.10.4
+ * Fix package to support double compilation
+ - Properly clean dovecot-managesieve as pointed out by Stephan Bosch
+ - Add --copy directive to automake invocation
+
+ -- Joel Johnson <mrjoel@lixil.net> Thu, 04 Dec 2008 20:52:11 -0700
+
+dovecot (1:1.1.2-3) experimental; urgency=low
+
+ * debian/control: added libbz2-dev to the Build-Depends to enable the bzip2
+ support. (Closes: #495129)
+
+ -- Fabio Tranchitella <kobold@debian.org> Thu, 14 Aug 2008 20:45:41 +0200
+
+dovecot (1:1.1.2-2) experimental; urgency=low
+
+ * Merged changes in the unstable package.
+ * debian/control: added replaces for the imap and pop modules from the
+ -common to the the -imap and -pop packages. (Closes: #493798)
+ * debian/rules: applied some of the suggestions from Matthias Kloses,
+ thanks! (Refs: #493803)
+
+ -- Fabio Tranchitella <kobold@debian.org> Tue, 05 Aug 2008 21:20:33 +0200
+
+dovecot (1:1.1.2-1) experimental; urgency=low
+
+ * New upstream release
+ * Trivial update to autocreate patch
+
+ -- Joel Johnson <mrjoel@lixil.net> Sat, 26 Jul 2008 08:18:39 -0600
+
+dovecot (1:1.1.1-1) experimental; urgency=low
+
+ [ Joel Johnson ]
+ * New upstream release (Closes: #487989)
+ * Updated policy version to 3.8.0.1 (no changes needed)
+ * Updated watch file to watch new release directory
+ * Actually install dovecot.8 since we have it
+ * Removed quota_v2 patch (was unreachable code): upstream now defaults
+ to quota v1 if _LINUX_QUOTA_VERSION is not defined
+ * Removed pam-error-information patch: included upstream
+ * Removed mbox_snarf patch: included upstream
+ * Removed full MANAGESIEVE patch (replaced with new 1.1 approach)
+ * Merged protocols_none_by_default patch into dovecot-example patch
+ * Updated drac patch to build against 1.1
+ * Updated autocreate patch with 1.1 version
+ * Updated dovecot-sieve to 1.1.5
+ * Added dovecot-managesieve patch against dovecot tree
+ * Added dovecot-managesieve source for building module
+
+ [ Fabio Tranchitella ]
+ * Added Joel Johnson to the uploaders; thanks for your work!
+
+ -- Fabio Tranchitella <kobold@debian.org> Sun, 20 Jul 2008 19:09:23 +0200
+
+dovecot (1:1.0.15-2) unstable; urgency=low
+
+ * debian/dovecot.1: added "This includes doing a syntax check" to the -a
+ option.
+ * debian/rules: now the package builds two times in a row without problems.
+ (Closes: #490201)
+
+ -- Fabio Tranchitella <kobold@debian.org> Sun, 27 Jul 2008 19:56:18 +0200
+
+dovecot (1:1.0.15-1) unstable; urgency=low
+
+ * New upstream release.
+ * debian/rules: clean the package before unpatching. (Closes: #490201)
+
+ -- Fabio Tranchitella <kobold@debian.org> Sun, 22 Jun 2008 09:06:01 +0200
+
+dovecot (1:1.0.14-1) unstable; urgency=low
+
+ * New upstream release.
+ * debian/patches/inbox_creation.dpatch: removed, merged upstream.
+ * debian/patches/allow_nets.dpatch: removed, merged upstream.
+
+ -- Fabio Tranchitella <kobold@debian.org> Tue, 03 Jun 2008 10:07:13 +0200
+
+dovecot (1:1.0.13-6) unstable; urgency=low
+
+ * debian/patches/inbox_creation.dpatch: added, use mail_privileged_group's
+ group when creating inboxes if the unprivileged user fails; upstream:
+ http://hg.dovecot.org/dovecot-1.0/rev/932768a879c6 (Closes: #471716)
+
+ -- Fabio Tranchitella <kobold@debian.org> Wed, 28 May 2008 12:58:17 +0200
+
+dovecot (1:1.0.13-5) unstable; urgency=low
+
+ * debian/patches/allow_nets.dpatch: added, allow_nets didn't work correctly
+ with big endian machines; patch from upstream, thanks Timo:
+ http://hg.dovecot.org/dovecot-1.0/rev/71c02fdf1b59
+
+ -- Fabio Tranchitella <kobold@debian.org> Thu, 15 May 2008 14:48:14 +0200
+
+dovecot (1:1.0.13-4) unstable; urgency=low
+
+ * debian/patches/dovecot-MANAGESIEVE-9.3.dpatch: updated managesieve to
+ version 9.3.
+ * debian/dovecot-common.README.Debian: added a note about how to configure
+ dovecot to log to file instead of using syslog.
+ * debian/dovecot.1: added a SIGNALS section. (Closes: #479059)
+ * dovecot-sieve: updated to the last hg release (5c3ba11994cb).
+ (Closes: #479104)
+
+ -- Fabio Tranchitella <kobold@debian.org> Mon, 05 May 2008 17:28:21 +0200
+
+dovecot (1:1.0.13-3) unstable; urgency=low
+
+ * debian/rules: do not install anymore the ldap and sql example
+ configuration files under /etc. (Closes: #472674)
+ * debian/dovecot-common.postinst: really chmod
+ /etc/dovecot/dovecot-{ldap,sql}.conf files to 0600.
+ * debian/devecot-common.init: do not start the service if dovecot.conf
+ doesn't exist. (Closes: #475888)
+
+ -- Fabio Tranchitella <kobold@debian.org> Sun, 27 Apr 2008 22:42:37 +0200
+
+dovecot (1:1.0.13-2) unstable; urgency=low
+
+ * debian/rules: use aclocal-1.9 instead of aclocal. (Closes: #473754)
+
+ -- Fabio Tranchitella <kobold@debian.org> Tue, 01 Apr 2008 15:30:32 +0200
+
+dovecot (1:1.0.13-1) unstable; urgency=high
+
+ * New upstream release, fixes a security issue:
+ http://www.dovecot.org/list/dovecot-news/2008-March/000064.html
+
+ -- Fabio Tranchitella <kobold@debian.org> Sun, 09 Mar 2008 19:22:20 +0100
+
+dovecot (1:1.0.12-1) unstable; urgency=high
+
+ * New upstream release. (Closes: #469457)
+ * debian/patches/dovecot-MANAGESIEVE-9.2.dpatch: updated, thanks to Marco
+ Nenciarini for the patch.
+
+ -- Fabio Tranchitella <kobold@debian.org> Thu, 06 Mar 2008 15:53:07 +0100
+
+dovecot (1:1.0.10-4) unstable; urgency=low
+
+ * debian/patches/autocreate.dpatch: added, thanks to Walter Reiner.
+ * debian/rules: use --with-ioloop=best instead of --with-ioloop=epoll, as
+ suggested by Timo. (Closes: #466296)
+
+ -- Fabio Tranchitella <kobold@debian.org> Mon, 18 Feb 2008 09:29:39 +0100
+
+dovecot (1:1.0.10-3) unstable; urgency=low
+
+ * debian/patches/dovecot-MANAGESIEVE-9.1.dpatch: added, thanks to Aleksey
+ Midenkov for providing a patch. (Closes: #416166)
+ * debian/dovecot-common.init: added $time to Should-Start. (Closes: #461543)
+ * debian/dovecot-common.postinst: do not add the dovecot user to the mail
+ group, it is not required by upstream. (Closes: #457123)
+ * debian/control: updated Standards-Version to 3.7.3, no changes required.
+
+ -- Fabio Tranchitella <kobold@debian.org> Sun, 10 Feb 2008 18:37:55 +0100
+
+dovecot (1:1.0.10-2) unstable; urgency=low
+
+ * debian/patches/mbox_snarf.dpatch: added, thanks to Bernd Kuhls.
+ (Closes: #462319)
+
+ -- Fabio Tranchitella <kobold@debian.org> Thu, 24 Jan 2008 10:12:02 +0100
+
+dovecot (1:1.0.10-1) unstable; urgency=high
+
+ * New upstream release, fixes a security bug.
+ * debian/patches/exec_check_for_none.dpatch: updated.
+
+ -- Fabio Tranchitella <kobold@debian.org> Sun, 30 Dec 2007 10:29:26 +0100
+
+dovecot (1:1.0.9-1) unstable; urgency=low
+
+ * New upstream release.
+ * debian/control: added the Vcs-Svn and Vcs-Browser fields.
+
+ -- Fabio Tranchitella <kobold@debian.org> Wed, 12 Dec 2007 08:10:11 +0100
+
+dovecot (1:1.0.8-2) unstable; urgency=low
+
+ * Provides a dovecot-dev package, thanks to Josh Triplett for providing a
+ patch. (Closes: #444812)
+
+ -- Fabio Tranchitella <kobold@debian.org> Tue, 04 Dec 2007 09:22:59 +0100
+
+dovecot (1:1.0.8-1) unstable; urgency=low
+
+ * New upstream release.
+ * debian/patches/unsupported-sasl-mech.dpatch: merged with upstream.
+
+ -- Fabio Tranchitella <kobold@debian.org> Thu, 29 Nov 2007 13:36:39 +0100
+
+dovecot (1:1.0.7-3) unstable; urgency=low
+
+ * debian/patches/dovecot-ssl.dpatch: provide mechanism to discover if ssl
+ client certificate is verified, patch from Stephen Gran. (Closes: #446555)
+ * debian/patches/pam-error-information.dpatch: fill auth information in pam
+ error, patch backported from upstream RCS. (Closes: #439246)
+ * debian/patches/unsupported-sasl-mech.dpatch: should use NO (not BAD) for
+ unsupported SASL mech, patch backported from upstream RCS. (Closes: #449324)
+
+ -- Fabio Tranchitella <kobold@debian.org> Wed, 14 Nov 2007 21:33:55 +0100
+
+dovecot (1:1.0.7-2) unstable; urgency=low
+
+ * debian/dovecot-common.postinst:
+ + don't fail if dovecot-ldap.conf or dovecot-sql.conf are removed; thanks
+ to Mathias Gug. (Closes: #448401)
+ + fix permissions of /var/run/dovecot and /var/run/dovecot/login.
+ (Closes: #446051)
+
+ -- Fabio Tranchitella <kobold@debian.org> Sun, 04 Nov 2007 10:06:06 +0100
+
+dovecot (1:1.0.7-1) unstable; urgency=low
+
+ * New upstream release.
+ * debian/rules: remove drac.so in the clean target. (Closes: #442548)
+ * debian/dovecot-common.init: implemented the reload action.
+ (Closes: #441032)
+ * Update protocoles option in configuration when installing/removing
+ -imapd/-pop3d packages. Thanks to Soren Hansen and Mathias Gug from
+ Ubuntu for providing a patch. (Closes: #447201)
+
+ -- Fabio Tranchitella <kobold@debian.org> Fri, 02 Nov 2007 23:06:17 +0100
+
+dovecot (1:1.0.5-1) unstable; urgency=low
+
+ * New upstream release.
+
+ -- Fabio Tranchitella <kobold@debian.org> Mon, 10 Sep 2007 09:25:59 +0200
+
+dovecot (1:1.0.3-3) unstable; urgency=low
+
+ * debian/dovecot-common.init: don't use the init script name to locate the
+ configuration file because it is not reliable. If you really want to start
+ multiple servers, just copy the init script and use the optional default
+ file to override the variables. (Closes: #437228)
+
+ -- Fabio Tranchitella <kobold@debian.org> Thu, 16 Aug 2007 09:17:01 +0200
+
+dovecot (1:1.0.3-2) unstable; urgency=low
+
+ * debian/rules: removed the --with-notify=inotify switch, it should be
+ detected automatically.
+
+ -- Fabio Tranchitella <kobold@debian.org> Thu, 09 Aug 2007 09:39:50 +0200
+
+dovecot (1:1.0.3-1) unstable; urgency=low
+
+ * New upstream release. (Closes: #434038, #432601)
+ * This release doesn't build dbox support out-of-the-box. (Closes: #431615)
+ * dovecot-sieve: updated to the last hg's tip. (Closes: #434079)
+ * debian/dovecot-*.README.Debian: don't call /etc/init.d scripts directly.
+ (Closes: #431991)
+ * debian/dovecot-common.init: updated with patches from Tom Metro, thanks!
+ (Closes: #426480, #422674)
+ * debian/dovecot-common.postinst: fixed a missing variable DOMAINNAME.
+ (Closes: #425917)
+ * debian/rules: moved the init script to the level 24, after the ntpdate
+ one. (Closes: #432723)
+ * debian/patches/00list: added dovecot-drac, again. (Closes: #353039)
+ * debian/rules: build with inotify and epoll support. (Closes: #419281)
+ * debian/dovecot.1: added a simple manpage for dovecot. (Closes: #426702)
+ * debian/copyright: added copyright exceptions as suggested by Timo.
+
+ -- Fabio Tranchitella <kobold@debian.org> Sat, 04 Aug 2007 20:11:36 +0200
+
+dovecot (1:1.0.0-1) unstable; urgency=low
+
+ * New upstream release, the final 1.0.0. Bumped epoch, because we used the
+ wrong version scheming in the past and I think it is worth to do so now
+ that 1.0.0 has been released.
+ * debian/watch: updated.
+ * Rebuilt with a new glibc in unstable, now we have inotify support.
+ (Closes: #395306)
+
+ -- Fabio Tranchitella <kobold@debian.org> Mon, 16 Apr 2007 08:42:32 +0200
+
+dovecot (1.0.rc31-1) unstable; urgency=low
+
+ * New upstream release.
+
+ -- Fabio Tranchitella <kobold@debian.org> Mon, 09 Apr 2007 11:55:45 +0200
+
+dovecot (1.0.rc30-2) unstable; urgency=low
+
+ * debian/dovecot-common.init: check if /etc/inetd.conf exists before
+ calling sed on it. (Closes: #417299)
+
+ -- Fabio Tranchitella <kobold@debian.org> Sun, 08 Apr 2007 16:58:30 +0200
+
+dovecot (1.0.rc30-1) unstable; urgency=low
+
+ * New upstream release.
+ *
+
+ -- Fabio Tranchitella <kobold@debian.org> Sat, 07 Apr 2007 11:17:45 +0200
+
+dovecot (1.0.rc29-1) unstable; urgency=low
+
+ * New upstream release.
+ * debian/rules: ship convert-tool in dovecot-common. (Closes: #416909)
+
+ -- Fabio Tranchitella <kobold@debian.org> Sat, 31 Mar 2007 14:15:39 +0200
+
+dovecot (1.0.rc28-1) unstable; urgency=low
+
+ * New upstream release.
+
+ -- Fabio Tranchitella <kobold@debian.org> Sun, 25 Mar 2007 14:02:28 +0200
+
+dovecot (1.0.rc27-1) unstable; urgency=low
+
+ * New upstream release.
+
+ -- Fabio Tranchitella <kobold@debian.org> Wed, 14 Mar 2007 14:39:04 +0100
+
+dovecot (1.0.rc26-4) unstable; urgency=low
+
+ * debian/dovecot-common.postinst: fixed a typo. (Closes: #414672)
+
+ -- Fabio Tranchitella <kobold@debian.org> Tue, 13 Mar 2007 08:45:47 +0100
+
+dovecot (1.0.rc26-3) unstable; urgency=low
+
+ * debian/control: depends on ucf (>= 2.0020). (Closes: #414032)
+ * debian/dovecot-common.postinst: handles better chmod/chown on package
+ upgrade. (Closes: #414257)
+
+ -- Fabio Tranchitella <kobold@debian.org> Mon, 12 Mar 2007 10:03:34 +0100
+
+dovecot (1.0.rc26-2) unstable; urgency=low
+
+ * debian/control:
+ + dovecot-{imapd,pop3d}: depends on the same-source dovecot-common.
+ (Closes: #414032)
+ * debian/rules: fixed permission for dovecot.conf. (Closes: #413995)
+
+ -- Fabio Tranchitella <kobold@debian.org> Fri, 9 Mar 2007 12:57:50 +0100
+
+dovecot (1.0.rc26-1) unstable; urgency=low
+
+ * New upstream release.
+ * Add support for ucf, thanks to Vincent Danjean for providing a full patch.
+ (Closes: #413081)
+ * debian/dovecot-common.init: create /var/run directories at start-up time.
+ (Closes: #376143)
+
+ -- Fabio Tranchitella <kobold@debian.org> Wed, 7 Mar 2007 11:26:56 +0100
+
+dovecot (1.0.rc25-1) unstable; urgency=low
+
+ * New upstream release.
+
+ -- Fabio Tranchitella <kobold@debian.org> Fri, 2 Mar 2007 13:44:44 +0100
+
+dovecot (1.0.rc24-1) unstable; urgency=low
+
+ * New upstream release.
+
+ -- Fabio Tranchitella <kobold@debian.org> Fri, 23 Feb 2007 15:47:30 +0100
+
+dovecot (1.0.rc23-1) unstable; urgency=low
+
+ * New upstream release.
+ * debian/patches/documentation.dpatch, debian/patches/xfs_quotas.dpatch:
+ removed, applied upstream.
+
+ -- Fabio Tranchitella <kobold@debian.org> Wed, 21 Feb 2007 09:34:44 +0100
+
+dovecot (1.0.rc22-2) UNRELEASED; urgency=low
+
+ * debian/watch: added.
+
+ -- Fabio Tranchitella <kobold@debian.org> Fri, 9 Feb 2007 12:15:34 +0100
+
+dovecot (1.0.rc22-1) unstable; urgency=low
+
+ * New upstream release.
+
+ -- Fabio Tranchitella <kobold@debian.org> Wed, 7 Feb 2007 09:38:34 +0100
+
+dovecot (1.0.rc21-1) unstable; urgency=low
+
+ * New upstream release.
+
+ -- Fabio Tranchitella <kobold@debian.org> Mon, 5 Feb 2007 16:23:33 +0100
+
+dovecot (1.0.rc19-1) unstable; urgency=low
+
+ * New upstream release.
+
+ -- Fabio Tranchitella <kobold@debian.org> Wed, 24 Jan 2007 00:03:38 +0100
+
+dovecot (1.0.rc18-2) unstable; urgency=low
+
+ * dovecot-sieve: updated to cvs version 1.0.1.
+ * debian/README.Debian: updated for the new setting mail_location, which
+ substitutes the old default_mail_env. (Closes: #408025)
+
+ -- Fabio Tranchitella <kobold@debian.org> Tue, 23 Jan 2007 10:15:36 +0100
+
+dovecot (1.0.rc18-1) unstable; urgency=low
+
+ * New upstream release.
+
+ -- Fabio Tranchitella <kobold@debian.org> Mon, 22 Jan 2007 18:15:02 +0100
+
+dovecot (1.0.rc17-1) unstable; urgency=low
+
+ * New upstream release.
+ * Updated dovecot-sieve from CVS.
+
+ -- Fabio Tranchitella <kobold@debian.org> Fri, 12 Jan 2007 09:42:47 +0100
+
+dovecot (1.0.rc15-2) unstable; urgency=medium
+
+ * debian/dovecot-common.README.Debian: updated details about raw logging;
+ thanks Chris Moore for providing a patch. (Closes: #400689)
+ * debian/patches/dovecot-example.dpatch: added a missing slash for an
+ absolute path. (Closes: #400830)
+ * debian/patches/dovecotpw.dpatch: applied patched to fix argument parsing
+ on some architectures. (Closes: #402075)
+
+ -- Fabio Tranchitella <kobold@debian.org> Mon, 18 Dec 2006 18:34:31 +0100
+
+dovecot (1.0.rc15-1) unstable; urgency=medium
+
+ * New upstream release.
+ * Fixes a security bug: Off-by-one buffer overflow with mmap_disable=yes.
+ (See: http://www.dovecot.org/list/dovecot-news/2006-November/000023.html)
+
+ -- Fabio Tranchitella <kobold@debian.org> Mon, 20 Nov 2006 12:47:39 +0100
+
+dovecot (1.0.rc14-1) unstable; urgency=medium
+
+ * New upstream release.
+
+ -- Fabio Tranchitella <kobold@debian.org> Thu, 16 Nov 2006 09:37:38 +0100
+
+dovecot (1.0.rc13-1) unstable; urgency=medium
+
+ * New upstream release.
+ * debian/rules:
+ + preserve upstream config.guess and config.sub. (Closes: #397404)
+ + really clean dovecot-sieve/src on clean target. (Closes: #397407)
+ * debian/control: added build-conflict with automake1.4. (Closes: #397409)
+ * dovecot-sieve/src/Makefile.am: move sieve plug-ins under
+ usr/lib/dovecot/lda/modules; thanks to Chris Vanden Berghe for pointing
+ this out.
+
+ -- Fabio Tranchitella <kobold@debian.org> Tue, 7 Nov 2006 09:26:56 +0100
+
+dovecot (1.0.rc12-1) unstable; urgency=low
+
+ * New upstream release.
+
+ -- Fabio Tranchitella <kobold@debian.org> Sun, 5 Nov 2006 16:52:52 +0100
+
+dovecot (1.0.rc10-3) unstable; urgency=medium
+
+ * debian/rules: fixed two typos in the configure call. (Closes: #395016)
+ * Included dovecot-sieve plug-in from CVS. (Closes: #394885)
+ * Urgency medium: we are near the freeze, and this release must be part
+ of etch.
+
+ -- Fabio Tranchitella <kobold@debian.org> Tue, 31 Oct 2006 06:30:45 +0000
+
+dovecot (1.0.rc10-2) unstable; urgency=low
+
+ * debian/patches/dovecot-example.dpatch: commented out a close brace.
+ (Closes: #394785)
+
+ -- Fabio Tranchitella <kobold@debian.org> Mon, 23 Oct 2006 08:17:13 +0000
+
+dovecot (1.0.rc10-1) unstable; urgency=low
+
+ * New upstream release. (Closes: #393004)
+ * debian/patches/dovecot-example.dpatch:
+ + added specific comments to the mail_extra_groups option.
+ (Closes: #383453)
+ + removed duplicated LDA section. (Closes: #391632)
+ * debian/dovecot.8: fixed a layout error. (Closes: #393080)
+ * debian/dovecot-common.init: added LSB headers.
+ * Switched to the upstream dovecot deliver (LDA).
+ * debian/patches/quota_v2.dpatch: added, thanks to Jonas Smedegaard.
+ (Closes: #377563)
+
+ -- Fabio Tranchitella <kobold@debian.org> Sun, 22 Oct 2006 08:55:16 +0000
+
+dovecot (1.0.rc7-1) unstable; urgency=low
+
+ * New upstream release. (Closes: #377840, #385101)
+ * debian/patches/dovecot-example.dpatch: set a default value for
+ pop3_uidl_format. (Closes: #383883)
+
+ -- Fabio Tranchitella <kobold@debian.org> Tue, 29 Aug 2006 10:38:17 +0200
+
+dovecot (1.0.rc6-1) unstable; urgency=low
+
+ * New upstream release:
+ + Fixed imap segfaults on small mbox files (2 bytes). (Closes: #377840)
+ + Fixed a known bug in dovecot's IDLE handler. (Closes: #351828)
+ + Added support for quota2. (Closes: #377563)
+ * debian/control: converted build-depends on linux-kernel-headers to
+ build-conflicts to help the GNU/kFreeBSD port. (Closes: #377479)
+ * debian/control: changed maintainer to "Dovecot Maintainers"; no changes
+ to the email addresses.
+
+ -- Fabio Tranchitella <kobold@debian.org> Tue, 15 Aug 2006 10:58:57 +0200
+
+dovecot (1.0.rc2-2) unstable; urgency=low
+
+ * patched the quota plugin to fix a missing symbol (Closes: #377018)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Fri, 7 Jul 2006 10:50:04 -0400
+
+dovecot (1.0.rc2-1) unstable; urgency=high
+
+ * New upstream release
+ * Update dovecot-lda to the latest version (05132006)
+ * IPv6 with SSL/TLS should work now. (Closes: #374783)
+ * go back to using poll instead of epoll. (Closes: #376222)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Thu, 6 Jul 2006 00:47:56 -0400
+
+dovecot (1.0.rc1-1) unstable; urgency=low
+
+ * New upstream release.
+ * Add a build-dependency on linux-kernel-headers for the xfs quotas
+ stuff. Make it higher than the version in sarge because sarges xfs
+ includes are too old. If any knowledgeable person would like to
+ give me a patch for this, please do. (Closes: #374793)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Wed, 28 Jun 2006 11:42:07 -0400
+
+dovecot (1.0.beta9-1) unstable; urgency=low
+
+ * New upstream release
+ * Added XFS quota support. Thanks Pawel Jarosz <pj@rsi.pl>
+ (Closes: #373936)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Mon, 19 Jun 2006 16:55:20 -0400
+
+dovecot (1.0.beta8-4) unstable; urgency=high
+
+ * Unfortunately, the patch in the last version broke the mysql module.
+ Fixed thanks to Martin Pitt. (Closes: #369359, #373227)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Sun, 11 Jun 2006 16:27:43 -0400
+
+dovecot (1.0.beta8-3) unstable; urgency=high
+
+ * [SECURITY] SQL injection could occur in the postgresql module with
+ certain client character encodings. (See CVE-2006-2314)
+ Used the patch from upstream and Martin Pitt <martin.pitt@ubuntu.com>.
+ Thanks Martin. (Closes: #369359)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Sun, 11 Jun 2006 15:33:55 -0400
+
+dovecot (1.0.beta8-2) unstable; urgency=high
+
+ * Don't chown/chmod ssl certificate unless we created it.
+ (Closes: #364766)
+ * Upstream fixed the crash if passwd-file had entries without passwords.
+ (Closes: #361536)
+ * fixed up the last versions changelog to better describe the security
+ problem which was fixed there.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Sun, 21 May 2006 13:16:17 -0400
+
+dovecot (1.0.beta8-1) unstable; urgency=high
+
+ * New upstream release.
+ * [SECURITY] Fixes a directory traversal vulnerability.
+ (see: http://www.dovecot.org/list/dovecot-news/2006-May/000006.html
+ and CVE-2006-2414)
+ * Set urgency to high: this version fixes a security bug
+ * Standards-Version: 3.7.2, no changes needed.
+
+ -- Fabio Tranchitella <kobold@debian.org> Sat, 13 May 2006 22:46:16 +0200
+
+dovecot (1.0.beta7-1) unstable; urgency=low
+
+ * New upstream version.
+ * Added sqlite support.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Wed, 12 Apr 2006 23:25:41 -0400
+
+dovecot (1.0.beta5-1) unstable; urgency=low
+
+ * New upstream version. Also updated dovecot-lda from CVS.
+ * debian/control. Added build-depends on flex to prevent FTBS.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Thu, 6 Apr 2006 16:22:46 -0400
+
+dovecot (1.0.beta3-3) unstable; urgency=low
+
+ * Compile against the newer mysql library. (Closes: #356729)
+
+ -- Fabio Tranchitella <kobold@debian.org> Wed, 22 Mar 2006 13:43:04 +0000
+
+dovecot (1.0.beta3-2) unstable; urgency=low
+
+ [Fabio Tranchitella]
+ * debian/control: added build-depends on byacc.
+ * debian/rules: removed --with-vpopmail option, because libvpopmail-dev
+ is in contrib and we don't wanto to have dovecot build-depends on it.
+ * debian/patches/dovecot-example.dpatch: added two small commented
+ block of configuration for dovecot-lda.
+
+ -- Fabio Tranchitella <kobold@debian.org> Sun, 26 Feb 2006 20:59:06 +0000
+
+dovecot (1.0.beta3-1) unstable; urgency=high
+
+ [Fabio Tranchitella]
+ * New upstream release, which fixes two security related bugs.
+ CVE-2006-0730 (Closes: #353341)
+ * Included dovecot-lda (ver. 20060209). (Closes: #353307, #347348, #333962)
+
+ [ Jaldhar H. Vyas ]
+ * Removed the code for upgrading impad.pem. This might bite if you if
+ you try and upgrade a woody version of dovecot to this one. So
+ don't do that. (Closes: #337715)
+ * dovecot-imapd,dovecot-pop3d: depend on dovecot-common >= 1.0beta3-1
+ as the way SSL parameters are generated has changed. (Closes: #353404)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Fri, 17 Feb 2006 22:06:21 -0500
+
+dovecot (1.0.beta2-1) unstable; urgency=low
+
+ [Fabio Tranchitella]
+ * New upstream release.
+ * debian/rules: compile with vpopmail support. (Closes: #347838)
+ * debian/patches: removed zlib patch (merged with upstream).
+
+ -- Fabio Tranchitella <kobold@debian.org> Thu, 2 Feb 2006 21:38:32 +0000
+
+dovecot (1.0.alpha5-1) unstable; urgency=low
+
+ [Fabio Tranchitella]
+ * New upstream release.
+ * Compile dovecot with Kerberos support. (Closes: #338384)
+ * Fixed a small typo in mbox specification. (Closes: #339789)
+ * Added man page for maildirmake.dovecot, thanks to Henry Precheur.
+ (Closes: #340498)
+ * Use /usr/lib/dovecot/modules as basedir for dynamic modules.
+ Upstream suggests /usr/lib/dovecot, but we already use it as
+ libexec directory.
+
+ -- Fabio Tranchitella <kobold@debian.org> Wed, 21 Dec 2005 13:44:38 +0000
+
+dovecot (1.0.alpha4-1) unstable; urgency=low
+
+ [Jaldhar H. Vyas]
+ * New upstream version.
+ * Made sure the default dovecot.conf includes mail_extra_groups=mail
+ (Closes: #336476) somehow this edit got lost at some point.
+ * use ISO8601 date format as default value for log_timestamp in
+ /etc/dovecot/dovecot.conf (Closes: #333059)
+ * stop shipping {arch} directories in source (Closes: #334646)
+ * Include plugin for compressed mboxen (Closes: #332384)
+ * updated NEWS.Debian to warn users that the dovecot.conf syntax has
+ changed (Closes: #334209)
+ * Remember, remember, the 5th of November.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Sat, 5 Nov 2005 23:19:19 -0500
+
+dovecot (1.0.alpha3-2) unstable; urgency=low
+
+ [Jaldhar H. Vyas]
+ * dovecot-common: When creating the dovecot user in the postinst,
+ the --ingroup option to adduser to add dovecot to group
+ mail isn't used anymore.
+ (Closes: #330960, #331106)
+ * commented out userdb passdb from default configuration. Most
+ people won't need that. (Closes: #330978)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Thu, 6 Oct 2005 14:25:33 -0400
+
+dovecot (1.0.alpha3-1) unstable; urgency=low
+
+ [ Fabio Tranchitella ]
+ * New upstream release (dovecot-1.0.alpha.3)
+ * debian/patches/ipv6_v6only.dpatch: removed, upstream accepted it.
+ * debian/dovecot-common.postinst: removed bashisms.
+ * debian/dovecot-common.postinst: add dovecot user to group mail.
+ (Closes: #323921)
+ * debian/control: removed conflicts with imap-server and pop3-server,
+ added replaces instead. (Closes: #324480)
+ [ Jaldhar H. Vyas ]
+ * No longer crashes when using LDAP as userdb/passdb (Closes: #320388)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Mon, 26 Sep 2005 01:42:09 -0400
+
+dovecot (0.99.20050712-2) unstable; urgency=low
+
+ * Fabio Tranchitella <kobold@debian.org>
+ + debian/control: dovecot-common has to depend on adduser.
+ + debian/patches/documentation.dpatch: some cosmetic fixes about mysql
+ backend.
+ * Jaldhar H. Vyas <jaldhar@debian.org>
+ + debian/control: tighten dovecot-imapd and dovecot-pop3d's dependency on
+ dovecot-common (Closes: #319465)
+ + debian/patches/dovecot-example.dpatch: some more fixes to default
+ configuration. (Closes: #319413, #319941)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Fri, 29 Jul 2005 15:37:52 -0400
+
+dovecot (0.99.20050712-1) unstable; urgency=low
+
+ * Fabio Tranchitella <kobold@debian.org>
+ + New upstream version (dovecot-stable, last update 20050712).
+ (Closes: #312893)
+ + debian/control: Standards-Version: 3.6.2 (no changes needed).
+ + debian/patches/dovecot-sql.dpatch: use the right path for mysql socket.
+ (Closes: #298874)
+ * Jaldhar H. Vyas <jaldhar@debian.org>
+ + Removed dovecot package as it was just a woody->sarge transitional
+ pseudo-package.
+ + Apply patch to debian/dovecot-common.init to help when manually
+ starting dovecot. Thanks Roland Stigge. (Closes: #309679)
+ + Apply patch to src/lib/network.c to support IPV6_V6ONLY. Thanks
+ Marco D'Itri. (Closes: #308652)
+ + depend on the latest postgresql library.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Wed, 20 Jul 2005 06:30:37 -0400
+
+dovecot (0.99.14-1) unstable; urgency=low
+
+ * New upstream version.
+ * dovecot-common: another postinst regexp fix for SSL cert/key files.
+ (Closes: #294989)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Sat, 12 Feb 2005 21:34:33 -0500
+
+dovecot (0.99.13-6) unstable; urgency=high
+
+ * dovecot-common: *sigh* another init script fix. Hopefully we now
+ fully deal with dovecot being run from inetd. Thanks again to Magnus
+ Holmgren. (Closes: #293348)
+ * High again so -5 doesn't get into sarge.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Mon, 7 Feb 2005 02:58:30 -0500
+
+dovecot (0.99.13-5) unstable; urgency=high
+
+ * dovecot-common: typo in postinst resulted in incorrect generation of
+ keys for first-time installers. Hence urgency high.
+ * dovecot-common: In init script, make extra check to make sure an
+ IMAP or POP3 server called from inetd is dovecot and not some other
+ random inferior product. (Closes: #293348)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Sat, 5 Feb 2005 13:56:31 -0500
+
+dovecot (0.99.13-4) unstable; urgency=low
+
+ * build depend on libmysqlclient12
+ * dovecot-common: Allow STARTTLS to work when dovecot is run from inetd
+ Thanks Magnus Holmgren (Closes: #290985)
+ * dovecot-common: let init script exit if dovecot is being run from inetd
+ Thanks Magnus Holmgren (Closes: #292195)
+ * dovecot-common: fix a number of problems in postinst
+ + fails if /etc/ssl/certs or /etc/ssl/private doesn't exist
+ + certs cannot be generated and upgrade fails if openssl is not
+ configured. Fail more gracefully if this is the case.
+ + read the name and path for the cert from dovecot.conf instead of
+ hardcoding it.
+ Thanks Frederic Pauget (Closes: #292344)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Sun, 30 Jan 2005 15:20:03 -0500
+
+dovecot (0.99.13-3) unstable; urgency=high
+
+ * Oops -2 had to be urgency=high so -1 doesn't get into sarge.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Sat, 8 Jan 2005 12:11:38 -0500
+
+dovecot (0.99.13-2) unstable; urgency=low
+
+ * dovecot-imapd, dovecot-pop3d: It occurred to me that the effects of
+ fixing #288391 will cause confusion in the minds of new installers so I
+ should add a warning in README.Debian and NEWS.Debian in a vain
+ effort to stave off swarms of bug reports. (Vain, because no one
+ actually reads documentation anyway.)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Sat, 8 Jan 2005 11:29:59 -0500
+
+dovecot (0.99.13-1) unstable; urgency=high
+
+ * New upstream version.
+ * dovecot-imapd, dovecot-pop3d: No longer mess with dovecot.conf in postinst
+ (Closes: #288391)
+ * urgency high due to #288391 being a release-critical bug.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Fri, 7 Jan 2005 17:37:08 -0500
+
+dovecot (0.99.12-1) unstable; urgency=low
+
+ * New upstream version. (Yes I know 0.99.13 is just around the corner.)
+ * SASL is re-enabled so this bug ("Dovecot seems not to require SASL")
+ is no longer valid (Closes: #272093)
+ * Configuration files moved to /etc/dovecot (Closes: #276183)
+ * Permissions on /var/run/dovecot and /var/run/dovecot/login no longer
+ give warnings. (Closes: #283996)
+ * SSL certificate is world readable (Closes: #277114).
+ * Thanks to Jan Buren, much extra documentation has been added to
+ /usr/share/doc/dovecot-common/README.Debian
+ * Lintian overrides added.
+ * Happy new year to all you Gregorians
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Fri, 31 Dec 2004 15:55:07 -0500
+
+dovecot (0.99.11-3) unstable; urgency=medium
+
+ * applied dovecot-large-header-fix patch to prevent 100% CPU
+ utilization when dealing with really large headers.
+ (Closes: #271458)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Mon, 13 Sep 2004 20:20:23 -0400
+
+dovecot (0.99.11-2) unstable; urgency=low
+
+ * Eliminated duplicate stanza in dovecot.conf (Closes: #270181)
+ * Reapplied CRAM-MD5 patch.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Mon, 6 Sep 2004 01:24:53 -0400
+
+dovecot (0.99.11-1) unstable; urgency=low
+
+ * New upstream release.
+ * patch to give bug reporting address in configure.ac.
+ Thanks Matthias Andree.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Sat, 4 Sep 2004 14:24:57 -0400
+
+dovecot (0.99.10.9-2) unstable; urgency=low
+
+ * screw mipsel.
+ * Added PAM_RHOST patch. Thanks Dean Gaudet. (Closes: #264712)
+ * Added CRAM-MD5 patch. Thanks Joshua Goodall.
+ * Added unexpected EOF patch from Timo.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Tue, 17 Aug 2004 01:13:20 -0400
+
+dovecot (0.99.10.9-1) unstable; urgency=low
+
+ * New upstream release.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Mon, 2 Aug 2004 18:56:02 -0400
+
+dovecot (0.99.10.8-1) unstable; urgency=low
+
+ * New upstream release.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Fri, 30 Jul 2004 08:17:51 -0400
+
+dovecot (0.99.10.7-1) unstable; urgency=low
+
+ * New upstream release.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Wed, 14 Jul 2004 07:29:49 -0400
+
+dovecot (0.99.10.6-3) unstable; urgency=low
+
+ * Patched so dovecot follows symlinks to directories again.
+ (Closes: #256061)
+ * Changed the priority of init script so it is run after postgresql
+ (Closes: #256068)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Thu, 24 Jun 2004 23:57:50 -0400
+
+dovecot (0.99.10.6-2) unstable; urgency=high
+
+ * I needed to enable one more parameter in the configuration in order
+ to get dot-locking working. Hence this should still be high urgency.
+ (Really Closes: #185335)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Mon, 21 Jun 2004 20:02:29 -0400
+
+dovecot (0.99.10.6-1) unstable; urgency=high
+
+ * New upstream version.
+ + finally fixes dot-locking so I think it deserves high priority for
+ sarge. (Closes: #185335)
+ * dovecot: fixed a typo in description (Closes: #254415)
+ * dovecot-common: man page for dovecot added. Thanks Kai Hendry.
+ (Closes: #253482)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Sat, 19 Jun 2004 23:18:39 -0400
+
+dovecot (0.99.10.5-4) unstable; urgency=high
+
+ * Crap, typo in dovecot-common.postinst sorry. This should only
+ affect new installs though.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Fri, 11 Jun 2004 22:30:41 -0400
+
+dovecot (0.99.10.5-3) unstable; urgency=high
+
+ * SECURITY: set permissions on config files to 0600 to prevent
+ disclosure of sensitive information to local users. (Closes: #253760)
+ * SECURITY: Tightened permissions on generated SSL certificate.
+ (Closes: #253833)
+ * Made a note that dovecot-openssl.conf is not needed on Debian
+ because we generate a certificate in dovecot-commons' postinst.
+ (Closes: #253774)
+ * Added maildir-autocreate patch.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Fri, 11 Jun 2004 09:12:07 -0400
+
+dovecot (0.99.10.5-2) unstable; urgency=low
+
+ * Added maildir-stat patch.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Thu, 10 Jun 2004 14:39:28 -0400
+
+dovecot (0.99.10.5-1) unstable; urgency=low
+
+ * New upstream version.
+ * Enabled mysql support.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Thu, 27 May 2004 13:21:42 -0400
+
+dovecot (0.99.10.4-5) unstable; urgency=high
+
+ * Switched to using openssl as dovecot segfaults with gnutls7 and is
+ not compatible with gnutls10 (Closes: #244570)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Mon, 19 Apr 2004 22:45:21 -0400
+
+dovecot (0.99.10.4-4) unstable; urgency=low
+
+ * Added a patch to src/auth/db-pgsql.c from Zsolt VARGA.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Tue, 30 Mar 2004 12:49:31 -0500
+
+dovecot (0.99.10.4-3) unstable; urgency=high
+
+ * dovecot-common: Fix postinst to no longer delete /etc/pam.d/imap
+ (Closes: #232832)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Mon, 15 Mar 2004 10:27:52 -0500
+
+dovecot (0.99.10.4-2) unstable; urgency=low
+
+ * dovecot-common: now replaces: dovecot for smoother upgrades.
+ (Closes: #223666)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Thu, 11 Dec 2003 09:18:12 -0500
+
+dovecot (0.99.10.4-1) unstable; urgency=low
+
+ * New upstream version
+ + This fixes the corruption of .subscriptions files with folders in
+ maildir format. (Closes: #222272)
+ * Some extra information included in dovecot-common.README.Debian.
+ (Closes: #221106) There should probably be more so if you have ideas
+ let me know.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Mon, 1 Dec 2003 23:41:00 -0500
+
+dovecot (0.99.10.2-1) unstable; urgency=low
+
+ * New upstream version.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Tue, 11 Nov 2003 17:21:45 -0500
+
+dovecot (0.99.10-11) unstable; urgency=low
+
+ * Build depend on gnutls 7 instead of 5 (Closes: #219523)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Thu, 6 Nov 2003 22:25:00 -0500
+
+dovecot (0.99.10-10) unstable; urgency=low
+
+ * maildirmake.dovecot will now let you create maildirs whose names
+ have spaces in them and chown them to a specified user. Thanks Paul
+ Slootman (Closes: #219168)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Tue, 4 Nov 2003 20:00:25 +0000
+
+dovecot (0.99.10-9) unstable; urgency=low
+
+ * Don't use SASL2 as upstream says the support is broken.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Tue, 23 Sep 2003 16:27:11 +0000
+
+dovecot (0.99.10-8) unstable; urgency=low
+
+ * Patched so suid works on 2.6 kernels. Thanks Peter Gervai.
+ (Closes: #211420)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Wed, 17 Sep 2003 17:59:10 +0000
+
+dovecot (0.99.10-7) unstable; urgency=low
+
+ * Yet another init script fix. It should be ok now. Thanks once again
+ to Alexis Iglauer.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Wed, 27 Aug 2003 10:56:04 -0400
+
+dovecot (0.99.10-6) unstable; urgency=low
+
+ * fix some errors in init script (closes: #207464)
+ Thanks to Adam Lackorzynski and Alexis Iglauer.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Wed, 27 Aug 2003 09:02:23 -0400
+
+dovecot (0.99.10-5) unstable; urgency=high
+
+ * dovecot-pop3d, dovecot-imapd: make sure init script doesn't
+ attempt to start the daemons if unconfigured thus preventing
+ segfault on startup. (Closes: #206992, #207140)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Mon, 25 Aug 2003 16:40:53 -0400
+
+dovecot (0.99.10-4) unstable; urgency=low
+
+ * Updated PAM configuration to the new scheme and added appropriate
+ dependency.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Fri, 22 Aug 2003 12:54:54 -0400
+
+dovecot (0.99.10-3) unstable; urgency=low
+
+ * dovecot-pop3d: Patch for proper PAM service name.
+ * dovecot-imapd, dovecot-pop3d: Make sure there is an appropriate
+ entry in the protocol = line in /etc/dovecot.conf so the service
+ will start up without errors. (Closes: #204213)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Thu, 21 Aug 2003 13:47:00 -0400
+
+dovecot (0.99.10-2.1) unstable; urgency=low
+
+ * Non-maintainer upload at request of maintainer.
+ * Fix segfault on alpha caused by time_t size. Closes: #203892.
+ * Fix segfault when user's home directory is left empty.
+
+ -- Scott James Remnant <scott@netsplit.com> Wed, 6 Aug 2003 01:47:16 +0100
+
+dovecot (0.99.10-2) unstable; urgency=low
+
+ * corrected paths to example and configuration files in sample config
+ (Closes: #199740)
+ * Added postgresql support.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Thu, 3 Jul 2003 16:45:49 -0400
+
+dovecot (0.99.10-1) unstable; urgency=low
+
+ * New upstream release.
+ * PAM service name has changed to dovecot (for IMAP and POP3.) I've included
+ code to move /etc/pam.d/imap to /etc/pam.d/dovecot but if things suddenly
+ stop working, this is the first thing to check.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Thu, 26 Jun 2003 22:31:07 -0400
+
+dovecot (0.99.10-0.rc2) unstable; urgency=low
+
+ * New upstream release. Fixes broken imaps support.
+ * Typo in configure options that broke LDAP support on woody corrected.
+ * Only start /usr/sbin/dovecot if either the IMAP or POP3 servers are
+ installed. (Closes: #192066)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Mon, 23 Jun 2003 23:26:04 -0400
+
+dovecot (0.99.9.1-1) unstable; urgency=low
+
+ * New upstream release.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Sun, 4 May 2003 21:49:55 -0400
+
+dovecot (0.99.9-1) unstable; urgency=low
+
+ * New upstream release.
+ * The IMAP and POP3 servers have been split into separate package so you
+ don't have to install both. There is also a dovecot-common package
+ for the parts they share. The dovecot package is now a dummy just for
+ transitioning to this new scheme. (Closes: #187826)
+ * Allow chmod in maildirmake.dovecot to fail gracefully (Closes: #191244)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Wed, 30 Apr 2003 08:53:46 -0400
+
+dovecot (0.99.8.1-4) unstable; urgency=low
+
+ * Added a build-depends on libsasl-dev (Closes: #187516)
+ * Enabled pop3 service. However it is still turned off in the config file by
+ default so as to not surprise anyone who thought they only had an IMAP
+ server.
+ * Consequently, changed "IMAP server" in descriptions etc. to "mail server".
+ * only skip key generation if both /etc/ssl/certs/dovecot.pem and
+ /etc/ssl/private/dovecot.pem exist. (Closes: #187638)
+ * post-0.99.8.1 patch: Fix renaming subfolders with maildir.
+ * post-0.99.8.1 patch: Fix other maildir subfolder problems.
+ * post-0.99.8.1 patch: Fix partial body fetches.
+ * post-0.99.8.1 patch: Fix using LITERAL+APPEND.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Sat, 5 Apr 2003 14:13:52 -0500
+
+dovecot (0.99.8.1-3) unstable; urgency=low
+
+ * Fixed bashism and perlism(!) in maildirmake.dovecot. Thanks Clint
+ Adams. (Closes: #185768)
+ * Enabled LDAP support. The configuration is in /etc/dovecot-ldap.conf
+ but is commented out.
+ * Happy new year to all Debian users still on the Julian calendar.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Tue, 25 Mar 2003 09:25:37 -0500
+
+dovecot (0.99.8.1-2) unstable; urgency=low
+
+ * Make a separate check for /etc/ssl/private/imapd.pem in case we don't
+ have it. (Closes: #185334)
+ * Move check for dovecot user and creation code to postinsts' configure
+ phase. (Closes: #185333)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Wed, 19 Mar 2003 01:50:10 -0500
+
+dovecot (0.99.8.1-1) unstable; urgency=low
+
+ * new upstream release. (Closes: #184131) Does not include the POP3
+ server or LDAP and SASL support for now so we can get into the archive
+ quickly. Fixes segfaults in imap-master (Closes: #184231) Fixes
+ faulty mail autodetection presets (Closes: #179625)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Sun, 16 Mar 2003 15:47:54 -0500
+
+dovecot (0.99.7-4) unstable; urgency=low
+
+ * Fixed location of handlers. (Closes: #179273)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Fri, 31 Jan 2003 18:37:23 -0500
+
+dovecot (0.99.7-3) unstable; urgency=low
+
+ * doh pam file should be called imap not dovecot (Closes: #179180)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Fri, 31 Jan 2003 14:12:29 -0500
+
+dovecot (0.99.7-2) unstable; urgency=low
+
+ * Added two upstream patches to fix broken plain authentication and
+ building with vpopmail support (which is not enabled in the Debian
+ package yet.)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Fri, 17 Jan 2003 14:24:22 -0500
+
+dovecot (0.99.7-1) unstable; urgency=low
+
+ * New upstream release.
+ * Syslog no longer fills up with entries when dovecot is misconfigured.
+ (Closes: #175507)
+ * startup is logged now. shutdowns were already logged. (Closes: #175509)
+ * dovecot will not remove your SSL certificates now. (Closes: #175282)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Wed, 15 Jan 2003 00:58:23 -0500
+
+dovecot (0.99.6rc2-1) unstable; urgency=low
+
+ * New upstream release.
+ * Includes patch which stops dovecot from dying on alpha (Closes: #175577)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Wed, 8 Jan 2003 14:22:09 -0500
+
+dovecot (0.99.5-1) unstable; urgency=low
+
+ * New upstream release with many fixes and improvements.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Fri, 3 Jan 2003 00:53:26 -0500
+
+dovecot (0.99.4-1) unstable; urgency=low
+
+ * Initial Release.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Wed, 18 Dec 2002 09:44:39 -0500
diff --git a/debian/control b/debian/control
new file mode 100644
index 0000000..b4ab752
--- /dev/null
+++ b/debian/control
@@ -0,0 +1,285 @@
+Source: dovecot
+Section: mail
+Priority: optional
+Maintainer: Dovecot Maintainers <dovecot@packages.debian.org>
+Uploaders: Jaldhar H. Vyas <jaldhar@debian.org>,
+ Jelmer Vernooij <jelmer@debian.org>,
+ Apollon Oikonomopoulos <apoikos@debian.org>,
+ Noah Meyerhans <noahm@debian.org>
+Build-Depends: debhelper-compat (= 13),
+ default-libmysqlclient-dev,
+ krb5-multidev,
+ libapparmor-dev [linux-any],
+ libbz2-dev,
+ libcap-dev [linux-any],
+ libdb-dev,
+ libexpat-dev,
+ libexttextcat-dev,
+ libicu-dev,
+ libldap2-dev,
+ liblua5.4-dev,
+ liblz4-dev,
+ liblzma-dev,
+ libpam0g-dev,
+ libpq-dev,
+ libsasl2-dev,
+ libsodium-dev,
+ libsqlite3-dev,
+ libssl-dev,
+ libstemmer-dev,
+ libsystemd-dev [linux-any],
+ libunwind-dev [amd64 armel armhf hppa i386 ia64 mips mips64 mips64el mipsel powerpc powerpcspe ppc64 ppc64el sh4],
+ libwrap0-dev,
+ libzstd-dev,
+ lsb-release,
+ pkg-config,
+ zlib1g-dev
+Standards-Version: 4.6.2
+Rules-Requires-Root: binary-targets
+Homepage: https://dovecot.org/
+Vcs-Git: https://salsa.debian.org/debian/dovecot.git
+Vcs-Browser: https://salsa.debian.org/debian/dovecot
+
+Package: dovecot-core
+Architecture: any
+Pre-Depends: ${misc:Pre-Depends}
+Depends: adduser,
+ libpam-runtime,
+ openssl,
+ ssl-cert,
+ ucf,
+ ${misc:Depends},
+ ${shlibs:Depends}
+Suggests: dovecot-gssapi,
+ dovecot-imapd,
+ dovecot-ldap,
+ dovecot-lmtpd,
+ dovecot-managesieved,
+ dovecot-mysql,
+ dovecot-pgsql,
+ dovecot-pop3d,
+ dovecot-sieve,
+ dovecot-solr,
+ dovecot-sqlite,
+ dovecot-submissiond,
+ ntp
+Provides: dovecot-abi-${dovecot:ABI-Version}, dovecot-common
+Replaces: dovecot-common (<< 1:2.0.14-2~), mailavenger (<< 0.8.1-4)
+Breaks: dovecot-common (<< 1:2.0.14-2~), mailavenger (<< 0.8.1-4)
+Description: secure POP3/IMAP server - core files
+ Dovecot is a mail server whose major goals are security and extreme
+ reliability. It tries very hard to handle all error conditions and verify
+ that all data is valid, making it nearly impossible to crash. It supports
+ mbox/Maildir and its own dbox/mdbox formats, and should also be pretty
+ fast, extensible, and portable.
+ .
+ This package contains the Dovecot main server and its command line utility.
+
+Package: dovecot-dev
+Architecture: any
+Depends: ${misc:Depends}, ${shlibs:Depends}
+Replaces: dovecot-common (<< 1:2.0.14-2~), dovecot-core (<< 1:2.2.26.0-1~)
+Breaks: dovecot-common (<< 1:2.0.14-2~), dovecot-core (<< 1:2.2.26.0-1~)
+Description: secure POP3/IMAP server - header files
+ Dovecot is a mail server whose major goals are security and extreme
+ reliability. It tries very hard to handle all error conditions and verify
+ that all data is valid, making it nearly impossible to crash. It supports
+ mbox/Maildir and its own dbox/mdbox formats, and should also be pretty
+ fast, extensible, and portable.
+ .
+ This package contains header files needed to compile plugins for the Dovecot
+ mail server.
+
+Package: dovecot-imapd
+Architecture: any
+Depends: dovecot-core (= ${binary:Version}),
+ ucf,
+ ${misc:Depends},
+ ${shlibs:Depends}
+Suggests: ufw
+Provides: imap-server
+Description: secure POP3/IMAP server - IMAP daemon
+ Dovecot is a mail server whose major goals are security and extreme
+ reliability. It tries very hard to handle all error conditions and verify
+ that all data is valid, making it nearly impossible to crash. It supports
+ mbox/Maildir and its own dbox/mdbox formats, and should also be pretty
+ fast, extensible, and portable.
+ .
+ This package contains the Dovecot IMAP server.
+
+Package: dovecot-pop3d
+Architecture: any
+Depends: dovecot-core (= ${binary:Version}),
+ ucf,
+ ${misc:Depends},
+ ${shlibs:Depends}
+Suggests: ufw
+Provides: pop3-server
+Description: secure POP3/IMAP server - POP3 daemon
+ Dovecot is a mail server whose major goals are security and extreme
+ reliability. It tries very hard to handle all error conditions and verify
+ that all data is valid, making it nearly impossible to crash. It supports
+ mbox/Maildir and its own dbox/mdbox formats, and should also be pretty
+ fast, extensible, and portable.
+ .
+ This package contains the Dovecot POP3 server.
+
+Package: dovecot-lmtpd
+Architecture: any
+Depends: dovecot-core (= ${binary:Version}),
+ ucf,
+ ${misc:Depends},
+ ${shlibs:Depends}
+Replaces: dovecot-common (<< 1:2.0.14-2~)
+Breaks: dovecot-common (<< 1:2.0.14-2~)
+Description: secure POP3/IMAP server - LMTP server
+ Dovecot is a mail server whose major goals are security and extreme
+ reliability. It tries very hard to handle all error conditions and verify
+ that all data is valid, making it nearly impossible to crash. It supports
+ mbox/Maildir and its own dbox/mdbox formats, and should also be pretty
+ fast, extensible, and portable.
+ .
+ This package contains the Dovecot LMTP server.
+
+Package: dovecot-managesieved
+Architecture: any
+Depends: dovecot-core (= ${binary:Version}),
+ dovecot-sieve (= ${binary:Version}),
+ ucf,
+ ${misc:Depends},
+ ${shlibs:Depends}
+Replaces: dovecot-common (<< 1:2.0.14-2~)
+Breaks: dovecot-common (<< 1:2.0.14-2~)
+Description: secure POP3/IMAP server - ManageSieve server
+ Dovecot is a mail server whose major goals are security and extreme
+ reliability. It tries very hard to handle all error conditions and verify
+ that all data is valid, making it nearly impossible to crash. It supports
+ mbox/Maildir and its own dbox/mdbox formats, and should also be pretty
+ fast, extensible, and portable.
+ .
+ This package contains the Dovecot ManageSieve server.
+
+Package: dovecot-pgsql
+Architecture: any
+Depends: dovecot-core (= ${binary:Version}), ${misc:Depends}, ${shlibs:Depends}
+Description: secure POP3/IMAP server - PostgreSQL support
+ Dovecot is a mail server whose major goals are security and extreme
+ reliability. It tries very hard to handle all error conditions and verify
+ that all data is valid, making it nearly impossible to crash. It supports
+ mbox/Maildir and its own dbox/mdbox formats, and should also be pretty
+ fast, extensible, and portable.
+ .
+ This package provides PostgreSQL support for Dovecot.
+
+Package: dovecot-mysql
+Architecture: any
+Depends: dovecot-core (= ${binary:Version}), ${misc:Depends}, ${shlibs:Depends}
+Description: secure POP3/IMAP server - MySQL support
+ Dovecot is a mail server whose major goals are security and extreme
+ reliability. It tries very hard to handle all error conditions and verify
+ that all data is valid, making it nearly impossible to crash. It supports
+ mbox/Maildir and its own dbox/mdbox formats, and should also be pretty
+ fast, extensible, and portable.
+ .
+ This package provides MySQL support for Dovecot.
+
+Package: dovecot-sqlite
+Architecture: any
+Depends: dovecot-core (= ${binary:Version}), ${misc:Depends}, ${shlibs:Depends}
+Description: secure POP3/IMAP server - SQLite support
+ Dovecot is a mail server whose major goals are security and extreme
+ reliability. It tries very hard to handle all error conditions and verify
+ that all data is valid, making it nearly impossible to crash. It supports
+ mbox/Maildir and its own dbox/mdbox formats, and should also be pretty
+ fast, extensible, and portable.
+ .
+ This package provides SQLite support for Dovecot.
+
+Package: dovecot-ldap
+Architecture: any
+Depends: dovecot-core (= ${binary:Version}),
+ ucf,
+ ${misc:Depends},
+ ${shlibs:Depends}
+Replaces: dovecot-core (<< 1:2.2.26.0-1~)
+Breaks: dovecot-core (<< 1:2.2.26.0-1~)
+Description: secure POP3/IMAP server - LDAP support
+ Dovecot is a mail server whose major goals are security and extreme
+ reliability. It tries very hard to handle all error conditions and verify
+ that all data is valid, making it nearly impossible to crash. It supports
+ mbox/Maildir and its own dbox/mdbox formats, and should also be pretty
+ fast, extensible, and portable.
+ .
+ This package provides LDAP support for Dovecot.
+
+Package: dovecot-gssapi
+Architecture: any
+Depends: dovecot-core (= ${binary:Version}), ${misc:Depends}, ${shlibs:Depends}
+Description: secure POP3/IMAP server - GSSAPI support
+ Dovecot is a mail server whose major goals are security and extreme
+ reliability. It tries very hard to handle all error conditions and verify
+ that all data is valid, making it nearly impossible to crash. It supports
+ mbox/Maildir and its own dbox/mdbox formats, and should also be pretty
+ fast, extensible, and portable.
+ .
+ This package provides GSSAPI authentication support for Dovecot.
+
+Package: dovecot-sieve
+Architecture: any
+Depends: dovecot-core (= ${binary:Version}),
+ ucf,
+ ${misc:Depends},
+ ${shlibs:Depends}
+Breaks: dovecot-core (<= 1:2.2.13-6), dovecot-imapd (<< 1:2.2.26.0-1~)
+Replaces: dovecot-core (<= 1:2.2.13-6), dovecot-imapd (<< 1:2.2.26.0-1~)
+Description: secure POP3/IMAP server - Sieve filters support
+ Dovecot is a mail server whose major goals are security and extreme
+ reliability. It tries very hard to handle all error conditions and verify
+ that all data is valid, making it nearly impossible to crash. It supports
+ mbox/Maildir and its own dbox/mdbox formats, and should also be pretty
+ fast, extensible, and portable.
+ .
+ This package provides Sieve filters support for Dovecot.
+
+Package: dovecot-solr
+Architecture: any
+Depends: dovecot-core (= ${binary:Version}), ${misc:Depends}, ${shlibs:Depends}
+Description: secure POP3/IMAP server - Solr support
+ Dovecot is a mail server whose major goals are security and extreme
+ reliability. It tries very hard to handle all error conditions and verify
+ that all data is valid, making it nearly impossible to crash. It supports
+ mbox/Maildir and its own dbox/mdbox formats, and should also be pretty
+ fast, extensible, and portable.
+ .
+ This package provides Solr full text search support for Dovecot.
+
+Package: dovecot-submissiond
+Architecture: any
+Depends: dovecot-core (= ${binary:Version}),
+ ucf,
+ ${misc:Depends},
+ ${shlibs:Depends}
+Breaks: dovecot-submission (<< 1:2.3.1-2~)
+Replaces: dovecot-submission (<< 1:2.3.1-2~)
+Description: secure POP3/IMAP server - mail submission agent
+ Dovecot is a mail server whose major goals are security and extreme
+ reliability. It tries very hard to handle all error conditions and verify
+ that all data is valid, making it nearly impossible to crash. It supports
+ mbox/Maildir and its own dbox/mdbox formats, and should also be pretty
+ fast, extensible, and portable.
+ .
+ This package contains the Dovecot Mail Submission Agent which implements a
+ basic SMTP submission service with BURL support.
+
+Package: dovecot-auth-lua
+Architecture: any
+Depends: dovecot-core (= ${binary:Version}), ${misc:Depends}, ${shlibs:Depends}
+Description: secure POP3/IMAP server - Lua authentication plugin
+ Dovecot is a mail server whose major goals are security and extreme
+ reliability. It tries very hard to handle all error conditions and verify
+ that all data is valid, making it nearly impossible to crash. It supports
+ mbox/Maildir and its own dbox/mdbox formats, and should also be pretty
+ fast, extensible, and portable.
+ .
+ This package contains an authentication plugin allowing password and user
+ databases to be implemented in Lua.
diff --git a/debian/copyright b/debian/copyright
new file mode 100644
index 0000000..69676a8
--- /dev/null
+++ b/debian/copyright
@@ -0,0 +1,271 @@
+Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
+Upstream-Name: dovecot
+Upstream-Contact: Timo Sirainen <tss@iki.fi>
+ Dovecot Mailing List <dovecot@dovecot.org>
+Comment: This package was debianized by Jaldhar H. Vyas <jaldhar@debian.org> on
+ Tue, 3 Dec 2002 01:10:07 -0500.
+Source: https://github.com/dovecot/core
+Files-Excluded-pigeonhole: doc/rfc
+
+Files: *
+Copyright: (c) 2001-2022 Dovecot authors
+Comment: see AUTHORS
+License: LGPL-2.1
+
+Files: src/lib/*
+ src/lib-sql/*
+Copyright: (c) 2001-2022 Dovecot authors
+Comment: see AUTHORS
+License: MIT
+
+Files: src/auth/*
+Copyright: (c) 2004-2006 Andrey Panin <pazke@donpac.ru>
+ (c) 2005 Jelmer Vernooij <jelmer@samba.org>
+ (c) 2011-2016 Florian Zeitz <florob@babelmonkeys.de>
+ (c) 2007 Dmitry Butskoy <dmitry@butskoy.name>
+ (C) 2006 Simon L Jackson
+ (c) 2015-2017 Dovecot Oy
+License: MIT
+
+Files: src/auth/password-scheme-md5crypt.c
+Copyright: Poul-Henning Kamp <phk@login.dknet.dk>
+License: Beerware
+ "THE BEER-WARE LICENSE" (Revision 42):
+ <phk@login.dknet.dk> wrote this file. As long as you retain this notice you
+ can do whatever you want with this stuff. If we meet some day, and you think
+ this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp
+
+Files: src/lib-otp/*
+Copyright: (c) 2004-2006 Andrey Panin <pazke@donpac.ru>
+ (c) Copyright 1997-2005 Simon Tatham
+License: MIT
+
+Files: src/lib/md5.c
+Copyright: N/A
+License: public-domain-solardiz
+ Written by Solar Designer <solar@openwall.com> in 2001, and placed in the
+ public domain. There's absolutely no warrant.
+
+Files: src/lib/sha1.*
+Copyright: Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
+License: BSD-3-Clause
+
+Files: src/lib/sha2.* src/lib/sha3.*
+Copyright: Copyright (C) 2005, 2007 Olivier Gay <olivier.gay@a3.epfl.ch>
+License: BSD-3-Clause
+
+Files: src/lib/byteorder.h src/lib/test-byteorder.c
+Copyright: (c) 2016-2017 Josef 'Jeff' Sipek <jeffpc@josefsipek.net>
+License: MIT
+
+Files: src/lib/hmac.*
+Copyright: (c) 2004 Andrey Panin <pazke@donpac.ru>
+ (c) 2011-2016 Florian Zeitz <florob@babelmonkeys.de>
+License: MIT
+
+Files: src/lib/hmac-cram-md5.c
+Copyright: (c) 2003 Joshua Goodall <joshua@roughtrade.net>
+License: MIT
+
+Files: src/lib/ioloop-iolist.c
+Copyright: (c) 2004 Andrey Panin <pazke@donpac.ru>
+License: MIT
+
+Files: src/lib/ioloop-kqueue.c src/lib/ioloop-notify-kqueue.c
+Copyright: (c) 2005 Vaclav Haisman <v.haisman@sh.cvut.cz>
+License: MIT
+
+Files: src/lib/UnicodeData.txt
+Copyright: Copyright (C) 1991-2007 Unicode, Inc.
+License: Unicode-DFS-2015
+
+Files: src/lib-fts/stopwords/*
+Copyright: Copyright (c) 2001, Dr Martin Porter
+ Copyright (c) 2002, Richard Boulton.
+Comment: License obtained from http://snowball.tartarus.org/license.html
+License: BSD-3-Clause
+
+Files: src/lib-fts/stopwords/stopwords_en.txt
+Copyright: Apache Software Foundation
+License: Apache-2.0
+
+Files: src/lib-fts/stopwords/stopwords_ro.txt
+Copyright: (c) 2005, Jacques Savoy.
+License: BSD-2-Clause
+
+Files: src/plugins/fts-lucene/Snowball*
+Copyright: (C) 2003-2006 Ben van Klinken and the CLucene Team
+License: Apache-2.0 or LGPL-2.1
+
+Files: debian/*
+Copyright: (c) 2006-2016 Jaldhar H. Vyas <jaldhar@debian.org>
+ (c) 2006-2009 Fabio Tranchitella <kobold@debian.org>
+ (c) 2008-2009 Joel Johnson <mrjoel@lixil.net>
+ (c) 2009-2012 Marco Nenciarini <mnencia@debian.org>
+ (c) 2011-2013 Micah Anderson <micah@debian.org>
+ (c) 2014-2015 Jelmer Vernooij <jelmer@debian.org>
+ (c) 2016-2018 Apollon Oikonomopoulos <apoikos@debian.org>
+ (c) 2020-2022 Noah Meyerhans <noahm@debian.org>
+ (c) 2020-2022 Christian Göttsche <cgzones@googlemail.com>
+License: GPL-2+
+
+Files: pigeonhole/*
+Copyright: (c) 2002-2021 Stephan Bosch <stephan@rename-it.nl>
+ (c) 2002-2021 Dovecot authors
+Comment: Source obtained from https://pigeonhole.dovecot.org/
+License: LGPL-2.1
+
+License: MIT
+ Permission is hereby granted, free of charge, to any person obtaining a
+ copy of this software and associated documentation files (the "Software"),
+ to deal in the Software without restriction, including without limitation
+ the rights to use, copy, modify, merge, publish, distribute, sublicense,
+ and/or sell copies of the Software, and to permit persons to whom the
+ Software is furnished to do so, subject to the following conditions:
+ .
+ The above copyright notice and this permission notice shall be included in
+ all copies or substantial portions of the Software.
+ .
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+ FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
+ DEALINGS IN THE SOFTWARE.
+
+License: LGPL-2.1
+ This library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+ .
+ This library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+ .
+ You should have received a copy of the GNU Lesser General Public
+ License along with this library; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+ .
+ On Debian systems, the full text of the GNU Lesser General Public License can
+ be found at /usr/share/common-licenses/LGPL-2.1.
+
+License: Apache-2.0
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+ .
+ http://www.apache.org/licenses/LICENSE-2.0
+ .
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ .
+ On Debian systems, the full text of the Apache License, Version 2.0 can be
+ found at /usr/share/common-licenses/Apache-2.0.
+
+License: BSD-3-Clause
+ All rights reserved.
+ .
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. Neither the name of the University nor the names of its contributors
+ may be used to endorse or promote products derived from this software
+ without specific prior written permission.
+ .
+ THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ SUCH DAMAGE.
+
+License: BSD-2-Clause
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+ .
+ 1. Redistributions of source code must retain the above copyright notice, this
+ list of conditions and the following disclaimer.
+ .
+ 2. Redistributions in binary form must reproduce the above copyright notice,
+ this list of conditions and the following disclaimer in the documentation
+ and/or other materials provided with the distribution.
+ .
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+ FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+ CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+License: GPL-2+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+ .
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+ .
+ You should have received a copy of the GNU General Public License along
+ with this program; if not, write to the Free Software Foundation, Inc.,
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ .
+ On Debian systems, the full text of the GNU General Public License version 2
+ can be found at /usr/share/common-licenses/GPL-2.
+
+License: Unicode-DFS-2015
+ Copyright © 1991-2015 Unicode, Inc. All rights reserved. Distributed under the
+ Terms of Use in http://www.unicode.org/copyright.html.
+ .
+ Permission is hereby granted, free of charge, to any person obtaining a copy
+ of the Unicode data files and any associated documentation (the "Data Files")
+ or Unicode software and any associated documentation (the "Software") to deal
+ in the Data Files or Software without restriction, including without limitation
+ the rights to use, copy, modify, merge, publish, distribute, and/or sell copies
+ of the Data Files or Software, and to permit persons to whom the Data Files or
+ Software are furnished to do so, provided that
+ .
+ (a) this copyright and permission notice appear with all copies of the Data
+ Files or Software,
+ (b) this copyright and permission notice appear in associated documentation,
+ and
+ (c) there is clear notice in each modified Data File or in the Software as
+ well as in the documentation associated with the Data File(s) or Software
+ that the data or software has been modified.
+ .
+ THE DATA FILES AND SOFTWARE ARE PROVIDED "AS IS", WITHOUT WARRANTY OF ANY
+ KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD
+ PARTY RIGHTS. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR HOLDERS INCLUDED IN
+ THIS NOTICE BE LIABLE FOR ANY CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL
+ DAMAGES, OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS,
+ WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
+ OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THE DATA FILES OR
+ SOFTWARE.
+ .
+ Except as contained in this notice, the name of a copyright holder shall not
+ be used in advertising or otherwise to promote the sale, use or other dealings
+ in these Data Files or Software without prior written authorization of the
+ copyright holder.
diff --git a/debian/dh.pem b/debian/dh.pem
new file mode 100644
index 0000000..a734b90
--- /dev/null
+++ b/debian/dh.pem
@@ -0,0 +1,13 @@
+-----BEGIN DH PARAMETERS-----
+MIICCAKCAgEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb
+IlFKCHmONATd75UZs806QxswKwpt8l8UN0/hNW1tUcJF5IW1dmJefsb0TELppjft
+awv/XLb0Brft7jhr+1qJn6WunyQRfEsf5kkoZlHs5Fs9wgB8uKFjvwWY2kg2HFXT
+mmkWP6j9JM9fg2VdI9yjrZYcYvNWIIVSu57VKQdwlpZtZww1Tkq8mATxdGwIyhgh
+fDKQXkYuNs474553LBgOhgObJ4Oi7Aeij7XFXfBvTFLJ3ivL9pVYFxg5lUl86pVq
+5RXSJhiY+gUQFXKOWoqqxC2tMxcNBFB6M6hVIavfHLpk7PuFBFjb7wqK6nFXXQYM
+fbOXD4Wm4eTHq/WujNsJM9cejJTgSiVhnc7j0iYa0u5r8S/6BtmKCGTYdgJzPshq
+ZFIfKxgXeyAMu+EXV3phXWx3CYjAutlG4gjiT6B05asxQ9tb/OD9EI5LgtEgqSEI
+ARpyPBKnh+bXiHGaEL26WyaZwycYavTiPBqUaDS2FQvaJYPpyirUTOjbu8LbBN6O
++S6O/BQfvsqmKHxZR05rwF2ZspZPoJDDoiM7oYZRW+ftH2EpcM7i16+4G912IXBI
+HNAGkSfVsFqpk7TqmI2P3cGG/7fckKbAj030Nck0BjGZ//////////8CAQI=
+-----END DH PARAMETERS-----
diff --git a/debian/dovecot-core.NEWS b/debian/dovecot-core.NEWS
new file mode 100644
index 0000000..625a1bf
--- /dev/null
+++ b/debian/dovecot-core.NEWS
@@ -0,0 +1,181 @@
+dovecot (1:2.3.2-1) unstable; urgency=medium
+
+ Upgrading to the 2.3 series may require manual configuration changes.
+ Some settings have been removed, while others have had their defaults
+ changed. Please see
+
+ /usr/share/doc/dovecot-core/wiki/Upgrading.2.3.txt.gz
+
+ or the online version at
+
+ https://wiki2.dovecot.org/Upgrading/2.3
+
+ for more information and review your configuration accordingly.
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Sat, 24 Mar 2018 00:34:07 +0200
+
+dovecot (1:2.2.31-1) unstable; urgency=medium
+
+ TLS is now enabled by default, using the ssl-cert-snakeoil certificate
+ provided by the ssl-cert package. Upgrades from older versions will be
+ prompted to accept the new configuration and enable TLS. If you have already
+ configured TLS yourself, you'll most probably want to keep your settings
+ intact.
+
+ See /usr/share/doc/dovecot-core/README.Debian for more information on the
+ certificate's default location and how to install your own certificates.
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Sun, 25 Jun 2017 01:09:28 +0300
+
+dovecot (1:2.2.21-1) unstable; urgency=medium
+
+ This release disables the dovecot.socket systemd unit by default. The unit is
+ disabled only if the dovecot.service unit is already enabled, making sure
+ that dovecot will start on system boot. If you are upgrading dovecot and
+ previously relied on dovecot.socket and dovecot.service being both enabled,
+ please re-enable dovecot.socket manually using
+
+ systemctl enable dovecot.socket
+
+ Future package updates will not disable the socket unit again. For details
+ regarding this decision, please see Debian bugs #803915 and #814999.
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Fri, 19 Feb 2016 16:54:27 +0200
+
+dovecot (1:2.1.7-7) unstable; urgency=high
+
+ If you are upgrading from stable or the earlier 2.1.7 packages in testing,
+ you are advised to backup your configuration files before continuing.
+ Carefully read /usr/share/doc/dovecot-core/README.Debian.gz for important
+ information about problems that might affect your upgrade.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Mon, 04 Feb 2013 16:27:17 -0500
+
+dovecot (1:2.0.5-1) experimental; urgency=low
+
+ * A lot of settings have changed. Dovecot v2.0 can still use most of
+ the v1.x configuration files, but it logs a lot of warnings at
+ startup. A quick and easy way to convert your old config file to
+ v2.0 format is:
+
+ doveconf -n -c dovecot-1.conf > dovecot-2.conf
+
+ This command logs a warning about each obsolete setting it
+ converts to the new format. You can either go through the warnings
+ to figure out what changes exactly were done, or you can simply
+ trust doveconf and replace your old config with the newly
+ generated one.
+
+ * Dovecot uses two system users for internal purposes now by
+ default: "dovenull" and "dovecot". "dovenull" user is used by
+ completely untrustworthy processes, while "dovecot" user is used
+ for slightly more trusted processes.
+
+ * In conf.d/10-mail.conf, the default mail_location is set to
+ mbox:~/mail:INBOX=/var/mail/%u
+ This has to be set because Dovecots auto-detection of mailboxes fails
+ when a user has no mail. I tried to provide a reasonable default
+ but advanced users will certainly want to change this.
+
+ Related to this, you might see an error in the logs about dovecot not
+ being able to chgrp certain files. This is because the default user
+ mailboxes in Debian belong to group mail which dovecot is not part of
+ (nor should be.) The Debian package has been patched so that the error
+ will not be fatal but for a more permanent solution, see here:
+ http://wiki2.dovecot.org/Errors/ChgrpNoPerm for some discussion. Or
+ you can set mail_location (and the equivalent settings in your MDA) so
+ that mailboxes are in the users home directory.
+
+ * No more convert plugin, use dsync instead
+
+ * No more expire-tool, use doveadm expunge instead. Also expire
+ configuration is different.
+
+ * Post-login scripts are configured differently and need to be modified
+
+ * Quota warnings are configured differently and the script may need
+ to be modified (most environment settings like $USER are gone)
+
+ * Global ACL filenames now require namespace prefix (e.g. if you use
+ "INBOX." prefix, /etc/acls/foo needs to be renamed to
+ /etc/acls/INBOX.foo
+
+ * Maildir: Permissions for newly created mail files are no longer
+ copied from dovecot-shared file, but instead from the mail
+ directory (e.g. for "foo" mailbox, they're taken from
+ ~/Maildir/.foo directory)
+
+ * dbox: v2.0 format is slightly different, but backwards
+ compatible. The main problem is that v2.0 no longer supports
+ maildir-dbox hybrid resulting from "fast Maildir migration". If
+ you have any Maildir files in your dbox, you need to convert them
+ somehow (some examples). You might also consider using dsync to
+ get rid of the old unused metadata in your dbox files.
+
+
+ * Pre-login and post-login CAPABILITY reply is now
+ different. Dovecot expects clients to recognize new automatically
+ sent capabilities. This should work with all commonly used
+ clients, but some rarely used clients might have problems. Either
+ get the client fixed, or set imap_capability manually.
+
+ * ManageSieve protocol was assigned an official port by IANA:
+ 4190. This is used by Pigeonhole by default now. If you want to
+ listen also on the old 2000 port, see the example in
+ /usr/share/doc/dovecot-common/wiki/ManageSieve.Configuration.txt.gz
+
+ * deliver binary was renamed to dovecot-lda (but a symlink still
+ exists for now)
+
+ * deliver -n parameter was replaced by lda_mailbox_autocreate
+ setting. The default also changed to "no".
+
+ * deliver -s parameter was replaced by lda_mailbox_autosubscribe
+ setting. The default is "no", as before.
+
+ -- Marco Nenciarini <mnencia@debian.org> Mon, 18 Oct 2010 12:59:14 +0200
+
+dovecot (1:1.0.12-1) unstable; urgency=low
+
+ * mail_extra_groups=mail setting is often used insecurely to give Dovecot
+ access to create dotlocks to /var/mail directory. The setting has been
+ replaced by mail_privileged_group and mail_access_groups.
+ Read also: http://dovecot.org/list/dovecot/2008-March/029196.html
+
+ -- Fabio Tranchitella <kobold@debian.org> Thu, 06 Mar 2008 15:46:03 +0100
+
+dovecot (1.0.beta3-1) unstable; urgency=low
+
+ * Starting from this release, dovecot-lda is included in dovecot-common.
+ The previous executable deliver has been removed from the upstream
+ source package.
+ * Other new features recently added include
+ + vpopmail support
+ + quota support
+ + GSSAPI support
+ * All these new features mean there are some configuration file changes
+ please review the default /etc/dovecot/dovecot.conf and merge in any
+ new bits. (If you don't use any new features, your configuration should
+ remain compatible.)
+
+ -- Fabio Tranchitella <kobold@debian.org> Fri, 17 Feb 2006 17:05:37 +0000
+
+dovecot (1.0.alpha4-1) unstable; urgency=low
+
+ * This is the 1.0alpha branch. Once again there have been incompatible
+ changes to the syntax of /etc/dovecot/dovecot.conf.
+ * The dovecot-common package now includes the zlib plugin for compressed
+ mboxen. Make sure you have mail_use_modules=yes in imap and/or pop3
+ section in /etc/dovecot/dovecot.conf if you want to use this.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Wed, 20 Jul 2005 06:30:37 -0400
+
+dovecot (0.99.20050712-1) unstable; urgency=low
+
+ * This is the 1.0stable development branch. There have been major
+ changes and new features have been added so check your configuration
+ carefully. In particular, /etc/dovecot/dovecot-mysql.conf and
+ /etc/dovecot/dovecot-pgsql.conf have been replaced by
+ /etc/dovecot/dovecot-sql.conf .
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Wed, 20 Jul 2005 06:30:37 -0400
diff --git a/debian/dovecot-core.README.Debian b/debian/dovecot-core.README.Debian
new file mode 100644
index 0000000..e4fc73c
--- /dev/null
+++ b/debian/dovecot-core.README.Debian
@@ -0,0 +1,35 @@
+Dovecot Debian package
+======================
+
+Please refer to http://wiki2.dovecot.org for the full documentation of this
+package and its configuration.
+
+Note that the default value for mbox_write_locks differs between Debian and
+upstream Dovecot:
+ Debian: mbox_write_locks = "fnctl dotlock"
+ Dovecot: mbox_write_locks = "dotlock fnctl"
+
+TLS setup
+---------
+
+TLS is enabled by default on new installations. Dovecot will use the
+self-signed certificate provided by ssl-cert-snakeoil by default. The
+certificate and key are accessed via symbolic links in /etc/dovecot/private.
+
+If you wish to use your own certificates, feel free to replace the symbolic
+links in /etc/dovecot/private with the actual certificate/key of your
+preference, or place the certificate and key at the location of your preference
+and update /etc/dovecot/conf.d/10-ssl.conf accordingly.
+
+dovenull group
+--------------
+
+Upstream recommends that for security's sake, the dovenull user should belong
+to its own private group to which no one else belongs. Prior to 2.2.9-1, the
+dovenull user was in the nogroup group which contains other users. This has
+been rectified for new installs but upgraders should make the change
+themselves like this:
+
+# addgroup --system --group dovenull
+# usermod -g dovenull dovenull
+
diff --git a/debian/dovecot-core.bug-control b/debian/dovecot-core.bug-control
new file mode 100644
index 0000000..0002beb
--- /dev/null
+++ b/debian/dovecot-core.bug-control
@@ -0,0 +1 @@
+package-status: dovecot-common dovecot-core dovecot-dev dovecot-gssapi dovecot-imapd dovecot-ldap dovecot-lmtpd dovecot-managesieved dovecot-mysql dovecot-pgsql dovecot-pop3d dovecot-sieve dovecot-sqlite
diff --git a/debian/dovecot-core.bug-script b/debian/dovecot-core.bug-script
new file mode 100644
index 0000000..1bf1d19
--- /dev/null
+++ b/debian/dovecot-core.bug-script
@@ -0,0 +1,28 @@
+#!/bin/bash
+
+set -e
+
+pecho() {
+ echo "$@"
+ echo "$@"|sed 's/./-/g'
+}
+
+
+if [ -x /usr/bin/doveconf ]
+then
+ echo
+ cat <<-EOF
+ You can append "doveconf -n" output to the bug report. It will help the
+ maintainers to better understand your configuration.
+ It normally doesn't contain any sensitive information, but you should
+ review it before sending.
+ EOF
+ echo
+ yesno "Do you want to append \"doveconf -n\" output to your bug report? " yep
+ if [ "$REPLY" == yep ]
+ then
+ echo >&3
+ pecho "dovecot configuration" >&3
+ /usr/bin/doveconf -n >&3
+ fi
+fi
diff --git a/debian/dovecot-core.dirs b/debian/dovecot-core.dirs
new file mode 100644
index 0000000..b91716f
--- /dev/null
+++ b/debian/dovecot-core.dirs
@@ -0,0 +1,4 @@
+etc/dovecot/conf.d
+etc/dovecot/private
+usr/share/dovecot/protocols.d
+var/lib/dovecot
diff --git a/debian/dovecot-core.docs b/debian/dovecot-core.docs
new file mode 100644
index 0000000..5502ed8
--- /dev/null
+++ b/debian/dovecot-core.docs
@@ -0,0 +1,3 @@
+NEWS
+README
+TODO
diff --git a/debian/dovecot-core.dovecot.default b/debian/dovecot-core.dovecot.default
new file mode 100644
index 0000000..dee9239
--- /dev/null
+++ b/debian/dovecot-core.dovecot.default
@@ -0,0 +1,4 @@
+# /etc/default/dovecot
+
+# Set to '1' to allow Dovecot daemons to produce core dumps
+#ALLOW_COREDUMPS=1
diff --git a/debian/dovecot-core.dovecot.init b/debian/dovecot-core.dovecot.init
new file mode 100644
index 0000000..730c323
--- /dev/null
+++ b/debian/dovecot-core.dovecot.init
@@ -0,0 +1,185 @@
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: dovecot
+# Required-Start: $local_fs $remote_fs $network $syslog $time
+# Required-Stop: $local_fs $remote_fs $network $syslog
+# Should-Start: postgresql mysql slapd winbind nslcd
+# Should-Stop: postgresql mysql slapd winbind nslcd
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: Dovecot init script
+# Description: Init script for dovecot services
+### END INIT INFO
+
+# Author: Miquel van Smoorenburg <miquels@cistron.nl>.
+# Modified for Debian GNU/Linux
+# by Ian Murdock <imurdock@gnu.ai.mit.edu>.
+#
+
+# Do NOT "set -e"
+
+# PATH should only include /usr/* if it runs after the mountnfs.sh script
+PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
+DESC="IMAP/POP3 mail server"
+NAME=dovecot
+DAEMON=/usr/sbin/dovecot
+DAEMON_ARGS=""
+SCRIPTNAME=/etc/init.d/$NAME
+CONF=/etc/dovecot/${NAME}.conf
+
+# Read configuration variable file if it is present
+[ -r /etc/default/$NAME ] && . /etc/default/$NAME
+
+# Exit if the package is not installed
+[ -x "$DAEMON" ] || exit 0
+
+# Exit if the configuration file doesn't exist
+[ -f "$CONF" ] || exit 0
+
+# Exit if explicitly told to
+[ "$ENABLED" != "0" ] || exit 0
+
+# Allow core dumps if requested
+[ "$ALLOW_COREDUMPS" != "1" ] || ulimit -c unlimited
+
+# Define LSB log_* functions.
+# Depend on lsb-base (>= 3.0-6) to ensure that this file is present.
+. /lib/lsb/init-functions
+
+# conf file readable?
+if [ ! -r ${CONF} ]; then
+ log_daemon_msg "${CONF}: not readable" "$NAME" && log_end_msg 1;
+ exit 1;
+fi
+
+# dont check for inetd.conf if its not installed
+if [ -f /etc/inetd.conf ]; then
+ # The init script should do nothing if dovecot or another imap/pop3 server
+ # is being run from inetd, and dovecot is configured to run as an imap or
+ # pop3 service
+ for p in `sed -r "s/^ *(([^:]+|\[[^]]+]|\*):)?(pop3s?|imaps?)[ \t].*/\3/;t;d" \
+ /etc/inetd.conf`
+ do
+ for q in `doveconf -n -h protocols`
+ do
+ if [ $p = $q ]; then
+ log_daemon_msg "protocol ${p} configured both in inetd and in dovecot" "$NAME" && log_end_msg 1
+ exit 0
+ fi
+ done
+ done
+fi
+
+# determine the location of the PID file
+# override by setting base_dir in conf file or PIDBASE in /etc/defaults/$NAME
+PIDBASE=${PIDBASE:-`doveconf -n -c ${CONF} -h base_dir`}
+PIDFILE=${PIDBASE:-/var/run/dovecot}/master.pid
+
+#
+# Function that starts the daemon/service
+#
+do_start()
+{
+ # Return
+ # 0 if daemon has been started
+ # 1 if daemon was already running
+ # 2 if daemon could not be started
+ start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test -- -c ${CONF} > /dev/null \
+ || return 1
+ start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- -c ${CONF} \
+ $DAEMON_ARGS \
+ || return 2
+}
+
+#
+# Function that stops the daemon/service
+#
+do_stop()
+{
+ # Return
+ # 0 if daemon has been stopped
+ # 1 if daemon was already stopped
+ # 2 if daemon could not be stopped
+ # other if a failure occurred
+ start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE --name ${DAEMON##*/}
+ RETVAL="$?"
+ [ "$RETVAL" = 2 ] && return 2
+ # Wait for children to finish too if this is a daemon that forks
+ # and if the daemon is only ever run from this initscript.
+ # If the above conditions are not satisfied then add some other code
+ # that waits for the process to drop all resources that could be
+ # needed by services started subsequently. A last resort is to
+ # sleep for some time.
+ start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 --pidfile $PIDFILE --name ${DAEMON##*/}
+ [ "$?" = 2 ] && return 2
+ # Many daemons don't delete their pidfiles when they exit.
+ rm -f $PIDFILE
+ return "$RETVAL"
+}
+
+#
+# Function that sends a SIGHUP to the daemon/service
+#
+do_reload() {
+ #
+ # If the daemon can reload its configuration without
+ # restarting (for example, when it is sent a SIGHUP),
+ # then implement that here.
+ #
+ start-stop-daemon --stop --signal HUP --quiet --pidfile $PIDFILE --name $NAME
+ return 0
+}
+
+
+case "$1" in
+ start)
+ log_daemon_msg "Starting $DESC" "$NAME"
+ do_start
+ case "$?" in
+ 0|1) log_end_msg 0 ;;
+ 2) log_end_msg 1 ;;
+ esac
+ ;;
+ stop)
+ log_daemon_msg "Stopping $DESC" "$NAME"
+ do_stop
+ case "$?" in
+ 0|1) log_end_msg 0 ;;
+ 2) log_end_msg 1 ;;
+ esac
+ ;;
+ reload|force-reload)
+ log_daemon_msg "Reloading $DESC" "$NAME"
+ do_reload
+ log_end_msg $?
+ ;;
+ restart)
+ #
+ # If the "reload" option is implemented then remove the
+ # 'force-reload' alias
+ #
+ log_daemon_msg "Restarting $DESC" "$NAME"
+ do_stop
+ case "$?" in
+ 0|1)
+ do_start
+ case "$?" in
+ 0) log_end_msg 0 ;;
+ 1) log_end_msg 1 ;; # Old process is still running
+ *) log_end_msg 1 ;; # Failed to start
+ esac
+ ;;
+ *)
+ # Failed to stop
+ log_end_msg 1
+ ;;
+ esac
+ ;;
+ status)
+ status_of_proc -p $PIDFILE $DAEMON $NAME && exit 0 || exit $?
+ ;;
+ *)
+ echo "Usage: $SCRIPTNAME {start|stop|restart|force-reload|status}" >&2
+ exit 3
+ ;;
+esac
diff --git a/debian/dovecot-core.dovecot.pam b/debian/dovecot-core.dovecot.pam
new file mode 100644
index 0000000..3443434
--- /dev/null
+++ b/debian/dovecot-core.dovecot.pam
@@ -0,0 +1,6 @@
+#%PAM-1.0
+
+@include common-auth
+@include common-account
+@include common-session
+
diff --git a/debian/dovecot-core.examples b/debian/dovecot-core.examples
new file mode 100644
index 0000000..80af4bc
--- /dev/null
+++ b/debian/dovecot-core.examples
@@ -0,0 +1 @@
+src/plugins/fts/decode2text.sh
diff --git a/debian/dovecot-core.install b/debian/dovecot-core.install
new file mode 100644
index 0000000..d074ca8
--- /dev/null
+++ b/debian/dovecot-core.install
@@ -0,0 +1,5 @@
+debian/dh.pem usr/share/dovecot
+debian/dovecot-openssl.cnf usr/share/dovecot
+debian/maildirmake.dovecot usr/bin
+doc/example-config/*.conf* usr/share/dovecot
+doc/example-config/conf.d/*.conf* usr/share/dovecot/conf.d
diff --git a/debian/dovecot-core.lintian-overrides b/debian/dovecot-core.lintian-overrides
new file mode 100644
index 0000000..0869b84
--- /dev/null
+++ b/debian/dovecot-core.lintian-overrides
@@ -0,0 +1,73 @@
+# hardening flags are set and blhc succeeds; might need some investigation
+dovecot-core: hardening-no-fortify-functions [usr/lib/dovecot/auth]
+dovecot-core: hardening-no-fortify-functions [usr/lib/dovecot/config]
+dovecot-core: hardening-no-fortify-functions [usr/lib/dovecot/director]
+dovecot-core: hardening-no-fortify-functions [usr/lib/dovecot/gdbhelper]
+dovecot-core: hardening-no-fortify-functions [usr/lib/dovecot/libdovecot-login.so.0.0.0]
+dovecot-core: hardening-no-fortify-functions [usr/lib/dovecot/libdovecot-storage.so.0.0.0]
+dovecot-core: hardening-no-fortify-functions [usr/lib/dovecot/modules/lib20_fts_plugin.so]
+dovecot-core: hardening-no-fortify-functions [usr/lib/dovecot/modules/lib20_replication_plugin.so]
+dovecot-core: hardening-no-fortify-functions [usr/lib/dovecot/modules/lib90_old_stats_plugin.so]
+dovecot-core: hardening-no-fortify-functions [usr/lib/dovecot/modules/lib99_welcome_plugin.so]
+dovecot-core: hardening-no-fortify-functions [usr/lib/dovecot/script-login]
+dovecot-core: hardening-no-fortify-functions [usr/lib/dovecot/script]
+dovecot-core: hardening-no-fortify-functions [usr/lib/dovecot/xml2text]
+dovecot-core: package-contains-empty-directory [usr/share/dovecot/protocols.d/]
+dovecot-core: package-contains-empty-directory [usr/lib/dovecot/modules/dict/]
+dovecot-core: spelling-error-in-readme-debian dovenull dovenull (duplicate word) dovenull [usr/share/doc/dovecot-core/README.Debian]
+dovecot-core: library-not-linked-against-libc [usr/lib/dovecot/modules/old-stats/libold_stats_mail.so]
+dovecot-core: library-not-linked-against-libc [usr/lib/dovecot/modules/old-stats/libstats_auth.so]
+dovecot-core [armel]: library-not-linked-against-libc usr/lib/dovecot/modules/lib20_listescape_plugin.so
+# ignore internal libraries without dependency information
+dovecot-core: shared-library-lacks-prerequisites [usr/lib/dovecot/modules/lib20_listescape_plugin.so]
+dovecot-core: shared-library-lacks-prerequisites [usr/lib/dovecot/modules/settings/libpigeonhole_settings.so]
+# ignore extra man pages
+dovecot-core: spare-manual-page [usr/share/man/man1/deliver.1.gz]
+# keep all man pages in section 1 for now
+dovecot-core: manual-page-for-system-command [usr/sbin/dovecot]
+# ignore executable-in-usr-lib, maybe move to libexec at some point
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/aggregator]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/anvil]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/auth]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/checkpassword-reply]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/config]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/dict]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/director]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/dns-client]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/doveadm-server]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/dovecot-lda]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/gdbhelper]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/health-check.sh]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/indexer]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/indexer-worker]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/ipc]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/log]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/maildirlock]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/old-stats]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/quota-status]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/rawlog]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/replicator]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/script]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/script-login]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/stats]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/tcpwrap]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/xml2text]
+# ignore equal stub files
+dovecot-core: duplicate-files usr/share/doc/dovecot-core/wiki/Pigeonhole.ManageSieve.Install.txt usr/share/doc/dovecot-core/wiki/Plugins.Stats.txt
+# ignore stopwords txt files not in /usr/share/doc
+dovecot-core: package-contains-documentation-outside-usr-share-doc [usr/share/dovecot/stopwords/stopwords_da.txt]
+dovecot-core: package-contains-documentation-outside-usr-share-doc [usr/share/dovecot/stopwords/stopwords_de.txt]
+dovecot-core: package-contains-documentation-outside-usr-share-doc [usr/share/dovecot/stopwords/stopwords_en.txt]
+dovecot-core: package-contains-documentation-outside-usr-share-doc [usr/share/dovecot/stopwords/stopwords_es.txt]
+dovecot-core: package-contains-documentation-outside-usr-share-doc [usr/share/dovecot/stopwords/stopwords_fi.txt]
+dovecot-core: package-contains-documentation-outside-usr-share-doc [usr/share/dovecot/stopwords/stopwords_fr.txt]
+dovecot-core: package-contains-documentation-outside-usr-share-doc [usr/share/dovecot/stopwords/stopwords_it.txt]
+dovecot-core: package-contains-documentation-outside-usr-share-doc [usr/share/dovecot/stopwords/stopwords_nl.txt]
+dovecot-core: package-contains-documentation-outside-usr-share-doc [usr/share/dovecot/stopwords/stopwords_no.txt]
+dovecot-core: package-contains-documentation-outside-usr-share-doc [usr/share/dovecot/stopwords/stopwords_pt.txt]
+dovecot-core: package-contains-documentation-outside-usr-share-doc [usr/share/dovecot/stopwords/stopwords_ro.txt]
+dovecot-core: package-contains-documentation-outside-usr-share-doc [usr/share/dovecot/stopwords/stopwords_ru.txt]
+dovecot-core: package-contains-documentation-outside-usr-share-doc [usr/share/dovecot/stopwords/stopwords_sv.txt]
+dovecot-core: package-contains-documentation-outside-usr-share-doc [usr/share/dovecot/stopwords/stopwords_tr.txt]
+# ulimit -c might be specified but is supported by bash and dash
+dovecot-core: bash-term-in-posix-shell '| ulimit' [etc/init.d/dovecot:43]
diff --git a/debian/dovecot-core.manpages b/debian/dovecot-core.manpages
new file mode 100644
index 0000000..926f5cc
--- /dev/null
+++ b/debian/dovecot-core.manpages
@@ -0,0 +1 @@
+debian/maildirmake.dovecot.1
diff --git a/debian/dovecot-core.postinst b/debian/dovecot-core.postinst
new file mode 100644
index 0000000..cb90f03
--- /dev/null
+++ b/debian/dovecot-core.postinst
@@ -0,0 +1,87 @@
+#!/bin/sh
+set -e
+
+if [ "$1" = "configure" ]; then
+ CONFFILES="dovecot.conf \
+ dovecot-dict-auth.conf.ext \
+ dovecot-dict-sql.conf.ext \
+ dovecot-sql.conf.ext \
+ conf.d/10-auth.conf \
+ conf.d/10-director.conf \
+ conf.d/10-logging.conf \
+ conf.d/10-mail.conf \
+ conf.d/10-master.conf \
+ conf.d/10-ssl.conf \
+ conf.d/10-tcpwrapper.conf \
+ conf.d/15-lda.conf \
+ conf.d/15-mailboxes.conf \
+ conf.d/90-acl.conf \
+ conf.d/90-plugin.conf \
+ conf.d/90-quota.conf \
+ conf.d/auth-checkpassword.conf.ext \
+ conf.d/auth-deny.conf.ext \
+ conf.d/auth-dict.conf.ext \
+ conf.d/auth-master.conf.ext \
+ conf.d/auth-passwdfile.conf.ext \
+ conf.d/auth-sql.conf.ext \
+ conf.d/auth-static.conf.ext \
+ conf.d/auth-system.conf.ext"
+
+ OLD_CONFFILES="conf.d/auth-vpopmail.conf.ext"
+
+ ## Users
+ #
+
+ adduser --system --group --home /usr/lib/dovecot --gecos "Dovecot mail server" \
+ --no-create-home --disabled-password --quiet dovecot || true
+
+ adduser --system --group --home /nonexistent --no-create-home --gecos "Dovecot login user" \
+ --disabled-password --quiet dovenull || true
+
+ for conffile in $CONFFILES ; do
+ # Tell ucf that the file in /usr/share/dovecot is the latest
+ # maintainer version, and let it handle how to manage the real
+ # configuration file in /etc/dovecot.
+ ucf --three-way "/usr/share/dovecot/$conffile" "/etc/dovecot/$conffile"
+ ucfr dovecot-core "/etc/dovecot/$conffile"
+ if [ "$conffile" != "dovecot.conf" ] && [ -f "/etc/dovecot/$conffile" ] &&
+ [ "$(echo "$conffile" | cut -b -7)" != "conf.d/" ]; then
+ chmod 0640 "/etc/dovecot/$conffile"
+ chgrp dovecot "/etc/dovecot/$conffile"
+ fi
+ done
+
+ for oldconffile in $OLD_CONFFILES ; do
+ if [ -e "/etc/dovecot/$oldconffile" ]; then
+ echo "Configuration file '/etc/dovecot/$oldconffile' is obsolete. Please remove."
+ ucf --purge "/etc/dovecot/$conffile"
+ ucfr --purge dovecot-core "/etc/dovecot/$conffile"
+ fi
+ done
+
+
+ if ! dpkg-statoverride --list /etc/dovecot/private >/dev/null; then
+ dpkg-statoverride --quiet --update --add root root 0700 /etc/dovecot/private
+ fi
+
+ # SSL configuration
+ # Use the ssl-cert-snakeoil certificate in the following cases:
+ # - On new installations
+ if [ -z "$2" ]; then
+ if [ ! -e /etc/dovecot/private/dovecot.key ] && \
+ [ ! -e /etc/dovecot/private/dovecot.pem ] && \
+ [ -e /etc/ssl/certs/ssl-cert-snakeoil.pem ] && \
+ [ -e /etc/ssl/private/ssl-cert-snakeoil.key ]; then
+ ln -s /etc/ssl/certs/ssl-cert-snakeoil.pem /etc/dovecot/private/dovecot.pem
+ ln -s /etc/ssl/private/ssl-cert-snakeoil.key /etc/dovecot/private/dovecot.key
+ fi
+ fi
+fi
+
+if [ "$1" = "triggered" ]; then
+ if [ -x "/etc/init.d/dovecot" ]; then
+ invoke-rc.d dovecot restart
+ fi
+fi
+
+#DEBHELPER#
diff --git a/debian/dovecot-core.postrm b/debian/dovecot-core.postrm
new file mode 100644
index 0000000..87f6d12
--- /dev/null
+++ b/debian/dovecot-core.postrm
@@ -0,0 +1,48 @@
+#!/bin/sh
+set -e
+
+if [ "$1" = "purge" ] ; then
+ for conffile in $(ucfq --with-colons dovecot-core | cut -d: -f1); do
+ # we mimic dpkg as closely as possible, so we remove configuration
+ # files with dpkg backup extensions too:
+ ### Some of the following is from Tore Anderson:
+ for ext in '~' '%' .bak .dpkg-tmp .dpkg-new .dpkg-old .dpkg-dist .ucf-new .ucf-old .ucf-dist; do
+ rm -f "$conffile$ext"
+ done
+ # remove the configuration file itself
+ rm -f "$conffile"
+ # and finally clear it out from the ucf database
+ if which ucf >/dev/null; then
+ ucf --purge "$conffile"
+ fi
+ if which ucfr >/dev/null; then
+ ucfr --purge dovecot-core "$conffile"
+ fi
+ done
+
+ userdel dovecot || true;
+ userdel dovenull || true;
+
+ if [ -d /run/dovecot ]; then
+ rm -rf /run/dovecot
+ fi
+
+ # Remove dovecot.pem and dovecot.key only if they are symlinks; otherwise
+ # we might remove CA-issued certificates that are difficult and/or
+ # expensive to replace.
+ for file in /etc/dovecot/private/dovecot.pem /etc/dovecot/private/dovecot.key; do
+ if [ -h "$file" ]; then
+ rm -f "$file"
+ else
+ echo "${file} is not a symbolic link, skipping removal." >&2
+ fi
+ done
+fi
+
+if [ "$1" = "triggered" ]; then
+ if [ -x "/etc/init.d/dovecot" ]; then
+ invoke-rc.d dovecot start
+ fi
+fi
+
+#DEBHELPER#
diff --git a/debian/dovecot-core.triggers b/debian/dovecot-core.triggers
new file mode 100644
index 0000000..9f8f2ff
--- /dev/null
+++ b/debian/dovecot-core.triggers
@@ -0,0 +1,2 @@
+interest-noawait register-dovecot-plugin
+interest-noawait /usr/lib/dovecot/modules
diff --git a/debian/dovecot-dev.README.Debian b/debian/dovecot-dev.README.Debian
new file mode 100644
index 0000000..cdcf38f
--- /dev/null
+++ b/debian/dovecot-dev.README.Debian
@@ -0,0 +1,10 @@
+/usr/share/dovecot/dovecot-abi contains that portion of DOVECOT_ABI_VERSION
+from configure.ac outside parentheses (i.e not including the package version.)
+It might look something like this:
+
+2.2.ABIv10
+
+...packages providing plugins for dovecot can use this information in their
+dependencies to avoid having to update every time there is a minor update to
+the dovecot package.
+
diff --git a/debian/dovecot-dev.lintian-overrides b/debian/dovecot-dev.lintian-overrides
new file mode 100644
index 0000000..1d459c2
--- /dev/null
+++ b/debian/dovecot-dev.lintian-overrides
@@ -0,0 +1,2 @@
+# plugins probably need the package name
+dovecot-dev: package-name-defined-in-config-h usr/include/dovecot/config.h
diff --git a/debian/dovecot-gssapi.links b/debian/dovecot-gssapi.links
new file mode 100644
index 0000000..dde94f9
--- /dev/null
+++ b/debian/dovecot-gssapi.links
@@ -0,0 +1 @@
+/usr/share/bug/dovecot-core /usr/share/bug/dovecot-gssapi
diff --git a/debian/dovecot-imapd.links b/debian/dovecot-imapd.links
new file mode 100644
index 0000000..d0fb029
--- /dev/null
+++ b/debian/dovecot-imapd.links
@@ -0,0 +1 @@
+/usr/share/bug/dovecot-core /usr/share/bug/dovecot-imapd
diff --git a/debian/dovecot-imapd.lintian-overrides b/debian/dovecot-imapd.lintian-overrides
new file mode 100644
index 0000000..dc26e0d
--- /dev/null
+++ b/debian/dovecot-imapd.lintian-overrides
@@ -0,0 +1,2 @@
+# hardening flags are set and blhc succeeds; might need some investigation
+dovecot-imapd: hardening-no-fortify-functions [usr/lib/dovecot/imap]
diff --git a/debian/dovecot-imapd.postinst b/debian/dovecot-imapd.postinst
new file mode 100644
index 0000000..d85113f
--- /dev/null
+++ b/debian/dovecot-imapd.postinst
@@ -0,0 +1,19 @@
+#!/bin/sh
+
+set -e
+
+if [ "$1" = "configure" ]; then
+ CONFFILES="conf.d/20-imap.conf"
+
+ for conffile in $CONFFILES ; do
+ # Tell ucf that the file in /usr/share/dovecot is the latest
+ # maintainer version, and let it handle how to manage the real
+ # configuration file in /etc/dovecot.
+ ucf --three-way "/usr/share/dovecot/$conffile" "/etc/dovecot/$conffile"
+ ucfr dovecot-imapd "/etc/dovecot/$conffile"
+ done
+
+ echo 'protocols = $protocols imap' > /usr/share/dovecot/protocols.d/imapd.protocol
+fi
+
+#DEBHELPER#
diff --git a/debian/dovecot-imapd.postrm b/debian/dovecot-imapd.postrm
new file mode 100644
index 0000000..dcaaeaf
--- /dev/null
+++ b/debian/dovecot-imapd.postrm
@@ -0,0 +1,29 @@
+#!/bin/sh
+set -e
+
+if [ "$1" = "purge" ] ; then
+ for conffile in $(ucfq --with-colons dovecot-imapd | cut -d: -f1); do
+ # we mimic dpkg as closely as possible, so we remove configuration
+ # files with dpkg backup extensions too:
+ ### Some of the following is from Tore Anderson:
+ for ext in '~' '%' .bak .dpkg-tmp .dpkg-new .dpkg-old .dpkg-dist .ucf-new .ucf-old .ucf-dist; do
+ rm -f "$conffile$ext"
+ done
+ # remove the configuration file itself
+ rm -f "$conffile"
+ # and finally clear it out from the ucf database
+ if which ucf >/dev/null; then
+ ucf --purge "$conffile"
+ fi
+ if which ucfr >/dev/null; then
+ ucfr --purge dovecot-imapd "$conffile"
+ fi
+ done
+
+fi
+
+if [ "$1" = "purge" ] || [ "$1" = "remove" ]; then
+ rm -f /usr/share/dovecot/protocols.d/imapd.protocol
+fi
+
+#DEBHELPER#
diff --git a/debian/dovecot-imapd.prerm b/debian/dovecot-imapd.prerm
new file mode 100644
index 0000000..2ad0a1f
--- /dev/null
+++ b/debian/dovecot-imapd.prerm
@@ -0,0 +1,12 @@
+#!/bin/sh
+set -e
+
+if [ -d /run/systemd/system ]; then
+ deb-systemd-invoke stop dovecot.socket || true
+fi
+
+if [ -x "/etc/init.d/dovecot" ]; then
+ invoke-rc.d dovecot stop
+fi
+
+#DEBHELPER#
diff --git a/debian/dovecot-imapd.triggers b/debian/dovecot-imapd.triggers
new file mode 100644
index 0000000..a71d0af
--- /dev/null
+++ b/debian/dovecot-imapd.triggers
@@ -0,0 +1 @@
+activate-noawait register-dovecot-plugin
diff --git a/debian/dovecot-imapd.ufw.profile b/debian/dovecot-imapd.ufw.profile
new file mode 100644
index 0000000..17db05c
--- /dev/null
+++ b/debian/dovecot-imapd.ufw.profile
@@ -0,0 +1,11 @@
+[Dovecot IMAP]
+title=Secure mail server (IMAP)
+description=Dovecot is a mail server whose major goals are security and extreme
+ reliability.
+ports=143/tcp
+
+[Dovecot Secure IMAP]
+title=Secure mail server (IMAPS)
+description=Dovecot is a mail server whose major goals are security and extreme
+ reliability.
+ports=993/tcp
diff --git a/debian/dovecot-ldap.links b/debian/dovecot-ldap.links
new file mode 100644
index 0000000..0f3fcdb
--- /dev/null
+++ b/debian/dovecot-ldap.links
@@ -0,0 +1 @@
+/usr/share/bug/dovecot-core /usr/share/bug/dovecot-ldap
diff --git a/debian/dovecot-ldap.postinst b/debian/dovecot-ldap.postinst
new file mode 100644
index 0000000..d259966
--- /dev/null
+++ b/debian/dovecot-ldap.postinst
@@ -0,0 +1,22 @@
+#!/bin/sh
+
+set -e
+
+if [ "$1" = "configure" ]; then
+ CONFFILES="dovecot-ldap.conf.ext
+ conf.d/auth-ldap.conf.ext"
+
+ for conffile in $CONFFILES ; do
+ # Tell ucf that the file in /usr/share/dovecot is the latest
+ # maintainer version, and let it handle how to manage the real
+ # configuration file in /etc/dovecot.
+ ucf --three-way "/usr/share/dovecot/$conffile" "/etc/dovecot/$conffile"
+ ucfr dovecot-ldap "/etc/dovecot/$conffile"
+ if [ "$conffile" != "dovecot.conf" ] && [ -f "/etc/dovecot/$conffile" ] &&
+ [ "$(echo "$conffile" | cut -b -7)" != "conf.d/" ]; then
+ chmod 0600 "/etc/dovecot/$conffile"
+ fi
+ done
+fi
+
+#DEBHELPER#
diff --git a/debian/dovecot-ldap.postrm b/debian/dovecot-ldap.postrm
new file mode 100644
index 0000000..d0405ad
--- /dev/null
+++ b/debian/dovecot-ldap.postrm
@@ -0,0 +1,27 @@
+#!/bin/sh
+set -e
+
+if [ "$1" = "purge" ] ; then
+ CONFFILES="/etc/dovecot/dovecot-ldap.conf.ext \
+ /etc/dovecot/conf.d/auth-ldap.conf.ext"
+
+ for conffile in $CONFFILES; do
+ # we mimic dpkg as closely as possible, so we remove configuration
+ # files with dpkg backup extensions too:
+ ### Some of the following is from Tore Anderson:
+ for ext in '~' '%' .bak .dpkg-tmp .dpkg-new .dpkg-old .dpkg-dist .ucf-new .ucf-old .ucf-dist; do
+ rm -f "$conffile$ext"
+ done
+ # remove the configuration file itself
+ rm -f "$conffile"
+ # and finally clear it out from the ucf database
+ if which ucf >/dev/null; then
+ ucf --purge "$conffile"
+ fi
+ if which ucfr >/dev/null; then
+ ucfr --purge dovecot-ldap "$conffile"
+ fi
+ done
+fi
+
+#DEBHELPER#
diff --git a/debian/dovecot-ldap.triggers b/debian/dovecot-ldap.triggers
new file mode 100644
index 0000000..903b9e7
--- /dev/null
+++ b/debian/dovecot-ldap.triggers
@@ -0,0 +1,2 @@
+activate-noawait register-dovecot-plugin
+
diff --git a/debian/dovecot-lmtpd.links b/debian/dovecot-lmtpd.links
new file mode 100644
index 0000000..bc95bf0
--- /dev/null
+++ b/debian/dovecot-lmtpd.links
@@ -0,0 +1 @@
+/usr/share/bug/dovecot-core /usr/share/bug/dovecot-lmtpd
diff --git a/debian/dovecot-lmtpd.postinst b/debian/dovecot-lmtpd.postinst
new file mode 100644
index 0000000..b46d47f
--- /dev/null
+++ b/debian/dovecot-lmtpd.postinst
@@ -0,0 +1,19 @@
+#!/bin/sh
+
+set -e
+
+if [ "$1" = "configure" ]; then
+ CONFFILES="conf.d/20-lmtp.conf"
+
+ for conffile in $CONFFILES ; do
+ # Tell ucf that the file in /usr/share/dovecot is the latest
+ # maintainer version, and let it handle how to manage the real
+ # configuration file in /etc/dovecot.
+ ucf --three-way "/usr/share/dovecot/$conffile" "/etc/dovecot/$conffile"
+ ucfr dovecot-lmtpd "/etc/dovecot/$conffile"
+ done
+
+ echo 'protocols = $protocols lmtp' > /usr/share/dovecot/protocols.d/lmtpd.protocol
+fi
+
+#DEBHELPER#
diff --git a/debian/dovecot-lmtpd.postrm b/debian/dovecot-lmtpd.postrm
new file mode 100644
index 0000000..f0b9920
--- /dev/null
+++ b/debian/dovecot-lmtpd.postrm
@@ -0,0 +1,29 @@
+#!/bin/sh
+set -e
+
+if [ "$1" = "purge" ] ; then
+ for conffile in $(ucfq --with-colons dovecot-lmtpd | cut -d: -f1); do
+ # we mimic dpkg as closely as possible, so we remove configuration
+ # files with dpkg backup extensions too:
+ ### Some of the following is from Tore Anderson:
+ for ext in '~' '%' .bak .dpkg-tmp .dpkg-new .dpkg-old .dpkg-dist .ucf-new .ucf-old .ucf-dist; do
+ rm -f "$conffile$ext"
+ done
+ # remove the configuration file itself
+ rm -f "$conffile"
+ # and finally clear it out from the ucf database
+ if which ucf >/dev/null; then
+ ucf --purge "$conffile"
+ fi
+ if which ucfr >/dev/null; then
+ ucfr --purge dovecot-lmtpd "$conffile"
+ fi
+ done
+
+fi
+
+if [ "$1" = "purge" ] || [ "$1" = "remove" ]; then
+ rm -f /usr/share/dovecot/protocols.d/lmtpd.protocol
+fi
+
+#DEBHELPER#
diff --git a/debian/dovecot-lmtpd.prerm b/debian/dovecot-lmtpd.prerm
new file mode 100644
index 0000000..2ad0a1f
--- /dev/null
+++ b/debian/dovecot-lmtpd.prerm
@@ -0,0 +1,12 @@
+#!/bin/sh
+set -e
+
+if [ -d /run/systemd/system ]; then
+ deb-systemd-invoke stop dovecot.socket || true
+fi
+
+if [ -x "/etc/init.d/dovecot" ]; then
+ invoke-rc.d dovecot stop
+fi
+
+#DEBHELPER#
diff --git a/debian/dovecot-lmtpd.triggers b/debian/dovecot-lmtpd.triggers
new file mode 100644
index 0000000..903b9e7
--- /dev/null
+++ b/debian/dovecot-lmtpd.triggers
@@ -0,0 +1,2 @@
+activate-noawait register-dovecot-plugin
+
diff --git a/debian/dovecot-managesieved.README.Debian b/debian/dovecot-managesieved.README.Debian
new file mode 100644
index 0000000..6c6aa4a
--- /dev/null
+++ b/debian/dovecot-managesieved.README.Debian
@@ -0,0 +1,17 @@
+Removing dovecot-managesieved
+-----------------------------
+
+If you remove (i.e. with dpkg -r or aptitude remove) this package you will
+get an error something like this:
+
+doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf:
+service(managesieve-login): executable is empty
+
+To avoid it, make sure
+/etc/dovecot/conf.d/etc/dovecot/conf.d/20-managesieve.conf has been deleted,
+moved or completely commented out first. Alternatively, purge the package
+instead of removing it.
+
+If you do not do this, dovecot-core will be left in an unconfigured state
+because the error will cause a trigger to fail. To fix this simply reinstall
+dovecot-core.
diff --git a/debian/dovecot-managesieved.install b/debian/dovecot-managesieved.install
new file mode 100644
index 0000000..14e7229
--- /dev/null
+++ b/debian/dovecot-managesieved.install
@@ -0,0 +1 @@
+pigeonhole/doc/example-config/conf.d/??-managesieve* usr/share/dovecot/conf.d
diff --git a/debian/dovecot-managesieved.links b/debian/dovecot-managesieved.links
new file mode 100644
index 0000000..9f3ea79
--- /dev/null
+++ b/debian/dovecot-managesieved.links
@@ -0,0 +1 @@
+/usr/share/bug/dovecot-core /usr/share/bug/dovecot-managesieved
diff --git a/debian/dovecot-managesieved.lintian-overrides b/debian/dovecot-managesieved.lintian-overrides
new file mode 100644
index 0000000..1bee443
--- /dev/null
+++ b/debian/dovecot-managesieved.lintian-overrides
@@ -0,0 +1 @@
+dovecot-managesieved: shared-library-lacks-prerequisites [usr/lib/dovecot/modules/settings/libmanagesieve_settings.so]
diff --git a/debian/dovecot-managesieved.postinst b/debian/dovecot-managesieved.postinst
new file mode 100644
index 0000000..cd43369
--- /dev/null
+++ b/debian/dovecot-managesieved.postinst
@@ -0,0 +1,19 @@
+#!/bin/sh
+
+set -e
+
+if [ "$1" = "configure" ]; then
+ CONFFILES="conf.d/20-managesieve.conf"
+
+ for conffile in $CONFFILES ; do
+ # Tell ucf that the file in /usr/share/dovecot is the latest
+ # maintainer version, and let it handle how to manage the real
+ # configuration file in /etc/dovecot.
+ ucf --three-way "/usr/share/dovecot/$conffile" "/etc/dovecot/$conffile"
+ ucfr dovecot-managesieved "/etc/dovecot/$conffile"
+ done
+
+ echo 'protocols = $protocols sieve' > /usr/share/dovecot/protocols.d/managesieved.protocol
+fi
+
+#DEBHELPER#
diff --git a/debian/dovecot-managesieved.postrm b/debian/dovecot-managesieved.postrm
new file mode 100644
index 0000000..f464ccf
--- /dev/null
+++ b/debian/dovecot-managesieved.postrm
@@ -0,0 +1,29 @@
+#!/bin/sh
+set -e
+
+if [ "$1" = "purge" ] ; then
+ for conffile in $(ucfq --with-colons dovecot-managesieved | cut -d: -f1); do
+ # we mimic dpkg as closely as possible, so we remove configuration
+ # files with dpkg backup extensions too:
+ ### Some of the following is from Tore Anderson:
+ for ext in '~' '%' .bak .dpkg-tmp .dpkg-new .dpkg-old .dpkg-dist .ucf-new .ucf-old .ucf-dist; do
+ rm -f "$conffile$ext"
+ done
+ # remove the configuration file itself
+ rm -f "$conffile"
+ # and finally clear it out from the ucf database
+ if which ucf >/dev/null; then
+ ucf --purge "$conffile"
+ fi
+ if which ucfr >/dev/null; then
+ ucfr --purge dovecot-managesieved "$conffile"
+ fi
+ done
+
+fi
+
+if [ "$1" = "purge" ] || [ "$1" = "remove" ]; then
+ rm -f /usr/share/dovecot/protocols.d/managesieved.protocol
+fi
+
+#DEBHELPER#
diff --git a/debian/dovecot-managesieved.prerm b/debian/dovecot-managesieved.prerm
new file mode 100644
index 0000000..2ad0a1f
--- /dev/null
+++ b/debian/dovecot-managesieved.prerm
@@ -0,0 +1,12 @@
+#!/bin/sh
+set -e
+
+if [ -d /run/systemd/system ]; then
+ deb-systemd-invoke stop dovecot.socket || true
+fi
+
+if [ -x "/etc/init.d/dovecot" ]; then
+ invoke-rc.d dovecot stop
+fi
+
+#DEBHELPER#
diff --git a/debian/dovecot-managesieved.triggers b/debian/dovecot-managesieved.triggers
new file mode 100644
index 0000000..903b9e7
--- /dev/null
+++ b/debian/dovecot-managesieved.triggers
@@ -0,0 +1,2 @@
+activate-noawait register-dovecot-plugin
+
diff --git a/debian/dovecot-mysql.links b/debian/dovecot-mysql.links
new file mode 100644
index 0000000..321547d
--- /dev/null
+++ b/debian/dovecot-mysql.links
@@ -0,0 +1 @@
+/usr/share/bug/dovecot-core /usr/share/bug/dovecot-mysql
diff --git a/debian/dovecot-mysql.triggers b/debian/dovecot-mysql.triggers
new file mode 100644
index 0000000..903b9e7
--- /dev/null
+++ b/debian/dovecot-mysql.triggers
@@ -0,0 +1,2 @@
+activate-noawait register-dovecot-plugin
+
diff --git a/debian/dovecot-openssl.cnf b/debian/dovecot-openssl.cnf
new file mode 100644
index 0000000..90bf50c
--- /dev/null
+++ b/debian/dovecot-openssl.cnf
@@ -0,0 +1,23 @@
+#
+# SSLeay configuration file for Dovecot.
+#
+
+RANDFILE = /dev/urandom
+
+[ req ]
+default_bits = 2048
+default_keyfile = privkey.pem
+distinguished_name = req_distinguished_name
+prompt = no
+policy = policy_anything
+req_extensions = v3_req
+x509_extensions = v3_req
+
+[ req_distinguished_name ]
+organizationName = Dovecot mail server
+organizationalUnitName = @commonName@
+commonName = @commonName@
+emailAddress = @emailAddress@
+
+[ v3_req ]
+basicConstraints = CA:FALSE
diff --git a/debian/dovecot-pgsql.links b/debian/dovecot-pgsql.links
new file mode 100644
index 0000000..9b4831f
--- /dev/null
+++ b/debian/dovecot-pgsql.links
@@ -0,0 +1 @@
+/usr/share/bug/dovecot-core /usr/share/bug/dovecot-pgsql
diff --git a/debian/dovecot-pgsql.triggers b/debian/dovecot-pgsql.triggers
new file mode 100644
index 0000000..903b9e7
--- /dev/null
+++ b/debian/dovecot-pgsql.triggers
@@ -0,0 +1,2 @@
+activate-noawait register-dovecot-plugin
+
diff --git a/debian/dovecot-pop3d.links b/debian/dovecot-pop3d.links
new file mode 100644
index 0000000..24ce7f6
--- /dev/null
+++ b/debian/dovecot-pop3d.links
@@ -0,0 +1 @@
+/usr/share/bug/dovecot-core /usr/share/bug/dovecot-pop3d
diff --git a/debian/dovecot-pop3d.postinst b/debian/dovecot-pop3d.postinst
new file mode 100644
index 0000000..dd11a14
--- /dev/null
+++ b/debian/dovecot-pop3d.postinst
@@ -0,0 +1,19 @@
+#!/bin/sh
+
+set -e
+
+if [ "$1" = "configure" ]; then
+ CONFFILES="conf.d/20-pop3.conf"
+
+ for conffile in $CONFFILES ; do
+ # Tell ucf that the file in /usr/share/dovecot is the latest
+ # maintainer version, and let it handle how to manage the real
+ # configuration file in /etc/dovecot.
+ ucf --three-way "/usr/share/dovecot/$conffile" "/etc/dovecot/$conffile"
+ ucfr dovecot-pop3d "/etc/dovecot/$conffile"
+ done
+
+ echo 'protocols = $protocols pop3' > /usr/share/dovecot/protocols.d/pop3d.protocol
+fi
+
+#DEBHELPER#
diff --git a/debian/dovecot-pop3d.postrm b/debian/dovecot-pop3d.postrm
new file mode 100644
index 0000000..0c858f1
--- /dev/null
+++ b/debian/dovecot-pop3d.postrm
@@ -0,0 +1,29 @@
+#!/bin/sh
+set -e
+
+if [ "$1" = "purge" ] ; then
+ for conffile in $(ucfq --with-colons dovecot-pop3d | cut -d: -f1); do
+ # we mimic dpkg as closely as possible, so we remove configuration
+ # files with dpkg backup extensions too:
+ ### Some of the following is from Tore Anderson:
+ for ext in '~' '%' .bak .dpkg-tmp .dpkg-new .dpkg-old .dpkg-dist .ucf-new .ucf-old .ucf-dist; do
+ rm -f "$conffile$ext"
+ done
+ # remove the configuration file itself
+ rm -f "$conffile"
+ # and finally clear it out from the ucf database
+ if which ucf >/dev/null; then
+ ucf --purge "$conffile"
+ fi
+ if which ucfr >/dev/null; then
+ ucfr --purge dovecot-pop3d "$conffile"
+ fi
+ done
+
+fi
+
+if [ "$1" = "purge" ] || [ "$1" = "remove" ]; then
+ rm -f /usr/share/dovecot/protocols.d/pop3d.protocol
+fi
+
+#DEBHELPER#
diff --git a/debian/dovecot-pop3d.prerm b/debian/dovecot-pop3d.prerm
new file mode 100644
index 0000000..2ad0a1f
--- /dev/null
+++ b/debian/dovecot-pop3d.prerm
@@ -0,0 +1,12 @@
+#!/bin/sh
+set -e
+
+if [ -d /run/systemd/system ]; then
+ deb-systemd-invoke stop dovecot.socket || true
+fi
+
+if [ -x "/etc/init.d/dovecot" ]; then
+ invoke-rc.d dovecot stop
+fi
+
+#DEBHELPER#
diff --git a/debian/dovecot-pop3d.triggers b/debian/dovecot-pop3d.triggers
new file mode 100644
index 0000000..903b9e7
--- /dev/null
+++ b/debian/dovecot-pop3d.triggers
@@ -0,0 +1,2 @@
+activate-noawait register-dovecot-plugin
+
diff --git a/debian/dovecot-pop3d.ufw.profile b/debian/dovecot-pop3d.ufw.profile
new file mode 100644
index 0000000..a46df40
--- /dev/null
+++ b/debian/dovecot-pop3d.ufw.profile
@@ -0,0 +1,11 @@
+[Dovecot POP3]
+title=Secure mail server (POP3)
+description=Dovecot is a mail server whose major goals are security and extreme
+ reliability.
+ports=110/tcp
+
+[Dovecot Secure POP3]
+title=Secure mail server (POP3S)
+description=Dovecot is a mail server whose major goals are security and extreme
+ reliability.
+ports=995/tcp
diff --git a/debian/dovecot-sieve.install b/debian/dovecot-sieve.install
new file mode 100644
index 0000000..48ff1e0
--- /dev/null
+++ b/debian/dovecot-sieve.install
@@ -0,0 +1,2 @@
+pigeonhole/doc/example-config/conf.d/*-sieve-extprograms.conf usr/share/dovecot/conf.d
+pigeonhole/doc/example-config/conf.d/*-sieve.conf usr/share/dovecot/conf.d
diff --git a/debian/dovecot-sieve.links b/debian/dovecot-sieve.links
new file mode 100644
index 0000000..971b50a
--- /dev/null
+++ b/debian/dovecot-sieve.links
@@ -0,0 +1 @@
+/usr/share/bug/dovecot-core /usr/share/bug/dovecot-sieve
diff --git a/debian/dovecot-sieve.lintian-overrides b/debian/dovecot-sieve.lintian-overrides
new file mode 100644
index 0000000..840cfef
--- /dev/null
+++ b/debian/dovecot-sieve.lintian-overrides
@@ -0,0 +1,4 @@
+# ignore internal library without dependency information
+dovecot-sieve: shared-library-lacks-prerequisites [usr/lib/dovecot/modules/sieve/lib90_sieve_imapsieve_plugin.so]
+# alias for sieve-dump
+dovecot-sieve: spare-manual-page [usr/share/man/man1/sieved.1.gz]
diff --git a/debian/dovecot-sieve.postinst b/debian/dovecot-sieve.postinst
new file mode 100644
index 0000000..6fb5244
--- /dev/null
+++ b/debian/dovecot-sieve.postinst
@@ -0,0 +1,18 @@
+#!/bin/sh
+
+set -e
+
+if [ "$1" = "configure" ]; then
+ CONFFILES="conf.d/90-sieve.conf \
+ conf.d/90-sieve-extprograms.conf"
+
+ for conffile in $CONFFILES ; do
+ # Tell ucf that the file in /usr/share/dovecot is the latest
+ # maintainer version, and let it handle how to manage the real
+ # configuration file in /etc/dovecot.
+ ucf --three-way "/usr/share/dovecot/$conffile" "/etc/dovecot/$conffile"
+ ucfr dovecot-sieve "/etc/dovecot/$conffile"
+ done
+fi
+
+#DEBHELPER#
diff --git a/debian/dovecot-sieve.postrm b/debian/dovecot-sieve.postrm
new file mode 100644
index 0000000..db48cfc
--- /dev/null
+++ b/debian/dovecot-sieve.postrm
@@ -0,0 +1,24 @@
+#!/bin/sh
+set -e
+
+if [ "$1" = "purge" ] ; then
+ for conffile in $(ucfq --with-colons dovecot-sieve | cut -d: -f1); do
+ # we mimic dpkg as closely as possible, so we remove configuration
+ # files with dpkg backup extensions too:
+ ### Some of the following is from Tore Anderson:
+ for ext in '~' '%' .bak .dpkg-tmp .dpkg-new .dpkg-old .dpkg-dist .ucf-new .ucf-old .ucf-dist; do
+ rm -f "$conffile$ext"
+ done
+ # remove the configuration file itself
+ rm -f "$conffile"
+ # and finally clear it out from the ucf database
+ if which ucf >/dev/null; then
+ ucf --purge "$conffile"
+ fi
+ if which ucfr >/dev/null; then
+ ucfr --purge dovecot-sieve "$conffile"
+ fi
+ done
+fi
+
+#DEBHELPER#
diff --git a/debian/dovecot-sieve.triggers b/debian/dovecot-sieve.triggers
new file mode 100644
index 0000000..903b9e7
--- /dev/null
+++ b/debian/dovecot-sieve.triggers
@@ -0,0 +1,2 @@
+activate-noawait register-dovecot-plugin
+
diff --git a/debian/dovecot-solr.README.Debian b/debian/dovecot-solr.README.Debian
new file mode 100644
index 0000000..deaf3e3
--- /dev/null
+++ b/debian/dovecot-solr.README.Debian
@@ -0,0 +1,2 @@
+After installing this package, the solr XML schema can be found in
+/usr/share/dovecot/solr-schema.xml
diff --git a/debian/dovecot-solr.install b/debian/dovecot-solr.install
new file mode 100644
index 0000000..bb8b6e8
--- /dev/null
+++ b/debian/dovecot-solr.install
@@ -0,0 +1 @@
+doc/solr-schema.xml usr/share/dovecot
diff --git a/debian/dovecot-solr.links b/debian/dovecot-solr.links
new file mode 100644
index 0000000..7536822
--- /dev/null
+++ b/debian/dovecot-solr.links
@@ -0,0 +1 @@
+/usr/share/bug/dovecot-core /usr/share/bug/dovecot-solr
diff --git a/debian/dovecot-solr.triggers b/debian/dovecot-solr.triggers
new file mode 100644
index 0000000..903b9e7
--- /dev/null
+++ b/debian/dovecot-solr.triggers
@@ -0,0 +1,2 @@
+activate-noawait register-dovecot-plugin
+
diff --git a/debian/dovecot-sqlite.links b/debian/dovecot-sqlite.links
new file mode 100644
index 0000000..2204ea7
--- /dev/null
+++ b/debian/dovecot-sqlite.links
@@ -0,0 +1 @@
+/usr/share/bug/dovecot-core /usr/share/bug/dovecot-sqlite
diff --git a/debian/dovecot-sqlite.triggers b/debian/dovecot-sqlite.triggers
new file mode 100644
index 0000000..903b9e7
--- /dev/null
+++ b/debian/dovecot-sqlite.triggers
@@ -0,0 +1,2 @@
+activate-noawait register-dovecot-plugin
+
diff --git a/debian/dovecot-submissiond.postinst b/debian/dovecot-submissiond.postinst
new file mode 100644
index 0000000..6fbf1ef
--- /dev/null
+++ b/debian/dovecot-submissiond.postinst
@@ -0,0 +1,23 @@
+#!/bin/sh
+
+set -e
+
+if [ "$1" = "configure" ]; then
+ CONFFILES="conf.d/20-submission.conf"
+
+ for conffile in $CONFFILES ; do
+ # Tell ucf that the file in /usr/share/dovecot is the latest
+ # maintainer version, and let it handle how to manage the real
+ # configuration file in /etc/dovecot.
+ ucf --three-way "/usr/share/dovecot/$conffile" "/etc/dovecot/$conffile"
+ # Use --force to allow hijacking the file from dovecot-submission
+ ucfr --force dovecot-submissiond "/etc/dovecot/$conffile"
+ done
+
+ if [ -f /usr/share/dovecot/protocols.d/submission.protocol ]; then
+ rm -f /usr/share/dovecot/protocols.d/submission.protocol
+ fi
+ echo 'protocols = $protocols submission' > /usr/share/dovecot/protocols.d/submissiond.protocol
+fi
+
+#DEBHELPER#
diff --git a/debian/dovecot-submissiond.postrm b/debian/dovecot-submissiond.postrm
new file mode 100644
index 0000000..eaea028
--- /dev/null
+++ b/debian/dovecot-submissiond.postrm
@@ -0,0 +1,29 @@
+#!/bin/sh
+set -e
+
+if [ "$1" = "purge" ] ; then
+ for conffile in $(ucfq --with-colons dovecot-submissiond | cut -d: -f1); do
+ # we mimic dpkg as closely as possible, so we remove configuration
+ # files with dpkg backup extensions too:
+ ### Some of the following is from Tore Anderson:
+ for ext in '~' '%' .bak .dpkg-tmp .dpkg-new .dpkg-old .dpkg-dist .ucf-new .ucf-old .ucf-dist; do
+ rm -f "$conffile$ext"
+ done
+ # remove the configuration file itself
+ rm -f "$conffile"
+ # and finally clear it out from the ucf database
+ if which ucf >/dev/null; then
+ ucf --purge "$conffile"
+ fi
+ if which ucfr >/dev/null; then
+ ucfr --purge dovecot-submissiond "$conffile"
+ fi
+ done
+
+fi
+
+if [ "$1" = "purge" ] || [ "$1" = "remove" ]; then
+ rm -f /usr/share/dovecot/protocols.d/submissiond.protocol
+fi
+
+#DEBHELPER#
diff --git a/debian/dovecot-submissiond.prerm b/debian/dovecot-submissiond.prerm
new file mode 100644
index 0000000..2ad0a1f
--- /dev/null
+++ b/debian/dovecot-submissiond.prerm
@@ -0,0 +1,12 @@
+#!/bin/sh
+set -e
+
+if [ -d /run/systemd/system ]; then
+ deb-systemd-invoke stop dovecot.socket || true
+fi
+
+if [ -x "/etc/init.d/dovecot" ]; then
+ invoke-rc.d dovecot stop
+fi
+
+#DEBHELPER#
diff --git a/debian/dovecot-submissiond.triggers b/debian/dovecot-submissiond.triggers
new file mode 100644
index 0000000..a71d0af
--- /dev/null
+++ b/debian/dovecot-submissiond.triggers
@@ -0,0 +1 @@
+activate-noawait register-dovecot-plugin
diff --git a/debian/gbp.conf b/debian/gbp.conf
new file mode 100644
index 0000000..d2026bc
--- /dev/null
+++ b/debian/gbp.conf
@@ -0,0 +1,14 @@
+[DEFAULT]
+pristine-tar = True
+sign-tags = True
+component=pigeonhole
+
+[buildpackage]
+export-dir = ../build-area/
+
+[dch]
+meta = True
+id-length = 7
+
+[pq]
+patch-numbers = False
diff --git a/debian/maildirmake.dovecot b/debian/maildirmake.dovecot
new file mode 100644
index 0000000..5313d13
--- /dev/null
+++ b/debian/maildirmake.dovecot
@@ -0,0 +1,28 @@
+#!/bin/sh
+#
+# maildirmake.dovecot -- create maildirs
+# Copyright (c) 2003, Jaldhar H. Vyas
+# "Do what thou wilt" shall be the whole of the license.
+#
+dir="$1"
+owner="$2"
+if [ -z "$dir" ]; then
+ echo "Must supply a directory path"
+ exit 1
+fi
+
+if [ "$dir" = "-h" ]; then
+ echo "usage: $0 directory [user]"
+ exit 0
+fi
+
+umask 077
+mkdir -p "$dir/cur" "$dir/new" "$dir/tmp" || exit 1
+chmod 0700 "$dir" "$dir/cur" "$dir/new" "$dir/tmp" || exit 1
+
+if [ -n "$owner" ]; then
+ chown -R "$owner" "$dir" || exit 1
+fi
+
+exit 0
+
diff --git a/debian/maildirmake.dovecot.1 b/debian/maildirmake.dovecot.1
new file mode 100644
index 0000000..a814c81
--- /dev/null
+++ b/debian/maildirmake.dovecot.1
@@ -0,0 +1,46 @@
+.\" Hey, EMACS: -*- nroff -*-
+.\" First parameter, NAME, should be all caps
+.\" Second parameter, SECTION, should be 1-8, maybe w/ subsection
+.\" other parameters are allowed: see man(7), man(1)
+.TH "MAILDIRMAKE.DOVECOT" "1" "23 November 2005"
+.\" Please adjust this date whenever revising the manpage.
+.\"
+.\" Some roff macros, for reference:
+.\" .nh disable hyphenation
+.\" .hy enable hyphenation
+.\" .ad l left justify
+.\" .ad b justify to both left and right margins
+.\" .nf disable filling
+.\" .fi enable filling
+.\" .br insert line break
+.\" .sp <n> insert n+1 empty lines
+.\" for manpage-specific macros, see man(7)
+.SH NAME
+maildirmake.dovecot \- creates maildirs and maildir subfolders
+.SH SYNOPSIS
+.B maildirmake.dovecot
+\fBdirectory\fR [ \fRowner\fR ] \fR
+.br
+.SH DESCRIPTION
+.\" TeX users may be more comfortable with the \fB<whatever>\fP and
+.\" \fI<whatever>\fP escape sequences to invode bold face and italics,
+.\" respectively.
+\fBmaildirmake.dovecot\fP creates a maildir and its maildir subfolders (cur, new, tmp).
+\fBdirectory\fP is the name of the new maildir. If \fBdirectory\fP exists cur, new, tmp directories are created inside it.
+.TP
+You can specify \fBowner\fP to change directories ownership if you have ownership modification permission.
+.TP
+\fBmaildirmake.dovecot\fP is very basic. It is strongly recommended to use \fBmaildirmake\fP if you want to do serious maildir management.
+.SH OPTIONS
+.TP
+\fB-h\fP
+Show options summary and exits immediately.
+.SH SEE ALSO
+.BR maildirmake (1).
+.BR maildir (5).
+.SH AUTHOR
+.TP
+dovecot was written by Timo Sirainen <tss@iki.fi>. maildirmake.dovecot script was written by Jaldhar H. Vyas
+.PP
+This manual page was written by Henry Precheur <henry@precheur.org>,
+for the Debian project (but may be used by others).
diff --git a/debian/patches/Avoid-usage-of-PATH_MAX-not-available-on-hurd.patch b/debian/patches/Avoid-usage-of-PATH_MAX-not-available-on-hurd.patch
new file mode 100644
index 0000000..8d7f9a1
--- /dev/null
+++ b/debian/patches/Avoid-usage-of-PATH_MAX-not-available-on-hurd.patch
@@ -0,0 +1,22 @@
+From: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com>
+Date: Mon, 6 Jun 2022 15:29:38 +0200
+Subject: Avoid usage of PATH_MAX not available on hurd
+
+Forwarded: https://github.com/dovecot/core/pull/208
+---
+ src/lib/test-net.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/lib/test-net.c b/src/lib/test-net.c
+index fb19d5b..28398fe 100644
+--- a/src/lib/test-net.c
++++ b/src/lib/test-net.c
+@@ -145,7 +145,7 @@ static void test_net_unix_long_paths(void)
+
+ test_begin("net_*_unix() - long paths");
+
+- char path[PATH_MAX];
++ char path[4096];
+ memset(path, 'x', sizeof(path)-1);
+ path[sizeof(path)-1] = '\0';
+
diff --git a/debian/patches/Cleanup-temporary-build-files.patch b/debian/patches/Cleanup-temporary-build-files.patch
new file mode 100644
index 0000000..288eb92
--- /dev/null
+++ b/debian/patches/Cleanup-temporary-build-files.patch
@@ -0,0 +1,28 @@
+From: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com>
+Date: Mon, 14 Aug 2023 16:25:09 +0200
+Subject: Cleanup temporary build files
+
+Forwarded: https://github.com/dovecot/core/pull/207
+
+Support building twice:
+
+ dpkg-source: info: local changes detected, the modified files are:
+ source/src/plugins/quota/rquota.h.tmp
+ source/src/plugins/quota/rquota_xdr.c.tmp
+---
+ src/plugins/quota/Makefile.am | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/plugins/quota/Makefile.am b/src/plugins/quota/Makefile.am
+index ad08d50..d8bd86d 100644
+--- a/src/plugins/quota/Makefile.am
++++ b/src/plugins/quota/Makefile.am
+@@ -127,7 +127,7 @@ clean-generic:
+ if [ "$(top_srcdir)" != "$(top_builddir)" ]; then \
+ rm -f $(top_builddir)/src/plugins/quota/rquota.x; \
+ fi; \
+- rm -f rquota_xdr.c rquota.h
++ rm -f rquota_xdr.c rquota_xdr.c.tmp rquota.h rquota.h.tmp
+
+ test_programs = \
+ test-quota-util
diff --git a/debian/patches/Correct-misspellings.patch b/debian/patches/Correct-misspellings.patch
new file mode 100644
index 0000000..5a01652
--- /dev/null
+++ b/debian/patches/Correct-misspellings.patch
@@ -0,0 +1,138 @@
+From: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com>
+Date: Sun, 31 May 2020 00:55:07 +0200
+Subject: Correct misspellings
+
+Found by Lintian
+---
+ ChangeLog | 6 +++---
+ NEWS | 2 +-
+ pigeonhole/src/lib-sieve/sieve-address.c | 2 +-
+ src/director/director-connection.c | 2 +-
+ src/lib-index/mail-index-transaction-finish.c | 2 +-
+ src/lib-index/mail-index.h | 2 +-
+ src/lib-index/mail-transaction-log-file.c | 2 +-
+ src/lib-storage/index/index-sync-pvt.c | 2 +-
+ 8 files changed, 10 insertions(+), 10 deletions(-)
+
+Index: dovecot/ChangeLog
+===================================================================
+--- dovecot.orig/ChangeLog
++++ dovecot/ChangeLog
+@@ -70625,7 +70625,7 @@ M src/lib-storage/index/index-mail.c
+ lib-index: Add mail_cache_close_mail() to smartly drop cached data with
+ INDEX=MEMORY
+
+- Instead of reseting the entire transaction buffer when 256 kB is reached,
++ Instead of resetting the entire transaction buffer when 256 kB is reached,
+ just drop mails have have been marked closed with mail_cache_close_mail().
+ If that's not enough, continue deleting forcibly until the buffer is below
+ 256 kB.
+@@ -90525,7 +90525,7 @@ M src/lib-storage/index/dbox-single/sdbo
+
+ 2016-09-21 20:50:24 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (2e5e2047af)
+
+- login-proxy: Fixed "Host is down" never reseting itself.
++ login-proxy: Fixed "Host is down" never resetting itself.
+
+ Broken by c8eb8314a, which moved adding num_waiting_connections earlier.
+ After that it was never 0 at the check time.
+@@ -107467,7 +107467,7 @@ M src/login-common/ssl-proxy-openssl.c
+
+ 2015-12-07 11:29:29 +0200 Timo Sirainen <tss@iki.fi> (975c2cdc1b)
+
+- doveadm: Fixed reseting getopt() with glibc when processing multiple
++ doveadm: Fixed resetting getopt() with glibc when processing multiple
+ commands in a single process. This means commands run with doveadm batch or
+ multiple commands in a single doveadm-server connection.
+
+Index: dovecot/NEWS
+===================================================================
+--- dovecot.orig/NEWS
++++ dovecot/NEWS
+@@ -2010,7 +2010,7 @@ v2.2.26 2016-10-27 Timo Sirainen <tss@i
+ - zlib, IMAP BINARY: Fixed internal caching when accessing multiple
+ newly created mails. They all had UID=0 and the next mail could have
+ wrongly used the previously cached mail.
+- - doveadm stats reset wasn't reseting all the stats.
++ - doveadm stats reset wasn't resetting all the stats.
+ - auth_stats=yes: Don't update num_logins, since it doubles them when
+ using with mail stats.
+ - quota count: Fixed deadlocks when updating vsize header.
+Index: dovecot/pigeonhole/src/lib-sieve/sieve-address.c
+===================================================================
+--- dovecot.orig/pigeonhole/src/lib-sieve/sieve-address.c
++++ dovecot/pigeonhole/src/lib-sieve/sieve-address.c
+@@ -449,7 +449,7 @@ parse_mailbox_address(struct sieve_messa
+ if (ctx->parser.data != ctx->parser.end) {
+ if (*ctx->parser.data == ',') {
+ sieve_address_error(
+- ctx, "not a single addres (found ',')");
++ ctx, "not a single address (found ',')");
+ } else {
+ sieve_address_error(
+ ctx, "address ends in invalid characters");
+Index: dovecot/src/director/director-connection.c
+===================================================================
+--- dovecot.orig/src/director/director-connection.c
++++ dovecot/src/director/director-connection.c
+@@ -896,7 +896,7 @@ static bool director_cmd_director(struct
+
+ /* already have this. just reset its last_network_failure
+ timestamp, since it might be up now, but only if this
+- isn't part of the handshake. (if it was, reseting the
++ isn't part of the handshake. (if it was, resetting the
+ timestamp could cause us to rapidly keep trying to connect
+ to it) */
+ if (conn->handshake_received)
+Index: dovecot/src/lib-index/mail-index-transaction-finish.c
+===================================================================
+--- dovecot.orig/src/lib-index/mail-index-transaction-finish.c
++++ dovecot/src/lib-index/mail-index-transaction-finish.c
+@@ -53,7 +53,7 @@ ext_reset_update_atomic(struct mail_inde
+
+ array_idx_set(&t->ext_reset_ids, ext_id, &reset_id);
+
+- /* reseting existing data is optional */
++ /* resetting existing data is optional */
+ if (array_is_created(&t->ext_resets)) {
+ reset = array_idx_modifiable(&t->ext_resets, ext_id);
+ if (reset->new_reset_id == (uint32_t)-1)
+Index: dovecot/src/lib-index/mail-index.h
+===================================================================
+--- dovecot.orig/src/lib-index/mail-index.h
++++ dovecot/src/lib-index/mail-index.h
+@@ -384,7 +384,7 @@ void mail_index_set_lock_method(struct m
+ use the default. */
+ void mail_index_set_optimization_settings(struct mail_index *index,
+ const struct mail_index_optimization_settings *set);
+-/* When creating a new index file or reseting an existing one, add the given
++/* When creating a new index file or resetting an existing one, add the given
+ extension header data immediately to it. */
+ void mail_index_set_ext_init_data(struct mail_index *index, uint32_t ext_id,
+ const void *data, size_t size);
+Index: dovecot/src/lib-index/mail-transaction-log-file.c
+===================================================================
+--- dovecot.orig/src/lib-index/mail-transaction-log-file.c
++++ dovecot/src/lib-index/mail-transaction-log-file.c
+@@ -760,7 +760,7 @@ mail_transaction_log_file_create2(struct
+ return -1;
+
+ if (reset) {
+- /* don't reset modseqs. if we're reseting due to rebuilding
++ /* don't reset modseqs. if we're resetting due to rebuilding
+ indexes we'll probably want to keep uidvalidity and in such
+ cases we really don't want to shrink modseqs. */
+ file->hdr.prev_file_seq = 0;
+Index: dovecot/src/lib-storage/index/index-sync-pvt.c
+===================================================================
+--- dovecot.orig/src/lib-storage/index/index-sync-pvt.c
++++ dovecot/src/lib-storage/index/index-sync-pvt.c
+@@ -185,7 +185,7 @@ index_mailbox_sync_pvt_index(struct inde
+ } else {
+ /* mailbox created/recreated */
+ reset = TRUE;
+- i_info("Mailbox %s UIDVALIDITY changed (%u -> %u), reseting private index",
++ i_info("Mailbox %s UIDVALIDITY changed (%u -> %u), resetting private index",
+ ctx->box->vname, hdr_pvt->uid_validity,
+ hdr_shared->uid_validity);
+ }
diff --git a/debian/patches/Debug-flaky-unit-test.patch b/debian/patches/Debug-flaky-unit-test.patch
new file mode 100644
index 0000000..a30e596
--- /dev/null
+++ b/debian/patches/Debug-flaky-unit-test.patch
@@ -0,0 +1,65 @@
+From: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com>
+Date: Mon, 6 Jun 2022 17:24:19 +0200
+Subject: Debug flaky unit test
+
+See #1007744
+---
+ src/lib-smtp/test-smtp-server-errors.c | 12 +++++++++---
+ 1 file changed, 9 insertions(+), 3 deletions(-)
+
+diff --git a/src/lib-smtp/test-smtp-server-errors.c b/src/lib-smtp/test-smtp-server-errors.c
+index d3e528c..5240d30 100644
+--- a/src/lib-smtp/test-smtp-server-errors.c
++++ b/src/lib-smtp/test-smtp-server-errors.c
+@@ -3712,13 +3712,14 @@ static void server_connection_accept(void *context ATTR_UNUSED)
+
+ static void test_server_timeout(void *context ATTR_UNUSED)
+ {
+- i_fatal("Server timed out");
++ i_fatal("Server timed out [current_ioloop=%p ioloop=%p]", current_ioloop, ioloop);
+ }
+
+ static void test_server_run(const struct smtp_server_settings *smtp_set)
+ {
+ struct timeout *to;
+
++ i_debug("Adding timeout to server [current_ioloop=%p ioloop=%p]", current_ioloop, ioloop);
+ to = timeout_add(SERVER_MAX_TIMEOUT_MSECS,
+ test_server_timeout, NULL);
+
+@@ -3729,8 +3730,7 @@ static void test_server_run(const struct smtp_server_settings *smtp_set)
+
+ io_loop_run(ioloop);
+
+- if (debug)
+- i_debug("Server finished");
++ i_debug("Server finished [current_ioloop=%p ioloop=%p]", current_ioloop, ioloop);
+
+ /* close server socket */
+ io_remove(&io_listen);
+@@ -3770,9 +3770,12 @@ static int test_run_client(struct test_client_data *data)
+ /* wait a little for server setup */
+ i_sleep_msecs(100);
+
++ i_debug("test_run_client: pre create [current_ioloop=%p ioloop=%p]", current_ioloop, ioloop);
+ ioloop = io_loop_create();
++ i_debug("test_run_client: post create [current_ioloop=%p ioloop=%p]", current_ioloop, ioloop);
+ data->client_test(data->index);
+ io_loop_destroy(&ioloop);
++ i_debug("test_run_client: post destroy [current_ioloop=%p ioloop=%p]", current_ioloop, ioloop);
+
+ if (debug)
+ i_debug("Terminated");
+@@ -3794,9 +3797,12 @@ test_run_server(const struct smtp_server_settings *server_set,
+ i_zero(&server_callbacks);
+
+ server_pending = client_tests_count;
++ i_debug("test_run_server: pre create [current_ioloop=%p ioloop=%p]", current_ioloop, ioloop);
+ ioloop = io_loop_create();
++ i_debug("test_run_server: post create [current_ioloop=%p ioloop=%p]", current_ioloop, ioloop);
+ server_test(server_set);
+ io_loop_destroy(&ioloop);
++ i_debug("test_run_server: post destroy create [current_ioloop=%p ioloop=%p]", current_ioloop, ioloop);
+
+ if (debug)
+ i_debug("Terminated");
diff --git a/debian/patches/Fix-32bit-sign-comparisons.patch b/debian/patches/Fix-32bit-sign-comparisons.patch
new file mode 100644
index 0000000..4cf271e
--- /dev/null
+++ b/debian/patches/Fix-32bit-sign-comparisons.patch
@@ -0,0 +1,25 @@
+From: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com>
+Date: Mon, 4 Jan 2021 16:06:43 +0100
+Subject: Fix 32bit sign comparisons
+
+sieve-binary.c: In function 'sieve_binary_get_resource_usage':
+sieve-binary.c:199:54: warning: comparison of integer expressions of different signedness: 'time_t' {aka 'long int'} and 'unsigned int' [-Wsign-compare]
+ 199 | if (update_time != 0 && (ioloop_time - update_time) > timeout)
+ | ^
+---
+ pigeonhole/src/lib-sieve/sieve-binary.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/pigeonhole/src/lib-sieve/sieve-binary.c b/pigeonhole/src/lib-sieve/sieve-binary.c
+index 06cf598..c971921 100644
+--- a/pigeonhole/src/lib-sieve/sieve-binary.c
++++ b/pigeonhole/src/lib-sieve/sieve-binary.c
+@@ -196,7 +196,7 @@ void sieve_binary_get_resource_usage(struct sieve_binary *sbin,
+ time_t update_time = header->resource_usage.update_time;
+ unsigned int timeout = sbin->svinst->resource_usage_timeout_secs;
+
+- if (update_time != 0 && (ioloop_time - update_time) > timeout)
++ if (update_time != 0 && (ioloop_time - update_time) > (time_t)timeout)
+ i_zero(&header->resource_usage);
+
+ sieve_resource_usage_init(rusage_r);
diff --git a/debian/patches/Fix-uninitialized-read-in-doveadm-oldstats.patch b/debian/patches/Fix-uninitialized-read-in-doveadm-oldstats.patch
new file mode 100644
index 0000000..ff85b51
--- /dev/null
+++ b/debian/patches/Fix-uninitialized-read-in-doveadm-oldstats.patch
@@ -0,0 +1,33 @@
+From: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com>
+Date: Sat, 23 Jul 2022 16:38:23 +0200
+Subject: Fix uninitialized read in doveadm-oldstats
+
+The third argument to doveadm_cmd_param_bool() is only set on a return
+value of TRUE.
+Since disk_input_field and disk_output_field should be set if the value
+of show-disk-io is specified and specified to true, fix the condition.
+
+ doveadm-oldstats.c: In function 'cmd_stats_top':
+ doveadm-oldstats.c:551:63: warning: 'b' may be used uninitialized [-Wmaybe-uninitialized]
+ 551 | if (!doveadm_cmd_param_bool(cctx, "show-disk-io", &b) && b) {
+ | ^
+ doveadm-oldstats.c:545:14: note: 'b' was declared here
+ 545 | bool b;
+ | ^
+---
+ src/doveadm/doveadm-oldstats.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/doveadm/doveadm-oldstats.c b/src/doveadm/doveadm-oldstats.c
+index 4be575e..ff6dcf5 100644
+--- a/src/doveadm/doveadm-oldstats.c
++++ b/src/doveadm/doveadm-oldstats.c
+@@ -548,7 +548,7 @@ static void cmd_stats_top(struct doveadm_cmd_context *cctx)
+ path = t_strconcat(doveadm_settings->base_dir,
+ "/old-stats", NULL);
+ }
+- if (!doveadm_cmd_param_bool(cctx, "show-disk-io", &b) && b) {
++ if (doveadm_cmd_param_bool(cctx, "show-disk-io", &b) && b) {
+ disk_input_field = "read_bytes";
+ disk_output_field = "write_bytes";
+ }
diff --git a/debian/patches/Improve-cross-compile-support.patch b/debian/patches/Improve-cross-compile-support.patch
new file mode 100644
index 0000000..708336f
--- /dev/null
+++ b/debian/patches/Improve-cross-compile-support.patch
@@ -0,0 +1,116 @@
+From: Helmut Grohne <helmut@subdivi.de>
+Date: Tue, 5 Jan 2021 22:25:00 +0100
+Subject: Improve cross-compile support
+
+The check for the signedness of size_t really doesn't have to be run as
+that is a compile time property.
+
+Beyond that, dovecot uses mysql_config. I've looked into that and
+mysql_config is unfixably broken during cross builds. It will not be
+fixed. Instead, please use pkg-config. My patch implements that with a
+fallback to mysql_config to avoid breaking other users.
+
+Last but not least, src/lib-lua/Makefile.am adds $(LUA_LIBS) to
+libdovecot_lua_la_DEPENDENCIES. As it happens, LUA_LIBS contains a -L
+flag and when that flag shows up in a dependency, make gives up. I have
+no clue why one would add LUA_LIBS to DEPENDENCIES as it already is
+being correctly added to LIBADD. My patch suggests to quite simply drop
+that.
+---
+ m4/want_mysql.m4 | 54 ++++++++++++++++++++++++-------------------------
+ src/lib-lua/Makefile.am | 4 +---
+ 2 files changed, 27 insertions(+), 31 deletions(-)
+
+diff --git a/m4/want_mysql.m4 b/m4/want_mysql.m4
+index 98e6f93..425bcdd 100644
+--- a/m4/want_mysql.m4
++++ b/m4/want_mysql.m4
+@@ -1,26 +1,28 @@
+ AC_DEFUN([DOVECOT_WANT_MYSQL], [
+ have_mysql=no
+- if test $want_mysql != no; then
+- AC_CHECK_PROG(MYSQL_CONFIG, mysql_config, mysql_config, NO)
+- if test $MYSQL_CONFIG = NO; then
+- # based on code from PHP
+- MYSQL_LIBS="-lmysqlclient -lz -lm"
+- for i in /usr /usr/local /usr/local/mysql; do
+- for j in include include/mysql ""; do
+- if test -r "$i/$j/mysql.h"; then
+- MYSQL_INCLUDE="-I$i/$j"
+- fi
+- done
+- for j in lib lib/mysql lib64 lib64/mysql ""; do
+- if test -f "$i/$j/libmysqlclient.so" || test -f "$i/$j/libmysqlclient.a"; then
+- MYSQL_LIBS="-L$i/$j -lmysqlclient -lz -lm"
+- fi
+- done
+- done
+- else
+- MYSQL_INCLUDE="`$MYSQL_CONFIG --include`"
+- MYSQL_LIBS="`$MYSQL_CONFIG --libs`"
+- fi
++ AS_IF([test $want_mysql != no],[
++ PKG_CHECK_MODULES([MYSQL],[mysqlclient],,[
++ AC_CHECK_PROG(MYSQL_CONFIG, mysql_config, mysql_config, NO)
++ if test $MYSQL_CONFIG = NO; then
++ # based on code from PHP
++ MYSQL_LIBS="-lmysqlclient -lz -lm"
++ for i in /usr /usr/local /usr/local/mysql; do
++ for j in include include/mysql ""; do
++ if test -r "$i/$j/mysql.h"; then
++ MYSQL_CFLAGS="-I$i/$j"
++ fi
++ done
++ for j in lib lib/mysql lib64 lib64/mysql ""; do
++ if test -f "$i/$j/libmysqlclient.so" || test -f "$i/$j/libmysqlclient.a"; then
++ MYSQL_LIBS="-L$i/$j -lmysqlclient -lz -lm"
++ fi
++ done
++ done
++ else
++ MYSQL_CFLAGS="`$MYSQL_CONFIG --include`"
++ MYSQL_LIBS="`$MYSQL_CONFIG --libs`"
++ fi
++ ])
+
+ old_LIBS=$LIBS
+ if test "$MYSQL_LIBS" != ""; then
+@@ -31,14 +33,10 @@ AC_DEFUN([DOVECOT_WANT_MYSQL], [
+ LIBS="$LIBS -lz -lm"
+ AC_CHECK_LIB(mysqlclient, mysql_init, [
+ old_CPPFLAGS=$CPPFLAGS
+- if test "$MYSQL_INCLUDE" != ""; then
+- CPPFLAGS="$CPPFLAGS $MYSQL_INCLUDE"
++ if test "$MYSQL_CFLAGS" != ""; then
++ CPPFLAGS="$CPPFLAGS $MYSQL_CFLAGS"
+ fi
+ AC_CHECK_HEADER(mysql.h, [
+- if test "$MYSQL_INCLUDE" != ""; then
+- MYSQL_CFLAGS="$MYSQL_CFLAGS $MYSQL_INCLUDE"
+- fi
+-
+ AC_CHECK_LIB(mysqlclient, mysql_ssl_set, [
+ AC_DEFINE(HAVE_MYSQL_SSL,, [Define if your MySQL library has SSL functions])
+ if test "x$have_openssl" = "yes"; then
+@@ -85,5 +83,5 @@ AC_DEFUN([DOVECOT_WANT_MYSQL], [
+ MYSQL_CFLAGS=
+ fi
+ LIBS=$old_LIBS
+- fi
++ ])
+ ])
+diff --git a/src/lib-lua/Makefile.am b/src/lib-lua/Makefile.am
+index 20ce311..7d44e89 100644
+--- a/src/lib-lua/Makefile.am
++++ b/src/lib-lua/Makefile.am
+@@ -24,9 +24,7 @@ test_programs += test-dict-lua
+ endif
+
+ # Note: the only things this lib should depend on are libdovecot and lua.
+-libdovecot_lua_la_DEPENDENCIES = \
+- ../lib-dovecot/libdovecot.la \
+- $(LIBDICT_LUA)
++libdovecot_lua_la_DEPENDENCIES = ../lib-dovecot/libdovecot.la
+ libdovecot_lua_la_LIBADD = \
+ ../lib-dovecot/libdovecot.la \
+ $(LIBDICT_LUA) \
diff --git a/debian/patches/Silence-LTO-related-compiler-warning.patch b/debian/patches/Silence-LTO-related-compiler-warning.patch
new file mode 100644
index 0000000..c674492
--- /dev/null
+++ b/debian/patches/Silence-LTO-related-compiler-warning.patch
@@ -0,0 +1,28 @@
+From: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com>
+Date: Mon, 21 Jun 2021 15:59:02 +0200
+Subject: Silence LTO related compiler warning
+
+master-service-settings-cache.c: In function 'master_service_settings_cache_init_filter':
+master-service-settings-cache.c:94:3: warning: 'error' may be used uninitialized in this function [-Wmaybe-uninitialized]
+ 94 | i_error("master-service: cannot get filters: %s", error);
+ | ^
+master-service-settings-cache.c:89:14: note: 'error' was declared here
+ 89 | const char *error;
+ | ^
+---
+ src/lib-master/master-service-settings-cache.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/lib-master/master-service-settings-cache.c b/src/lib-master/master-service-settings-cache.c
+index 11dd66b..d60f392 100644
+--- a/src/lib-master/master-service-settings-cache.c
++++ b/src/lib-master/master-service-settings-cache.c
+@@ -86,7 +86,7 @@ master_service_settings_cache_init(struct master_service *service,
+ int master_service_settings_cache_init_filter(struct master_service_settings_cache *cache)
+ {
+ const char *const *filters;
+- const char *error;
++ const char *error = NULL;
+
+ if (cache->filters != NULL)
+ return 0;
diff --git a/debian/patches/Silence-prototype-conflicts.patch b/debian/patches/Silence-prototype-conflicts.patch
new file mode 100644
index 0000000..2b5d77e
--- /dev/null
+++ b/debian/patches/Silence-prototype-conflicts.patch
@@ -0,0 +1,67 @@
+From: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com>
+Date: Fri, 15 Sep 2023 14:08:56 +0200
+Subject: Silence prototype conflicts
+
+Forwarded: https://github.com/dovecot/core/pull/206
+
+ program-client.c:705:5: warning: conflicting types for 'program_client_run' due to enum/integer mismatch; have 'int(struct program_client *)' [-Wenum-int-mismatch]
+ 705 | int program_client_run(struct program_client *pclient)
+ | ^~~~~~~~~~~~~~~~~~
+ In file included from program-client-private.h:4,
+ from program-client.c:17:
+ program-client.h:93:1: note: previous declaration of 'program_client_run' with type 'enum program_client_exit_status(struct program_client *)'
+ 93 | program_client_run(struct program_client *pclient);
+ | ^~~~~~~~~~~~~~~~~~
+
+ db-lua.c:599:1: warning: conflicting types for 'auth_lua_call_password_verify' due to enum/integer mismatch; have 'enum passdb_result(struct dlua_script *, struct auth_request *, const char *, const char **)' [-Wenum-int-mismatch]
+ 599 | auth_lua_call_password_verify(struct dlua_script *script,
+ | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ In file included from db-lua.c:28:
+ db-lua.h:14:5: note: previous declaration of 'auth_lua_call_password_verify' with type 'int(struct dlua_script *, struct auth_request *, const char *, const char **)'
+ 14 | int auth_lua_call_password_verify(struct dlua_script *script,
+ | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+---
+ src/auth/db-lua.h | 7 ++++---
+ src/lib-program-client/program-client.c | 4 ++--
+ 2 files changed, 6 insertions(+), 5 deletions(-)
+
+diff --git a/src/auth/db-lua.h b/src/auth/db-lua.h
+index ebb697a..cf859fb 100644
+--- a/src/auth/db-lua.h
++++ b/src/auth/db-lua.h
+@@ -11,9 +11,10 @@ struct dlua_script;
+
+ int auth_lua_script_init(struct dlua_script *script, const char **error_r);
+
+-int auth_lua_call_password_verify(struct dlua_script *script,
+- struct auth_request *req, const char *password,
+- const char **error_r);
++enum passdb_result
++auth_lua_call_password_verify(struct dlua_script *script,
++ struct auth_request *req, const char *password,
++ const char **error_r);
+
+ enum passdb_result
+ auth_lua_call_passdb_lookup(struct dlua_script *script,
+diff --git a/src/lib-program-client/program-client.c b/src/lib-program-client/program-client.c
+index c6c6ff6..cf55a6f 100644
+--- a/src/lib-program-client/program-client.c
++++ b/src/lib-program-client/program-client.c
+@@ -702,7 +702,7 @@ program_client_run_callback(int result, int *context)
+ io_loop_stop(current_ioloop);
+ }
+
+-int program_client_run(struct program_client *pclient)
++enum program_client_exit_status program_client_run(struct program_client *pclient)
+ {
+ int ret = -2;
+ struct ioloop *prev_ioloop = current_ioloop;
+@@ -722,7 +722,7 @@ int program_client_run(struct program_client *pclient)
+ io_loop_destroy(&ioloop);
+
+ if (pclient->error != PROGRAM_CLIENT_ERROR_NONE)
+- return -1;
++ return PROGRAM_CLIENT_EXIT_STATUS_INTERNAL_FAILURE;
+
+ return pclient->exit_status;
+ }
diff --git a/debian/patches/Support-openssl-3.0.patch b/debian/patches/Support-openssl-3.0.patch
new file mode 100644
index 0000000..8f39a7d
--- /dev/null
+++ b/debian/patches/Support-openssl-3.0.patch
@@ -0,0 +1,45 @@
+From: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com>
+Date: Wed, 11 May 2022 20:27:53 +0200
+Author: Michal Hlavinka
+Origin: https://bugzilla.redhat.com/show_bug.cgi?id=1962035
+Subject: Support openssl 3.0
+
+---
+ src/lib-dcrypt/dcrypt-openssl.c | 20 ++++++++++++++++++++
+ 1 file changed, 20 insertions(+)
+
+diff --git a/src/lib-dcrypt/dcrypt-openssl.c b/src/lib-dcrypt/dcrypt-openssl.c
+index 1cbe352..5570d62 100644
+--- a/src/lib-dcrypt/dcrypt-openssl.c
++++ b/src/lib-dcrypt/dcrypt-openssl.c
+@@ -73,10 +73,30 @@
+ 2<tab>key algo oid<tab>1<tab>symmetric algo name<tab>salt<tab>hash algo<tab>rounds<tab>E(RSA = i2d_PrivateKey, EC=Private Point)<tab>key id
+ **/
+
++#if OPENSSL_VERSION_MAJOR == 3
++static EC_KEY *EVP_PKEY_get0_EC_KEYv3(EVP_PKEY *key)
++{
++ EC_KEY *eck = EVP_PKEY_get1_EC_KEY(key);
++ EVP_PKEY_set1_EC_KEY(key, eck);
++ EC_KEY_free(eck);
++ return eck;
++}
++
++static EC_KEY *EVP_PKEY_get1_EC_KEYv3(EVP_PKEY *key)
++{
++ EC_KEY *eck = EVP_PKEY_get1_EC_KEY(key);
++ EVP_PKEY_set1_EC_KEY(key, eck);
++ return eck;
++}
++
++#define EVP_PKEY_get0_EC_KEY EVP_PKEY_get0_EC_KEYv3
++#define EVP_PKEY_get1_EC_KEY EVP_PKEY_get1_EC_KEYv3
++#else
+ #ifndef HAVE_EVP_PKEY_get0
+ #define EVP_PKEY_get0_EC_KEY(x) x->pkey.ec
+ #define EVP_PKEY_get0_RSA(x) x->pkey.rsa
+ #endif
++#endif
+
+ #ifndef HAVE_OBJ_LENGTH
+ #define OBJ_length(o) ((o)->length)
diff --git a/debian/patches/Use-_FORTIFY_SOURCE-level-3.patch b/debian/patches/Use-_FORTIFY_SOURCE-level-3.patch
new file mode 100644
index 0000000..262de9a
--- /dev/null
+++ b/debian/patches/Use-_FORTIFY_SOURCE-level-3.patch
@@ -0,0 +1,57 @@
+From: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com>
+Date: Thu, 22 Dec 2022 17:00:53 +0100
+Subject: Use _FORTIFY_SOURCE level 3
+
+---
+ m4/dovecot.m4 | 6 +++---
+ pigeonhole/m4/dovecot.m4 | 6 +++---
+ 2 files changed, 6 insertions(+), 6 deletions(-)
+
+diff --git a/m4/dovecot.m4 b/m4/dovecot.m4
+index 8092bf5..558aee4 100644
+--- a/m4/dovecot.m4
++++ b/m4/dovecot.m4
+@@ -9,7 +9,7 @@ dnl modifications, as long as this notice is preserved.
+ # serial 34
+
+ dnl
+-dnl Check for support for D_FORTIFY_SOURCE=2
++dnl Check for support for D_FORTIFY_SOURCE=3
+ dnl
+
+ AC_DEFUN([AC_CC_D_FORTIFY_SOURCE],[
+@@ -17,8 +17,8 @@ AC_DEFUN([AC_CC_D_FORTIFY_SOURCE],[
+ AS_IF([test "$enable_hardening" = yes], [
+ case "$host" in
+ *)
+- gl_COMPILER_OPTION_IF([-O2 -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2], [
+- CFLAGS="$CFLAGS -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2"
++ gl_COMPILER_OPTION_IF([-O2 -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=3], [
++ CFLAGS="$CFLAGS -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=3"
+ ],
+ [],
+ [AC_LANG_PROGRAM()]
+diff --git a/pigeonhole/m4/dovecot.m4 b/pigeonhole/m4/dovecot.m4
+index 037d5e4..a3e0883 100644
+--- a/pigeonhole/m4/dovecot.m4
++++ b/pigeonhole/m4/dovecot.m4
+@@ -9,7 +9,7 @@ dnl modifications, as long as this notice is preserved.
+ # serial 34
+
+ dnl
+-dnl Check for support for D_FORTIFY_SOURCE=2
++dnl Check for support for D_FORTIFY_SOURCE=3
+ dnl
+
+ AC_DEFUN([AC_CC_D_FORTIFY_SOURCE],[
+@@ -17,8 +17,8 @@ AC_DEFUN([AC_CC_D_FORTIFY_SOURCE],[
+ AS_IF([test "$enable_hardening" = yes], [
+ case "$host" in
+ *)
+- gl_COMPILER_OPTION_IF([-O2 -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2], [
+- CFLAGS="$CFLAGS -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2"
++ gl_COMPILER_OPTION_IF([-O2 -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=3], [
++ CFLAGS="$CFLAGS -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=3"
+ ],
+ [],
+ [AC_LANG_PROGRAM()]
diff --git a/debian/patches/auth-Add-a-comment-about-updating-userdb_find.patch b/debian/patches/auth-Add-a-comment-about-updating-userdb_find.patch
new file mode 100644
index 0000000..70a405f
--- /dev/null
+++ b/debian/patches/auth-Add-a-comment-about-updating-userdb_find.patch
@@ -0,0 +1,22 @@
+From: Timo Sirainen <timo.sirainen@open-xchange.com>
+Date: Mon, 16 May 2022 14:58:45 +0200
+Subject: auth: Add a comment about updating userdb_find()
+
+---
+ src/auth/userdb.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/src/auth/userdb.c b/src/auth/userdb.c
+index 21751f9..c71a479 100644
+--- a/src/auth/userdb.c
++++ b/src/auth/userdb.c
+@@ -158,7 +158,8 @@ userdb_preinit(pool_t pool, const struct auth_userdb_settings *set)
+ userdb->id = ++auth_userdb_id;
+ userdb->iface = iface;
+ userdb->args = p_strdup(pool, set->args);
+-
++ /* NOTE: if anything else than driver & args are added here,
++ userdb_find() also needs to be updated. */
+ array_push_back(&userdb_modules, &userdb);
+ return userdb;
+ }
diff --git a/debian/patches/auth-Fix-handling-passdbs-with-identical-driver-args-but-.patch b/debian/patches/auth-Fix-handling-passdbs-with-identical-driver-args-but-.patch
new file mode 100644
index 0000000..7f0dd36
--- /dev/null
+++ b/debian/patches/auth-Fix-handling-passdbs-with-identical-driver-args-but-.patch
@@ -0,0 +1,130 @@
+From: Timo Sirainen <timo.sirainen@open-xchange.com>
+Date: Mon, 9 May 2022 15:23:33 +0300
+Subject: auth: Fix handling passdbs with identical driver/args but different
+ mechanisms/username_filter
+
+The passdb was wrongly deduplicated in this situation, causing wrong
+mechanisms or username_filter setting to be used. This would be a rather
+unlikely configuration though.
+
+Fixed by moving mechanisms and username_filter from struct passdb_module
+to struct auth_passdb, which is where they should have been in the first
+place.
+---
+ src/auth/auth-request.c | 6 +++---
+ src/auth/auth.c | 18 ++++++++++++++++++
+ src/auth/auth.h | 5 +++++
+ src/auth/passdb.c | 15 ++-------------
+ src/auth/passdb.h | 4 ----
+ 5 files changed, 28 insertions(+), 20 deletions(-)
+
+diff --git a/src/auth/auth-request.c b/src/auth/auth-request.c
+index ee89e75..cd44cd4 100644
+--- a/src/auth/auth-request.c
++++ b/src/auth/auth-request.c
+@@ -553,8 +553,8 @@ auth_request_want_skip_passdb(struct auth_request *request,
+ struct auth_passdb *passdb)
+ {
+ /* if mechanism is not supported, skip */
+- const char *const *mechs = passdb->passdb->mechanisms;
+- const char *const *username_filter = passdb->passdb->username_filter;
++ const char *const *mechs = passdb->mechanisms;
++ const char *const *username_filter = passdb->username_filter;
+ const char *username;
+
+ username = request->fields.user;
+@@ -567,7 +567,7 @@ auth_request_want_skip_passdb(struct auth_request *request,
+ return TRUE;
+ }
+
+- if (passdb->passdb->username_filter != NULL &&
++ if (passdb->username_filter != NULL &&
+ !auth_request_username_accepted(username_filter, username)) {
+ auth_request_log_debug(request,
+ request->mech != NULL ? AUTH_SUBSYS_MECH
+diff --git a/src/auth/auth.c b/src/auth/auth.c
+index 845c43c..a5a4c81 100644
+--- a/src/auth/auth.c
++++ b/src/auth/auth.c
+@@ -93,6 +93,24 @@ auth_passdb_preinit(struct auth *auth, const struct auth_passdb_settings *set,
+ auth_passdb->override_fields_tmpl =
+ passdb_template_build(auth->pool, set->override_fields);
+
++ if (*set->mechanisms == '\0') {
++ auth_passdb->mechanisms = NULL;
++ } else if (strcasecmp(set->mechanisms, "none") == 0) {
++ auth_passdb->mechanisms = (const char *const[]){ NULL };
++ } else {
++ auth_passdb->mechanisms =
++ (const char *const *)p_strsplit_spaces(auth->pool,
++ set->mechanisms, " ,");
++ }
++
++ if (*set->username_filter == '\0') {
++ auth_passdb->username_filter = NULL;
++ } else {
++ auth_passdb->username_filter =
++ (const char *const *)p_strsplit_spaces(auth->pool,
++ set->username_filter, " ,");
++ }
++
+ /* for backwards compatibility: */
+ if (set->pass)
+ auth_passdb->result_success = AUTH_DB_RULE_CONTINUE;
+diff --git a/src/auth/auth.h b/src/auth/auth.h
+index 3ca5a9b..6208e4d 100644
+--- a/src/auth/auth.h
++++ b/src/auth/auth.h
+@@ -41,6 +41,11 @@ struct auth_passdb {
+ struct passdb_template *default_fields_tmpl;
+ struct passdb_template *override_fields_tmpl;
+
++ /* Supported authentication mechanisms, NULL is all, {NULL} is none */
++ const char *const *mechanisms;
++ /* Username filter, NULL is no filter */
++ const char *const *username_filter;
++
+ enum auth_passdb_skip skip;
+ enum auth_db_rule result_success;
+ enum auth_db_rule result_failure;
+diff --git a/src/auth/passdb.c b/src/auth/passdb.c
+index 9bc2b87..d3c61cc 100644
+--- a/src/auth/passdb.c
++++ b/src/auth/passdb.c
+@@ -224,19 +224,8 @@ passdb_preinit(pool_t pool, const struct auth_passdb_settings *set)
+ passdb->id = ++auth_passdb_id;
+ passdb->iface = *iface;
+ passdb->args = p_strdup(pool, set->args);
+- if (*set->mechanisms == '\0') {
+- passdb->mechanisms = NULL;
+- } else if (strcasecmp(set->mechanisms, "none") == 0) {
+- passdb->mechanisms = (const char *const[]){NULL};
+- } else {
+- passdb->mechanisms = (const char* const*)p_strsplit_spaces(pool, set->mechanisms, " ,");
+- }
+-
+- if (*set->username_filter == '\0') {
+- passdb->username_filter = NULL;
+- } else {
+- passdb->username_filter = (const char* const*)p_strsplit_spaces(pool, set->username_filter, " ,");
+- }
++ /* NOTE: if anything else than driver & args are added here,
++ passdb_find() also needs to be updated. */
+ array_push_back(&passdb_modules, &passdb);
+ return passdb;
+ }
+diff --git a/src/auth/passdb.h b/src/auth/passdb.h
+index b405aa7..8f50050 100644
+--- a/src/auth/passdb.h
++++ b/src/auth/passdb.h
+@@ -63,10 +63,6 @@ struct passdb_module {
+ /* Default password scheme for this module.
+ If default_cache_key is set, must not be NULL. */
+ const char *default_pass_scheme;
+- /* Supported authentication mechanisms, NULL is all, [NULL] is none*/
+- const char *const *mechanisms;
+- /* Username filter, NULL is no filter */
+- const char *const *username_filter;
+
+ /* If blocking is set to TRUE, use child processes to access
+ this passdb. */
diff --git a/debian/patches/default-mail_location.patch b/debian/patches/default-mail_location.patch
new file mode 100644
index 0000000..eb10c53
--- /dev/null
+++ b/debian/patches/default-mail_location.patch
@@ -0,0 +1,35 @@
+From: "Jaldhar H. Vyas" <jaldhar@debian.org>
+Date: Fri, 16 Sep 2011 00:55:02 +0200
+Subject: default location for user mailboxes
+
+Bug: #623440
+Last-Update: 2017-09-20
+
+Set a default for the case where a user has no mail so auto-
+detection of mailboxes doesn't work.
+---
+ doc/example-config/conf.d/10-mail.conf | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/doc/example-config/conf.d/10-mail.conf b/doc/example-config/conf.d/10-mail.conf
+index 24daa04..a69224f 100644
+--- a/doc/example-config/conf.d/10-mail.conf
++++ b/doc/example-config/conf.d/10-mail.conf
+@@ -27,7 +27,7 @@
+ #
+ # <doc/wiki/MailLocation.txt>
+ #
+-#mail_location =
++mail_location = mbox:~/mail:INBOX=/var/mail/%u
+
+ # If you need to set multiple mailbox locations or want to change default
+ # namespace settings, you can do it by defining namespace sections.
+@@ -111,7 +111,7 @@ namespace inbox {
+ # Group to enable temporarily for privileged operations. Currently this is
+ # used only with INBOX when either its initial creation or dotlocking fails.
+ # Typically this is set to "mail" to give access to /var/mail.
+-#mail_privileged_group =
++mail_privileged_group = mail
+
+ # Grant access to these supplementary groups for mail processes. Typically
+ # these are used to set up access to shared mailboxes. Note that it may be
diff --git a/debian/patches/doveadm-director.1-drop-acute-accent.patch b/debian/patches/doveadm-director.1-drop-acute-accent.patch
new file mode 100644
index 0000000..36ff84f
--- /dev/null
+++ b/debian/patches/doveadm-director.1-drop-acute-accent.patch
@@ -0,0 +1,46 @@
+From: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com>
+Date: Fri, 14 Aug 2020 12:50:51 +0200
+Subject: doveadm-director.1: drop acute accent
+
+Found by Lintian:
+
+ This manual page uses the \' groff sequence. Usually, the intent to
+ generate an apostrophe, but that sequence actually renders as a an acute
+ accent.
+
+ For an apostrophe or a single closing quote, use plain '. For single
+ opening quote, i.e. a straight downward line ' like the one used in
+ shell commands, use &#92;(aq.
+---
+ doc/man/doveadm-director.1.in | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/doc/man/doveadm-director.1.in b/doc/man/doveadm-director.1.in
+index 2a2c688..4b1855f 100644
+--- a/doc/man/doveadm-director.1.in
++++ b/doc/man/doveadm-director.1.in
+@@ -108,7 +108,7 @@ hosts. All the existing connections will be kicked. If
+ is specified, a flush script is also automatically executed.
+ .PP
+ Because the kicking and moving of users to new backends creates a temporary
+-load spike, all the users aren\'t moved at once. The
++load spike, all the users aren't moved at once. The
+ .B \-\-max\-parallel
+ parameter specifies how many users can be moved concurrently.
+ The default is 100.
+@@ -116,7 +116,7 @@ The default is 100.
+ If the
+ .B \-F
+ parameter is used, the user associations are simply dropped. Existing
+-connections won\'t be kicked and flush scripts aren\'t run.
++connections won't be kicked and flush scripts aren't run.
+ .\"-------------------------------------
+ .SS director kick
+ .B doveadm director kick
+@@ -280,4 +280,4 @@ user would be redirected to 192.168.10.3.
+ @INCLUDE:reporting-bugs@
+ .\"------------------------------------------------------------------------
+ .SH SEE ALSO
+-.BR doveadm (1)
+\ No newline at end of file
++.BR doveadm (1)
diff --git a/debian/patches/dovecot_name.patch b/debian/patches/dovecot_name.patch
new file mode 100644
index 0000000..d9d6ebf
--- /dev/null
+++ b/debian/patches/dovecot_name.patch
@@ -0,0 +1,121 @@
+From: "Jaldhar H. Vyas" <jaldhar@debian.org>
+Date: Sat, 7 Sep 2013 01:16:14 -0400
+Subject: Update Dovecot name to include Distribution in login greeting
+ message
+
+This patch was found at: https://blueprints.launchpad.net/ubuntu/+spec/servercloud-s-server-app-banner-updates
+and originally provided by Ubuntu for their 2.1.7 package. The original
+author is Yolanda Robla <yolanda.robla@canonical.com>. I updated it
+for Debian's 2.2.5 package.
+
+Last-Update: 2020-05-23
+---
+ configure.ac | 7 ++++++-
+ src/config/all-settings.c | 6 +++---
+ src/lib-smtp/smtp-server.c | 2 +-
+ src/lmtp/lmtp-settings.c | 2 +-
+ src/login-common/login-settings.c | 2 +-
+ src/submission/submission-settings.c | 2 +-
+ 6 files changed, 13 insertions(+), 8 deletions(-)
+
+Index: dovecot/configure.ac
+===================================================================
+--- dovecot.orig/configure.ac
++++ dovecot/configure.ac
+@@ -287,7 +287,12 @@ AM_ICONV
+ # SIZE_MAX is missing without this
+ CXXFLAGS="$CXXFLAGS -D__STDC_LIMIT_MACROS"
+
+-AC_DEFINE_UNQUOTED(DOVECOT_NAME, "$PACKAGE_NAME", [Dovecot name])
++if test -x /usr/bin/lsb_release && lsb_release -si; then
++ DOVECOT_DISTRIBUTION=" ($(lsb_release -si))"
++else
++ DOVECOT_DISTRIBUTION=""
++fi
++AC_DEFINE_UNQUOTED(DOVECOT_NAME, "$PACKAGE_NAME$DOVECOT_DISTRIBUTION", [Dovecot name])
+ AC_DEFINE_UNQUOTED(DOVECOT_STRING, "$PACKAGE_STRING", [Dovecot string])
+ AC_DEFINE_UNQUOTED(DOVECOT_VERSION, "$PACKAGE_VERSION", [Dovecot version])
+
+Index: dovecot/src/config/all-settings.c
+===================================================================
+--- dovecot.orig/src/config/all-settings.c
++++ dovecot/src/config/all-settings.c
+@@ -2320,7 +2320,7 @@ static const struct submission_settings
+
+ .hostname = "",
+
+- .login_greeting = PACKAGE_NAME" ready.",
++ .login_greeting = DOVECOT_NAME" ready.",
+ .login_trusted_networks = "",
+
+ .recipient_delimiter = "+",
+@@ -4182,7 +4182,7 @@ static const struct setting_define login
+ static const struct login_settings login_default_settings = {
+ .login_trusted_networks = "",
+ .login_source_ips = "",
+- .login_greeting = PACKAGE_NAME" ready.",
++ .login_greeting = DOVECOT_NAME" ready.",
+ .login_log_format_elements = "user=<%u> method=%m rip=%r lip=%l mpid=%e %c session=<%{session}>",
+ .login_log_format = "%$: %s",
+ .login_access_sockets = "",
+@@ -4396,7 +4396,7 @@ static const struct lmtp_settings lmtp_d
+
+ .lmtp_client_workarounds = "",
+
+- .login_greeting = PACKAGE_NAME" ready.",
++ .login_greeting = DOVECOT_NAME" ready.",
+ .login_trusted_networks = "",
+
+ .mail_plugins = "",
+Index: dovecot/src/lib-smtp/smtp-server.c
+===================================================================
+--- dovecot.orig/src/lib-smtp/smtp-server.c
++++ dovecot/src/lib-smtp/smtp-server.c
+@@ -49,7 +49,7 @@ struct smtp_server *smtp_server_init(con
+ if (set->login_greeting != NULL && *set->login_greeting != '\0')
+ server->set.login_greeting = p_strdup(pool, set->login_greeting);
+ else
+- server->set.login_greeting = PACKAGE_NAME" ready.";
++ server->set.login_greeting = DOVECOT_NAME" ready.";
+ if (set->capabilities == 0) {
+ server->set.capabilities = SMTP_SERVER_DEFAULT_CAPABILITIES;
+ } else {
+Index: dovecot/src/lmtp/lmtp-settings.c
+===================================================================
+--- dovecot.orig/src/lmtp/lmtp-settings.c
++++ dovecot/src/lmtp/lmtp-settings.c
+@@ -93,7 +93,7 @@ static const struct lmtp_settings lmtp_d
+
+ .lmtp_client_workarounds = "",
+
+- .login_greeting = PACKAGE_NAME" ready.",
++ .login_greeting = DOVECOT_NAME" ready.",
+ .login_trusted_networks = "",
+
+ .mail_plugins = "",
+Index: dovecot/src/login-common/login-settings.c
+===================================================================
+--- dovecot.orig/src/login-common/login-settings.c
++++ dovecot/src/login-common/login-settings.c
+@@ -51,7 +51,7 @@ static const struct setting_define login
+ static const struct login_settings login_default_settings = {
+ .login_trusted_networks = "",
+ .login_source_ips = "",
+- .login_greeting = PACKAGE_NAME" ready.",
++ .login_greeting = DOVECOT_NAME" ready.",
+ .login_log_format_elements = "user=<%u> method=%m rip=%r lip=%l mpid=%e %c session=<%{session}>",
+ .login_log_format = "%$: %s",
+ .login_access_sockets = "",
+Index: dovecot/src/submission/submission-settings.c
+===================================================================
+--- dovecot.orig/src/submission/submission-settings.c
++++ dovecot/src/submission/submission-settings.c
+@@ -103,7 +103,7 @@ static const struct submission_settings
+
+ .hostname = "",
+
+- .login_greeting = PACKAGE_NAME" ready.",
++ .login_greeting = DOVECOT_NAME" ready.",
+ .login_trusted_networks = "",
+
+ .recipient_delimiter = "+",
diff --git a/debian/patches/fix-mail_plugin_dir-default.patch b/debian/patches/fix-mail_plugin_dir-default.patch
new file mode 100644
index 0000000..19c3d8d
--- /dev/null
+++ b/debian/patches/fix-mail_plugin_dir-default.patch
@@ -0,0 +1,24 @@
+From: Marco Nenciarini <mnencia@debian.org>
+Date: Fri, 16 Sep 2011 00:55:02 +0200
+Subject: fix mail_plugin_dir default
+
+Bug: #624294
+
+Fix mail_plugin_dir default value in conf.d/10-mail.conf
+---
+ doc/example-config/conf.d/10-mail.conf | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/doc/example-config/conf.d/10-mail.conf b/doc/example-config/conf.d/10-mail.conf
+index de48f92..24daa04 100644
+--- a/doc/example-config/conf.d/10-mail.conf
++++ b/doc/example-config/conf.d/10-mail.conf
+@@ -211,7 +211,7 @@ namespace inbox {
+ #auth_socket_path = /var/run/dovecot/auth-userdb
+
+ # Directory where to look up mail plugins.
+-#mail_plugin_dir = /usr/lib/dovecot
++#mail_plugin_dir = /usr/lib/dovecot/modules
+
+ # Space separated list of plugins to load for all services. Plugins specific to
+ # IMAP, LDA, etc. are added to this list in their own .conf files.
diff --git a/debian/patches/mboxlocking.patch b/debian/patches/mboxlocking.patch
new file mode 100644
index 0000000..8920a3a
--- /dev/null
+++ b/debian/patches/mboxlocking.patch
@@ -0,0 +1,60 @@
+From: "Jaldhar H. Vyas" <jaldhar@debian.org>
+Date: Thu, 22 Aug 2013 22:44:48 -0400
+Subject: policy 22.6 compliant mbox write locking
+
+For NFS safety, prefer fcntl to dotlocks.
+Dovecots default is the other way around.
+
+Bug: #720502
+---
+ doc/example-config/conf.d/10-mail.conf | 8 +++++++-
+ src/config/all-settings.c | 2 +-
+ src/lib-storage/index/mbox/mbox-settings.c | 2 +-
+ 3 files changed, 9 insertions(+), 3 deletions(-)
+
+diff --git a/doc/example-config/conf.d/10-mail.conf b/doc/example-config/conf.d/10-mail.conf
+index a69224f..b47235f 100644
+--- a/doc/example-config/conf.d/10-mail.conf
++++ b/doc/example-config/conf.d/10-mail.conf
+@@ -320,8 +320,14 @@ protocol !indexer-worker {
+ # in is important to avoid deadlocks if other MTAs/MUAs are using multiple
+ # locking methods as well. Some operating systems don't allow using some of
+ # them simultaneously.
++#
++# The Debian value for mbox_write_locks differs from upstream Dovecot. It is
++# changed to be compliant with Debian Policy (section 11.6) for NFS safety.
++# Dovecot: mbox_write_locks = dotlock fcntl
++# Debian: mbox_write_locks = fcntl dotlock
++#
+ #mbox_read_locks = fcntl
+-#mbox_write_locks = dotlock fcntl
++#mbox_write_locks = fcntl dotlock
+
+ # Maximum time to wait for lock (all of them) before aborting.
+ #mbox_lock_timeout = 5 mins
+diff --git a/src/config/all-settings.c b/src/config/all-settings.c
+index 391da6d..231100f 100644
+--- a/src/config/all-settings.c
++++ b/src/config/all-settings.c
+@@ -1239,7 +1239,7 @@ static const struct setting_define mbox_setting_defines[] = {
+ };
+ static const struct mbox_settings mbox_default_settings = {
+ .mbox_read_locks = "fcntl",
+- .mbox_write_locks = "dotlock fcntl",
++ .mbox_write_locks = "fcntl dotlock",
+ .mbox_lock_timeout = 5*60,
+ .mbox_dotlock_change_timeout = 2*60,
+ .mbox_min_index_size = 0,
+diff --git a/src/lib-storage/index/mbox/mbox-settings.c b/src/lib-storage/index/mbox/mbox-settings.c
+index 1df2452..b4eb520 100644
+--- a/src/lib-storage/index/mbox/mbox-settings.c
++++ b/src/lib-storage/index/mbox/mbox-settings.c
+@@ -27,7 +27,7 @@ static const struct setting_define mbox_setting_defines[] = {
+
+ static const struct mbox_settings mbox_default_settings = {
+ .mbox_read_locks = "fcntl",
+- .mbox_write_locks = "dotlock fcntl",
++ .mbox_write_locks = "fcntl dotlock",
+ .mbox_lock_timeout = 5*60,
+ .mbox_dotlock_change_timeout = 2*60,
+ .mbox_min_index_size = 0,
diff --git a/debian/patches/md4-md5-disable-optimization-causing-unaligned-access.patch b/debian/patches/md4-md5-disable-optimization-causing-unaligned-access.patch
new file mode 100644
index 0000000..1582b9e
--- /dev/null
+++ b/debian/patches/md4-md5-disable-optimization-causing-unaligned-access.patch
@@ -0,0 +1,51 @@
+From: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com>
+Date: Tue, 7 Dec 2021 13:01:10 +0100
+Subject: md4/md5: disable optimization causing unaligned access
+
+This restores unit tests with GCC 11 and LTO.
+
+ md5.c:92:23: warning: cast from 'const unsigned char *' to 'const uint32_t *' (aka 'const unsigned int *') increases required alignment from 1 to 4 [-Wcast-align]
+ STEP(F, a, b, c, d, SET(0), 0xd76aa478, 7)
+ ~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~
+ md5.c:51:4: note: expanded from macro 'SET'
+ (*(const uint32_t *)&ptr[(n) * 4])
+ ^
+ md5.c:37:29: note: expanded from macro 'STEP'
+ (a) += f((b), (c), (d)) + (x) + (t); \
+ ^
+
+ md5.c:92:3: runtime error: load of misaligned address 0x61900000008b for type 'const uint32_t' (aka 'const unsigned int'), which requires 4 byte alignment
+ 0x61900000008b: note: pointer points here
+ 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
+ ^
+---
+ src/lib/md4.c | 2 +-
+ src/lib/md5.c | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/lib/md4.c b/src/lib/md4.c
+index 06e3231..798292a 100644
+--- a/src/lib/md4.c
++++ b/src/lib/md4.c
+@@ -42,7 +42,7 @@
+ * memory accesses is just an optimization. Nothing will break if it
+ * doesn't work.
+ */
+-#if defined(__i386__) || defined(__x86_64__) || defined(__vax__)
++#if 0 //defined(__i386__) || defined(__x86_64__) || defined(__vax__)
+ /* uint_fast32_t might be 64 bit, and thus may read 4 more bytes
+ * beyond the end of the buffer. So only read precisely 32 bits
+ */
+diff --git a/src/lib/md5.c b/src/lib/md5.c
+index 6b5da6c..c605639 100644
+--- a/src/lib/md5.c
++++ b/src/lib/md5.c
+@@ -46,7 +46,7 @@
+ * memory accesses is just an optimization. Nothing will break if it
+ * doesn't work.
+ */
+-#if defined(__i386__) || defined(__x86_64__) || defined(__vax__)
++#if 0 //defined(__i386__) || defined(__x86_64__) || defined(__vax__)
+ #define SET(n) \
+ (*(const uint32_t *)&ptr[(n) * 4])
+ #define GET(n) \
diff --git a/debian/patches/series b/debian/patches/series
new file mode 100644
index 0000000..3318c1a
--- /dev/null
+++ b/debian/patches/series
@@ -0,0 +1,25 @@
+split-protocols.patch
+fix-mail_plugin_dir-default.patch
+ssl-cert-location.patch
+tcpwrapper.patch
+default-mail_location.patch
+mboxlocking.patch
+dovecot_name.patch
+ssl-dh-params-location.patch
+skip-rfc-subdir.patch
+Correct-misspellings.patch
+test-backtrace.patch
+doveadm-director.1-drop-acute-accent.patch
+Fix-32bit-sign-comparisons.patch
+Improve-cross-compile-support.patch
+Silence-LTO-related-compiler-warning.patch
+md4-md5-disable-optimization-causing-unaligned-access.patch
+Support-openssl-3.0.patch
+Debug-flaky-unit-test.patch
+Avoid-usage-of-PATH_MAX-not-available-on-hurd.patch
+auth-Fix-handling-passdbs-with-identical-driver-args-but-.patch
+auth-Add-a-comment-about-updating-userdb_find.patch
+Fix-uninitialized-read-in-doveadm-oldstats.patch
+Use-_FORTIFY_SOURCE-level-3.patch
+Cleanup-temporary-build-files.patch
+Silence-prototype-conflicts.patch
diff --git a/debian/patches/skip-rfc-subdir.patch b/debian/patches/skip-rfc-subdir.patch
new file mode 100644
index 0000000..34dfc68
--- /dev/null
+++ b/debian/patches/skip-rfc-subdir.patch
@@ -0,0 +1,47 @@
+From: Noah Meyerhans <noahm@debian.org>
+Date: Thu, 21 May 2020 21:48:59 -0700
+Subject: Don't try to build doc/rfc subdir components
+
+Forwarded: no (Debian-specific)
+---
+ pigeonhole/configure.ac | 1 -
+ pigeonhole/doc/Makefile.am | 1 -
+ pigeonhole/doc/Makefile.in | 1 -
+ 3 files changed, 3 deletions(-)
+
+diff --git a/pigeonhole/configure.ac b/pigeonhole/configure.ac
+index 227746a..38671ed 100644
+--- a/pigeonhole/configure.ac
++++ b/pigeonhole/configure.ac
+@@ -176,7 +176,6 @@ doc/Makefile
+ doc/man/Makefile
+ doc/example-config/Makefile
+ doc/example-config/conf.d/Makefile
+-doc/rfc/Makefile
+ doc/extensions/Makefile
+ doc/locations/Makefile
+ doc/plugins/Makefile
+diff --git a/pigeonhole/doc/Makefile.am b/pigeonhole/doc/Makefile.am
+index 5131ece..258c135 100644
+--- a/pigeonhole/doc/Makefile.am
++++ b/pigeonhole/doc/Makefile.am
+@@ -1,7 +1,6 @@
+ SUBDIRS = \
+ man \
+ example-config \
+- rfc \
+ extensions \
+ locations \
+ plugins
+diff --git a/pigeonhole/doc/Makefile.in b/pigeonhole/doc/Makefile.in
+index bf2b89c..a849848 100644
+--- a/pigeonhole/doc/Makefile.in
++++ b/pigeonhole/doc/Makefile.in
+@@ -404,7 +404,6 @@ top_srcdir = @top_srcdir@
+ SUBDIRS = \
+ man \
+ example-config \
+- rfc \
+ extensions \
+ locations \
+ plugins
diff --git a/debian/patches/split-protocols.patch b/debian/patches/split-protocols.patch
new file mode 100644
index 0000000..4d48d5c
--- /dev/null
+++ b/debian/patches/split-protocols.patch
@@ -0,0 +1,56 @@
+From: Marco Nenciarini <mnencia@debian.org>
+Date: Sat, 5 Mar 2011 11:19:07 +0100
+Subject: split-protocols
+
+Updated: Mon, 25 Nov 2013 20:11:59 -0500
+Forwarded: no (Debian-specific)
+
+Set default protocols value as empty and enable each
+protocol in its own configuration file
+---
+ doc/example-config/dovecot.conf | 4 ++--
+ src/config/all-settings.c | 2 +-
+ src/master/master-settings.c | 2 +-
+ 3 files changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/doc/example-config/dovecot.conf b/doc/example-config/dovecot.conf
+index b67e9eb..7e9953f 100644
+--- a/doc/example-config/dovecot.conf
++++ b/doc/example-config/dovecot.conf
+@@ -20,8 +20,8 @@
+ # options. The paths listed here are for configure --prefix=/usr
+ # --sysconfdir=/etc --localstatedir=/var
+
+-# Protocols we want to be serving.
+-#protocols = imap pop3 lmtp submission
++# Enable installed protocols
++!include_try /usr/share/dovecot/protocols.d/*.protocol
+
+ # A comma separated list of IPs or hosts where to listen in for connections.
+ # "*" listens in all IPv4 interfaces, "::" listens in all IPv6 interfaces.
+diff --git a/src/config/all-settings.c b/src/config/all-settings.c
+index a76242c..fbac595 100644
+--- a/src/config/all-settings.c
++++ b/src/config/all-settings.c
+@@ -4100,7 +4100,7 @@ struct master_settings master_default_settings = {
+ .state_dir = PKG_STATEDIR,
+ .libexec_dir = PKG_LIBEXECDIR,
+ .instance_name = PACKAGE,
+- .protocols = "imap pop3 lmtp",
++ .protocols = "",
+ .listen = "*, ::",
+ .ssl = "yes:no:required",
+ .default_internal_user = "dovecot",
+diff --git a/src/master/master-settings.c b/src/master/master-settings.c
+index 7cfaa35..48a9121 100644
+--- a/src/master/master-settings.c
++++ b/src/master/master-settings.c
+@@ -207,7 +207,7 @@ static const struct master_settings master_default_settings = {
+ .state_dir = PKG_STATEDIR,
+ .libexec_dir = PKG_LIBEXECDIR,
+ .instance_name = PACKAGE,
+- .protocols = "imap pop3 lmtp",
++ .protocols = "",
+ .listen = "*, ::",
+ .ssl = "yes:no:required",
+ .default_internal_user = "dovecot",
diff --git a/debian/patches/ssl-cert-location.patch b/debian/patches/ssl-cert-location.patch
new file mode 100644
index 0000000..446dd87
--- /dev/null
+++ b/debian/patches/ssl-cert-location.patch
@@ -0,0 +1,73 @@
+From: "Jaldhar H. Vyas" <jaldhar@debian.org>
+Date: Tue, 25 Sep 2012 01:12:07 -0400
+Subject: SSL cert location
+
+Last-Update: Sun, 30 Nov 2014 23:59:07 -0500
+Bug: #608719
+
+Move dovecots generated X.509 certificate out of /etc/ssl where
+it doesn't belong.
+---
+ doc/example-config/conf.d/10-ssl.conf | 7 ++++---
+ doc/mkcert.sh | 10 +++++-----
+ 2 files changed, 9 insertions(+), 8 deletions(-)
+
+diff --git a/doc/example-config/conf.d/10-ssl.conf b/doc/example-config/conf.d/10-ssl.conf
+index ad84766..4867a07 100644
+--- a/doc/example-config/conf.d/10-ssl.conf
++++ b/doc/example-config/conf.d/10-ssl.conf
+@@ -3,14 +3,14 @@
+ ##
+
+ # SSL/TLS support: yes, no, required. <doc/wiki/SSL.txt>
+-#ssl = yes
++ssl = yes
+
+ # PEM encoded X.509 SSL/TLS certificate and private key. They're opened before
+ # dropping root privileges, so keep the key file unreadable by anyone but
+ # root. Included doc/mkcert.sh can be used to easily generate self-signed
+ # certificate, just make sure to update the domains in dovecot-openssl.cnf
+-ssl_cert = </etc/ssl/certs/dovecot.pem
+-ssl_key = </etc/ssl/private/dovecot.pem
++ssl_cert = </etc/dovecot/private/dovecot.pem
++ssl_key = </etc/dovecot/private/dovecot.key
+
+ # If key file is password protected, give the password here. Alternatively
+ # give it when starting dovecot with -p parameter. Since this file is often
+@@ -33,6 +33,7 @@ ssl_key = </etc/ssl/private/dovecot.pem
+ # RedHat-based systems. Note that ssl_client_ca_file isn't recommended with
+ # large CA bundles, because it leads to excessive memory usage.
+ #ssl_client_ca_dir =
++ssl_client_ca_dir = /etc/ssl/certs
+ #ssl_client_ca_file =
+
+ # Require valid cert when connecting to a remote server
+diff --git a/doc/mkcert.sh b/doc/mkcert.sh
+index f7e484c..efcf85e 100644
+--- a/doc/mkcert.sh
++++ b/doc/mkcert.sh
+@@ -8,19 +8,19 @@ OPENSSL=${OPENSSL-openssl}
+ SSLDIR=${SSLDIR-/etc/ssl}
+ OPENSSLCONFIG=${OPENSSLCONFIG-dovecot-openssl.cnf}
+
+-CERTDIR=$SSLDIR/certs
+-KEYDIR=$SSLDIR/private
++CERTDIR=/etc/dovecot/ssl
++KEYDIR=/etc/dovecot/ssl
+
+ CERTFILE=$CERTDIR/dovecot.pem
+-KEYFILE=$KEYDIR/dovecot.pem
++KEYFILE=$KEYDIR/dovecot.key
+
+ if [ ! -d $CERTDIR ]; then
+- echo "$SSLDIR/certs directory doesn't exist"
++ echo "$CERTDIR directory doesn't exist"
+ exit 1
+ fi
+
+ if [ ! -d $KEYDIR ]; then
+- echo "$SSLDIR/private directory doesn't exist"
++ echo "$KEYDIR directory doesn't exist"
+ exit 1
+ fi
+
diff --git a/debian/patches/ssl-dh-params-location.patch b/debian/patches/ssl-dh-params-location.patch
new file mode 100644
index 0000000..10589ea
--- /dev/null
+++ b/debian/patches/ssl-dh-params-location.patch
@@ -0,0 +1,24 @@
+From: Apollon Oikonomopoulos <apoikos@debian.org>
+Date: Sat, 24 Mar 2018 00:24:55 +0200
+Subject: Set DH params location
+
+Forwarded: not-needed
+
+This is mandatory for SSL support in 2.3
+---
+ doc/example-config/conf.d/10-ssl.conf | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/doc/example-config/conf.d/10-ssl.conf b/doc/example-config/conf.d/10-ssl.conf
+index 4867a07..c4502fc 100644
+--- a/doc/example-config/conf.d/10-ssl.conf
++++ b/doc/example-config/conf.d/10-ssl.conf
+@@ -52,7 +52,7 @@ ssl_client_ca_dir = /etc/ssl/certs
+ # Generate new params with `openssl dhparam -out /etc/dovecot/dh.pem 4096`
+ # Or migrate from old ssl-parameters.dat file with the command dovecot
+ # gives on startup when ssl_dh is unset.
+-#ssl_dh = </etc/dovecot/dh.pem
++ssl_dh = </usr/share/dovecot/dh.pem
+
+ # Minimum SSL protocol version to use. Potentially recognized values are SSLv3,
+ # TLSv1, TLSv1.1, TLSv1.2 and TLSv1.3, depending on the OpenSSL version used.
diff --git a/debian/patches/tcpwrapper.patch b/debian/patches/tcpwrapper.patch
new file mode 100644
index 0000000..f58a282
--- /dev/null
+++ b/debian/patches/tcpwrapper.patch
@@ -0,0 +1,45 @@
+From: Joerg Dorchain <joerg@dorchain.net>
+Date: Sun, 26 Aug 2012 10:10:28 +0200
+Subject: Add TCP wrapper support
+
+Bug: #685850
+
+Configuration file for TCP wrapper support.
+---
+ doc/example-config/conf.d/10-tcpwrapper.conf | 14 ++++++++++++++
+ doc/example-config/conf.d/Makefile.am | 1 +
+ 2 files changed, 15 insertions(+)
+ create mode 100644 doc/example-config/conf.d/10-tcpwrapper.conf
+
+diff --git a/doc/example-config/conf.d/10-tcpwrapper.conf b/doc/example-config/conf.d/10-tcpwrapper.conf
+new file mode 100644
+index 0000000..b237d96
+--- /dev/null
++++ b/doc/example-config/conf.d/10-tcpwrapper.conf
+@@ -0,0 +1,14 @@
++# 10-tcpwrapper.conf
++#
++# service name for hosts.{allow|deny} are those defined as
++# inet_listener in master.conf
++#
++#login_access_sockets = tcpwrap
++#
++#service tcpwrap {
++# unix_listener login/tcpwrap {
++# group = $default_login_user
++# mode = 0600
++# user = $default_login_user
++# }
++#}
+diff --git a/doc/example-config/conf.d/Makefile.am b/doc/example-config/conf.d/Makefile.am
+index 1950fd5..b78c21a 100644
+--- a/doc/example-config/conf.d/Makefile.am
++++ b/doc/example-config/conf.d/Makefile.am
+@@ -18,6 +18,7 @@ example_DATA = \
+ 10-master.conf \
+ 10-metrics.conf \
+ 10-ssl.conf \
++ 10-tcpwrapper.conf \
+ 15-lda.conf \
+ 15-mailboxes.conf \
+ 20-imap.conf \
diff --git a/debian/patches/test-backtrace.patch b/debian/patches/test-backtrace.patch
new file mode 100644
index 0000000..e0a921b
--- /dev/null
+++ b/debian/patches/test-backtrace.patch
@@ -0,0 +1,53 @@
+From: Noah Meyerhans <noahm@debian.org>
+Date: Fri, 12 Jun 2020 16:51:06 -0700
+Subject: Updates the symbol to check for in the backtrace unit tests
+
+Updates the symbol to check for in the backtrace unit tests to
+something that appears in all the traces on the platforms we support.
+
+Also dump the actual backtrace for debugging buildd failures.
+---
+ src/lib/test-backtrace.c | 12 +++++++-----
+ 1 file changed, 7 insertions(+), 5 deletions(-)
+
+diff --git a/src/lib/test-backtrace.c b/src/lib/test-backtrace.c
+index fdebe0f..78492c7 100644
+--- a/src/lib/test-backtrace.c
++++ b/src/lib/test-backtrace.c
+@@ -11,14 +11,15 @@ static void test_backtrace_append(void)
+ /* Check that there's a usable function in the backtrace.
+ Note that this function may be inlined, so don't check for
+ test_backtrace_get() */
++ i_debug("backtrace: '%s'", str_c(bt));
+ test_assert(strstr(str_c(bt), "test_backtrace") != NULL);
+ /* make sure the backtrace_append is not */
+ test_assert(strstr(str_c(bt), " backtrace_append") == NULL);
+ #elif (defined(HAVE_BACKTRACE_SYMBOLS) && defined(HAVE_EXECINFO_H)) || \
+ (defined(HAVE_WALKCONTEXT) && defined(HAVE_UCONTEXT_H))
+ test_assert(backtrace_append(bt) == 0);
+- /* it should have some kind of main in it */
+- test_assert(strstr(str_c(bt), "main") != NULL);
++ i_debug("backtrace: '%s'", str_c(bt));
++ test_assert(strstr(str_c(bt), "test_backtrace_append") != NULL || strstr(str_c(bt), "main") != NULL);
+ #else
+ /* should not work in this context */
+ test_assert(backtrace_append(bt) == -1);
+@@ -35,14 +36,15 @@ static void test_backtrace_get(void)
+ /* Check that there's a usable function in the backtrace.
+ Note that this function may be inlined, so don't check for
+ test_backtrace_get() */
+- test_assert(strstr(bt, "test_backtrace") != NULL);
++ i_debug("backtrace: '%s'", bt);
++ test_assert(strstr(bt, "test_backtrace") != NULL);
+ /* make sure the backtrace_get is not */
+ test_assert(strstr(bt, " backtrace_get") == NULL);
+ #elif (defined(HAVE_BACKTRACE_SYMBOLS) && defined(HAVE_EXECINFO_H)) || \
+ (defined(HAVE_WALKCONTEXT) && defined(HAVE_UCONTEXT_H))
+ test_assert(backtrace_get(&bt) == 0);
+- /* it should have some kind of main in it */
+- test_assert(strstr(bt, "main") != NULL);
++ i_debug("backtrace: '%s'", bt);
++ test_assert(strstr(bt, "test_backtrace_get") != NULL || strstr(bt, "main") != NULL);
+ #else
+ /* should not work in this context */
+ test_assert(backtrace_get(&bt) == -1);
diff --git a/debian/po/nl.po b/debian/po/nl.po
new file mode 100644
index 0000000..e5c0446
--- /dev/null
+++ b/debian/po/nl.po
@@ -0,0 +1,102 @@
+# Dutch translation of dovecot debconf templates.
+# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER
+# This file is distributed under the same license as the dovecot package.
+# Frans Spiesschaert <Frans.Spiesschaert@yucom.be>, 2014.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: dovecot\n"
+"Report-Msgid-Bugs-To: dovecot@packages.debian.org\n"
+"POT-Creation-Date: 2013-11-07 07:06+0100\n"
+"PO-Revision-Date: 2014-10-04 22:25+0200\n"
+"Last-Translator: Frans Spiesschaert <Frans.Spiesschaert@yucom.be>\n"
+"Language-Team: Debian Dutch l10n Team <debian-l10n-dutch@lists.debian.org>\n"
+"Language: nl\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+
+#. Type: error
+#. Description
+#: ../dovecot-core.templates:2001
+msgid "Wrong location for SSL certificates"
+msgstr "De SSL-certificaten staan op een verkeerde plaats"
+
+#. Type: error
+#. Description
+#: ../dovecot-core.templates:2001
+msgid ""
+"This machine uses SSL certificates for Dovecot. These certificates should be "
+"moved from /etc/ssl to /etc/dovecot and Dovecot's configuration file (/etc/"
+"dovecot/conf.d/10-ssl.conf) should be updated accordingly."
+msgstr ""
+"Deze computer gebruikt SSL-certificaten voor Dovecot. Deze certificaten "
+"moeten verplaatst worden van /etc/ssl naar /etc/dovecot en het "
+"configuratiebestand van Dovecot (/etc/dovecot/conf.d/10-ssl.conf) moet in "
+"die zin aangepast worden."
+
+#. Type: error
+#. Description
+#: ../dovecot-core.templates:2001
+msgid "Please read /usr/share/doc/dovecot-core/README.Debian.gz for details."
+msgstr ""
+"Raadpleeg /usr/share/doc/dovecot-core/README.Debian.gz voor de details."
+
+#. Type: boolean
+#. Description
+#: ../dovecot-core.templates:3001
+msgid "Create a self-signed SSL certificate?"
+msgstr "Een door uzelf ondertekend SSL-certificaat aanmaken?"
+
+#. Type: boolean
+#. Description
+#: ../dovecot-core.templates:3001
+msgid ""
+"An SSL certificate is needed in order to use IMAP or POP3 over SSL/TLS. No "
+"such certificate was found."
+msgstr ""
+"U heeft een SSL-certificaat nodig om IMAP of POP3 over SSL/TLS te kunnen "
+"gebruiken. Een dergelijk certificaat werd niet gevonden."
+
+#. Type: boolean
+#. Description
+#: ../dovecot-core.templates:3001
+msgid ""
+"Please choose whether you want to create one now. This will then be a self-"
+"signed certificate."
+msgstr ""
+"Geef aan of u nu een dergelijk certificaat wilt aanmaken. In dat geval zal "
+"het een door uzelf ondertekend certificaat zijn."
+
+#. Type: boolean
+#. Description
+#: ../dovecot-core.templates:3001
+msgid ""
+"If you choose not to create a certificate, please adapt Dovecot's "
+"configuration file (/etc/dovecot/conf.d/10-ssl.conf)."
+msgstr ""
+"Indien u ervoor kiest om geen certificaat aan te maken, dan moet u het "
+"configuratiebestand van Dovecot (/etc/dovecot/conf.d/10-ssl.conf) wijzigen."
+
+#. Type: string
+#. Description
+#: ../dovecot-core.templates:4001
+msgid "Host name:"
+msgstr "Computernaam"
+
+#. Type: string
+#. Description
+#: ../dovecot-core.templates:4001
+msgid "Please enter the host name to use in the SSL certificate."
+msgstr ""
+"Geef aan welke computernaam gebruikt moet worden in het SSL-certificaat."
+
+#. Type: string
+#. Description
+#: ../dovecot-core.templates:4001
+msgid ""
+"It will become the \"commonName\" field of the generated SSL certificate."
+msgstr ""
+"Die komt terecht in het veld \"commonName\" van het SSL-certificaat dat "
+"aangemaakt wordt."
diff --git a/debian/rules b/debian/rules
new file mode 100755
index 0000000..80c87e8
--- /dev/null
+++ b/debian/rules
@@ -0,0 +1,219 @@
+#!/usr/bin/make -f
+
+# Uncomment this to turn on verbose mode.
+#export DH_VERBOSE=1
+
+SHELL=/bin/bash -O extglob
+PIGEONHOLE_DIR=$(CURDIR)/pigeonhole
+
+export DEB_BUILD_MAINT_OPTIONS=hardening=+all optimize=+lto
+
+# LP: 1636781 - strip incompatible default linker option
+ifeq ($(shell dpkg-vendor --derives-from Ubuntu && echo yes),yes)
+ export DEB_LDFLAGS_MAINT_STRIP = -Wl,-Bsymbolic-functions
+endif
+
+DOV_DEB_CFLAGS=
+DOV_DEB_CXXFLAGS=
+DOV_DEB_LDFLAGS=
+
+# Ensure that stacktrace generation works:
+DOV_DEB_LDFLAGS += -rdynamic
+include /usr/share/dpkg/architecture.mk
+ifneq ($(filter armel armhf hppa mips64el mipsel riscv64 sparc64, $(DEB_HOST_ARCH)),)
+ DOV_DEB_CFLAGS += -funwind-tables
+ DOV_DEB_CXXFLAGS += -funwind-tables
+endif
+
+# Extra hardening flags
+DOV_DEB_CFLAGS += -fstack-clash-protection
+DOV_DEB_CXXFLAGS += -fstack-clash-protection
+DOV_DEB_LDFLAGS += -fstack-clash-protection
+
+
+export DEB_CFLAGS_MAINT_APPEND = $(DOV_DEB_CFLAGS)
+export DEB_CXXFLAGS_MAINT_APPEND = $(DOV_DEB_CXXFLAGS)
+export DEB_LDFLAGS_MAINT_APPEND = $(DOV_DEB_LDFLAGS)
+
+
+ifeq ($(DEB_HOST_ARCH_OS),linux)
+ CONFIGURE_APPARMOR = --with-apparmor
+endif
+
+# Macros to help move files to the module packages
+CORE_DIR=$(CURDIR)/debian/dovecot-core
+PKG_DIR=$(CURDIR)/debian/dovecot-PKG
+MOVE=install -d $(PKG_DIR:PKG=$(2))/$(dir $(1)); mv $(CORE_DIR)/$(1) $(PKG_DIR:PKG=$(2))/$(dir $(1));
+
+# Files to move from dovecot-core to the individual packages. Files added to
+# <addon>_files will be automatically moved from dovecot's tree to the
+# respective package.
+auth-lua_files = usr/lib/dovecot/modules/auth/libauthdb_lua.so
+
+imapd_files = usr/lib/dovecot/imap* \
+ usr/lib/dovecot/modules/lib??_imap_!(*sieve*) \
+ usr/share/dovecot/conf.d/??-imap*
+
+pop3d_files = usr/lib/dovecot/pop3* \
+ usr/share/dovecot/conf.d/??-pop3*
+
+lmtpd_files = usr/lib/dovecot/lmtp* \
+ usr/share/dovecot/conf.d/??-lmtp*
+
+managesieved_files = usr/lib/dovecot/managesieve* \
+ usr/lib/dovecot/modules/settings/libmanagesieve*
+
+submissiond_files = usr/lib/dovecot/submission* \
+ usr/share/dovecot/conf.d/??-submission.conf
+
+pgsql_files = usr/lib/dovecot/modules/auth/libdriver_pgsql* \
+ usr/lib/dovecot/modules/dict/libdriver_pgsql* \
+ usr/lib/dovecot/modules/libdriver_pgsql*
+
+mysql_files = usr/lib/dovecot/modules/auth/libdriver_mysql* \
+ usr/lib/dovecot/modules/dict/libdriver_mysql* \
+ usr/lib/dovecot/modules/libdriver_mysql*
+
+sqlite_files = usr/lib/dovecot/modules/auth/libdriver_sqlite* \
+ usr/lib/dovecot/modules/dict/libdriver_sqlite* \
+ usr/lib/dovecot/modules/libdriver_sqlite*
+
+gssapi_files = usr/lib/dovecot/modules/auth/libmech_gssapi*
+
+ldap_files = usr/lib/dovecot/modules/auth/libauthdb_ldap* \
+ usr/lib/dovecot/modules/dict/libdict_ldap* \
+ usr/lib/dovecot/libdovecot-ldap* \
+ usr/share/dovecot/*-ldap.conf.ext \
+ usr/share/dovecot/conf.d/*-ldap.conf.ext
+
+sieve_files = usr/bin/sieve* \
+ usr/lib/dovecot/modules/lib??_sieve* \
+ usr/lib/dovecot/modules/lib??_imap_*sieve* \
+ usr/lib/dovecot/modules/doveadm/lib??_doveadm_sieve* \
+ usr/lib/dovecot/modules/sieve \
+ usr/lib/dovecot/libdovecot-sieve* \
+ usr/share/man/man1/sieve*
+
+solr_files = usr/lib/dovecot/modules/lib??_fts_solr_*
+
+dev_files = usr/include/* \
+ usr/lib/dovecot/dovecot-config \
+ usr/share/aclocal/*.m4
+
+%:
+ dh $@
+
+override_dh_autoreconf:
+ dh_autoreconf debian/autogen.sh
+
+override_dh_auto_configure:
+ KRB5CONFIG=krb5-config.mit systemdsystemunitdir=/lib/systemd/system dh_auto_configure -- \
+ --with-ldap=plugin \
+ --with-ssl=openssl \
+ --with-sql=plugin \
+ --with-pgsql \
+ --with-mysql \
+ --with-sqlite \
+ --with-gssapi=plugin \
+ --with-solr \
+ --with-ioloop=best \
+ --with-icu \
+ --with-libwrap \
+ --without-lucene \
+ $(CONFIGURE_APPARMOR) \
+ --with-lz4 \
+ --with-lua=plugin \
+ --with-sodium \
+ --libdir=\$${prefix}/lib \
+ --libexecdir=\$${prefix}/lib \
+ --docdir=\$${prefix}/share/doc/dovecot-core \
+ --with-moduledir=\$${prefix}/lib/dovecot/modules \
+ --with-rundir=/run/dovecot \
+ --disable-rpath \
+ --disable-static
+
+ $(MAKE) dovecot-config
+ # remove unreproducible '-ffile-prefix-map=/build/1st/dovecot-2.3.10.1+dfsg1=.'
+ # '-fdebug-prefix-map=/build/dovecot-O55xqn/dovecot-2.3.10.1+dfsg1=.'
+ sed -i 's/\s\+-ffile-prefix-map=\S\+=.\s\+/ /g' dovecot-config
+ sed -i 's/\s\+-fdebug-prefix-map=\S\+=.\s\+/ /g' dovecot-config
+
+ # Pigeonhole
+ touch $(PIGEONHOLE_DIR)/stamp.h.in
+ dh_auto_configure -D $(PIGEONHOLE_DIR) -- \
+ --with-dovecot=../ \
+ --libdir=\$${prefix}/lib \
+ --libexecdir=\$${prefix}/lib \
+ --disable-static
+
+override_dh_auto_build:
+ # Remove all-settings.c and let it be re-generated from the (patched)
+ # component settings files.
+ rm -f src/config/all-settings.c
+ dh_auto_build
+ dh_auto_build -D $(PIGEONHOLE_DIR)
+
+override_dh_auto_clean:
+ dh_auto_clean
+ dh_auto_clean -D $(PIGEONHOLE_DIR)
+
+override_dh_auto_install:
+ # Install everything under dovecot-core
+ $(MAKE) install DESTDIR=$(CORE_DIR)
+ $(MAKE) -C $(PIGEONHOLE_DIR) install DESTDIR=$(CORE_DIR)
+ rm `find $(CURDIR)/debian -name '*.la'`
+ rm $(CORE_DIR)/etc/dovecot/README
+ rm $(CORE_DIR)/usr/lib/dovecot/decode2text.sh
+
+override_dh_install:
+ # dh_auto_install has installed everything in the dovecot-core package.
+ # Run dh_install to install additional files from the source directory
+ # or debian/ to the individual packages. NOTE: there is nothing in
+ # debian/tmp!
+ dh_install
+ install -D -o root -g root -m 0755 $(CORE_DIR)/usr/share/doc/dovecot-core/mkcert.sh \
+ $(CORE_DIR)/usr/share/dovecot/mkcert.sh
+ rm $(CORE_DIR)/usr/share/doc/dovecot-core/mkcert.sh
+ rm $(CORE_DIR)/usr/share/doc/dovecot-core/dovecot-openssl.cnf
+ rm $(CORE_DIR)/usr/share/doc/dovecot-core/solr-schema.xml
+ rm -rf $(CORE_DIR)/usr/share/doc/dovecot-core/example-config
+
+ $(foreach package,$(patsubst dovecot-%,%,$(shell dh_listpackages)),\
+ $(foreach file,$($(package)_files),\
+ $(call MOVE,$(file),$(package))))
+
+ rmdir $(CORE_DIR)/usr/include
+ rmdir $(CORE_DIR)/usr/share/aclocal
+ install -d $(PKG_DIR:PKG=dev)/usr/share/dovecot
+ grep ABI_VERSION config.h \
+ | perl -ne '/"(.+)\(.+\)"/ && print $$1' \
+ | tr '[A-Z]' '[a-z]' > $(PKG_DIR:PKG=dev)/usr/share/dovecot/dovecot-abi
+
+ # Install apport hook
+ install -D -m 644 debian/source_dovecot.py $(CURDIR)/debian/dovecot-core/usr/share/apport/package-hooks/dovecot-core.py
+
+ install -D -m644 debian/dovecot-imapd.ufw.profile debian/dovecot-imapd/etc/ufw/applications.d/dovecot-imapd
+ install -D -m644 debian/dovecot-pop3d.ufw.profile debian/dovecot-pop3d/etc/ufw/applications.d/dovecot-pop3d
+
+override_dh_installpam:
+ dh_installpam -pdovecot-core --name=dovecot
+
+override_dh_installinit:
+ dh_installinit -pdovecot-core --name=dovecot -u"defaults 20"
+
+override_dh_installsystemd:
+ dh_installsystemd -pdovecot-core dovecot.service
+ dh_installsystemd -pdovecot-core --no-enable dovecot.socket
+
+override_dh_gencontrol:
+ dh_gencontrol -- -Vdovecot:ABI-Version=$(shell cat $(CURDIR)/debian/dovecot-dev/usr/share/dovecot/dovecot-abi)
+
+override_dh_makeshlibs:
+ # Do not add an ldconfig trigger; none of the dovecot shared libraries
+ # are public.
+ dh_makeshlibs -n
+
+override_dh_installdocs:
+ dh_installdocs
+ cp pigeonhole/README $(CORE_DIR)/usr/share/doc/dovecot-core/pigeonhole.README
+ cp pigeonhole/NEWS $(CORE_DIR)/usr/share/doc/dovecot-core/pigeonhole.NEWS
diff --git a/debian/salsa-ci.yml b/debian/salsa-ci.yml
new file mode 100644
index 0000000..00fbe36
--- /dev/null
+++ b/debian/salsa-ci.yml
@@ -0,0 +1,8 @@
+---
+include:
+ - https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/recipes/debian.yml
+
+# The test suite does not pass reprotest
+variables:
+ SALSA_CI_DISABLE_REPROTEST: 1
+ SALSA_CI_DISABLE_CROSSBUILD_ARM64: 1
diff --git a/debian/source/format b/debian/source/format
new file mode 100644
index 0000000..163aaf8
--- /dev/null
+++ b/debian/source/format
@@ -0,0 +1 @@
+3.0 (quilt)
diff --git a/debian/source/lintian-overrides b/debian/source/lintian-overrides
new file mode 100644
index 0000000..560ac5a
--- /dev/null
+++ b/debian/source/lintian-overrides
@@ -0,0 +1,10 @@
+# ignore long source lines
+dovecot source: very-long-line-length-in-source-file * > 512 [pigeonhole/configure:13685]
+dovecot source: very-long-line-length-in-source-file * > 512 [src/lib-fts/stopwords/stopwords_malformed.txt:105]
+dovecot source: very-long-line-length-in-source-file * > 512 [pigeonhole/tests/execute/errors/cpu-limit.sieve:4]
+dovecot source: very-long-line-length-in-source-file * > 512 [src/plugins/mail-crypt/test-mail-global-key.c:24]
+dovecot source: very-long-line-length-in-source-file * > 512 [dovecot-config.in.in:31]
+dovecot source: very-long-line-length-in-source-file * > 512 [src/lib-fts/udhr_fra.txt:17]
+dovecot source: very-long-line-length-in-source-file * > 512 [src/lib/test-hmac.c:*]
+dovecot source: very-long-line-length-in-source-file * > 512 [pigeonhole/m4/libtool.m4:6621]
+dovecot source: very-long-line-length-in-source-file * > 512 [src/lib-imap/test-imap-bodystructure.c:225]
diff --git a/debian/source_dovecot.py b/debian/source_dovecot.py
new file mode 100644
index 0000000..84fb839
--- /dev/null
+++ b/debian/source_dovecot.py
@@ -0,0 +1,38 @@
+#!/usr/bin/python3
+
+'''Dovecot Apport interface
+
+Copyright (C) 2010 Canonical Ltd/
+Author: Chuck Short <chuck.short@canonical.com>
+
+This program is free software; you can redistribute it and/or modify it
+under the terms of the GNU General Public License as published by the
+Free Software Foundation; either version 2 of the License, or (at your
+option) any later version. See http://www.gnu.org/copyleft/gpl.html for
+the full text of the license.
+'''
+
+from apport.hookutils import *
+
+def add_info(report, ui):
+ response = ui.yesno("The output of dovecot -n may help developers diagnose your bug more quickly, however, it may contain sensitive information. Do you want to include it in your bug report?")
+
+ if response is None: #user canceled
+ raise StopIteration
+
+ elif response:
+ report['DovecotConf'] = root_command_output(['/usr/sbin/dovecot', '-n'])
+
+
+ elif not response:
+ ui.information("The contents of dovecot -n will NOT be includeded in the bug report")
+
+ packages = ['dovecot-common', 'dovecot-core', 'dovecot-dev', 'dovecot-pop3d', 'dovecot-imapd', 'mail-stack-delivery', 'dovecot-postfix']
+ versions = ''
+ for package in packages:
+ try:
+ version = package.get_version(package)
+ except:
+ version = 'N/A'
+ versions += '%s %s\n' %(package, version)
+ report['DovecotInstalledVersions'] = versions
diff --git a/debian/tests/control b/debian/tests/control
new file mode 100644
index 0000000..496cfcc
--- /dev/null
+++ b/debian/tests/control
@@ -0,0 +1,14 @@
+Tests: doveadm
+Depends: dovecot-core
+Restrictions: needs-root
+
+Tests: systemd
+Depends: dovecot-core, systemd-sysv
+
+Test-Command: run-parts --report --exit-on-error debian/tests/usage
+Depends: dovecot-imapd, dovecot-pop3d, python3
+Restrictions: needs-root, breaks-testbed, allow-stderr
+
+Tests: testmails
+Restrictions: needs-root, breaks-testbed
+Depends: dovecot-imapd, dovecot-pop3d, lsb-release, python3, python3-passlib
diff --git a/debian/tests/doveadm b/debian/tests/doveadm
new file mode 100755
index 0000000..9e2bd04
--- /dev/null
+++ b/debian/tests/doveadm
@@ -0,0 +1,7 @@
+#!/bin/sh
+
+set -e
+
+echo "Checking if dovecot is running"
+doveadm -f flow instance list | grep -q 'running=yes'
+echo "OK"
diff --git a/debian/tests/systemd b/debian/tests/systemd
new file mode 100755
index 0000000..48afbf5
--- /dev/null
+++ b/debian/tests/systemd
@@ -0,0 +1,22 @@
+#!/bin/sh
+
+set -e
+
+echo "Checking whether dovecot.service is enabled"
+systemctl is-enabled dovecot.service
+
+echo "Checking whether dovecot.service is a native unit"
+source=$(systemctl show -pSourcePath dovecot.service | cut -d = -f 2)
+if [ -n "$source" ]; then
+ echo $source
+ exit 1
+else
+ echo "OK (no SourcePath found)"
+fi
+
+echo "Checking whether dovecot.socket is inactive"
+status=$(systemctl show -pActiveState dovecot.socket | cut -d = -f 2)
+echo $status
+if [ "$status" != inactive ]; then
+ exit 1
+fi
diff --git a/debian/tests/testmails b/debian/tests/testmails
new file mode 100755
index 0000000..3329809
--- /dev/null
+++ b/debian/tests/testmails
@@ -0,0 +1,256 @@
+#!/usr/bin/python3
+
+import grp
+import imaplib
+import os
+import os.path
+import poplib
+import pwd
+import random
+import string
+import subprocess
+import sys
+import unittest
+
+from passlib.hash import des_crypt
+
+
+def random_string(length):
+ '''Return a random string, consisting of ASCII letters, with given
+ length.'''
+
+ s = ''
+ maxind = len(string.ascii_letters)-1
+ for _ in range(length):
+ s += string.ascii_letters[random.randint(0, maxind)]
+ return s.lower()
+
+
+def login_exists(login):
+ '''Checks whether the given login exists on the system.'''
+
+ try:
+ pwd.getpwnam(login)
+ return True
+ except KeyError:
+ return False
+
+
+def get_distribution():
+ '''Return the name of the Linux Distribution we are running.'''
+ cmd = ['lsb_release', '-si']
+ output = subprocess.check_output(cmd)
+ return output.strip()
+
+
+class TestUser:
+ '''Create a temporary test user and remove it again on close.'''
+
+ def __init__(self):
+ '''Create a new user account with a random password.'''
+
+ self.login = None
+
+ while True:
+ login = random_string(8)
+ if not login_exists(login):
+ break
+
+ self.salt = random_string(2)
+ self.password = random_string(8)
+ self.crypted = des_crypt.using(salt=self.salt).hash(self.password)
+
+ subprocess.check_call(['useradd', '-p', self.crypted, '-m', login])
+
+ self.login = login
+ p = pwd.getpwnam(self.login)
+ self.uid = p[2]
+ self.gid = p[3]
+
+ def __del__(self):
+ '''Remove the created user account.'''
+
+ if self.login:
+ self.close()
+
+ def close(self):
+ '''Remove the created user account.'''
+
+ subprocess.check_call(['userdel', '-f', '-r', self.login])
+ self.login = None
+
+
+class DovecotBasics(unittest.TestCase):
+ '''Base operational tests for Dovecot server.'''
+
+ def setUp(self):
+ '''Create test scenario.
+
+ We want to test the default setup, but pre-setup an mbox on a tmp user
+ '''
+
+ self.distribution = get_distribution()
+ self.user = TestUser()
+
+ # create fresh test mailbox with one new and one old mail
+ self.mailbox = '/var/mail/' + self.user.login
+ self.orig_mbox = '''From test1@test1.com Fri Nov 17 02:21:08 2006
+Date: Thu, 16 Nov 2006 17:12:23 -0800
+From: Test User 1 <test1@test1.com>
+To: Dovecot tester <dovecot@test.com>
+Subject: Test 1
+Status: N
+
+Some really important news.
+
+From test2@test1.com Tue Nov 28 11:29:34 2006
+Date: Tue, 28 Nov 2006 11:29:34 +0100
+From: Test User 2 <test2@test2.com>
+To: Dovecot tester <dovecot@test.com>
+Subject: Test 2
+Status: R
+
+More news.
+
+Get cracking!
+'''
+ with open(self.mailbox, 'w') as f:
+ f.write(self.orig_mbox)
+ os.chown(self.mailbox, self.user.uid, grp.getgrnam('mail')[2])
+ os.chmod(self.mailbox, 0o660)
+
+ def tearDown(self):
+ self.user.close()
+
+ def _test_pop3_proto(self, pop):
+ '''Internal factorization of POP3 protocol checks with an established
+ connection.'''
+
+ # check empty password
+ self.assertEqual(pop.user(self.user.login), b'+OK')
+ self.assertRaises(poplib.error_proto, pop.pass_, '')
+
+ # check wrong password
+ self.assertEqual(pop.user(self.user.login), b'+OK')
+ self.assertRaises(poplib.error_proto, pop.pass_, '123')
+
+ # check correct password
+ self.assertEqual(pop.user(self.user.login), b'+OK')
+ self.assertEqual(pop.pass_(self.user.password), b'+OK Logged in.')
+
+ # check messages
+ self.assertEqual(pop.stat()[0], 2, b'2 available messages')
+ self.assertEqual(pop.list()[1], [b'1 163', b'2 161'])
+ self.assertEqual('\n'.join(l.decode() for l in pop.retr(1)[1]), '''Date: Thu, 16 Nov 2006 17:12:23 -0800
+From: Test User 1 <test1@test1.com>
+To: Dovecot tester <dovecot@test.com>
+Subject: Test 1
+
+Some really important news.''')
+ self.assertEqual('\n'.join(l.decode() for l in pop.retr(2)[1]), '''Date: Tue, 28 Nov 2006 11:29:34 +0100
+From: Test User 2 <test2@test2.com>
+To: Dovecot tester <dovecot@test.com>
+Subject: Test 2
+
+More news.
+
+Get cracking!''')
+
+ self.assertEqual(pop.quit(), b'+OK Logging out.')
+
+ def test_pop3(self):
+ '''Test POP3 protocol.'''
+
+ pop = poplib.POP3('localhost')
+ self.assertEqual(pop.getwelcome(),
+ b'+OK Dovecot (%s) ready.' % self.distribution)
+
+ self._test_pop3_proto(pop)
+
+ def test_pop3s(self):
+ '''Test POP3S protocol.'''
+
+ pop = poplib.POP3_SSL('localhost')
+ self.assertEqual(pop.getwelcome(),
+ b'+OK Dovecot (%s) ready.' % self.distribution)
+
+ self._test_pop3_proto(pop)
+
+ def _test_imap_proto(self, imap):
+ '''Internal factorization of IMAP4 protocol checks with an established
+ connection.'''
+
+ # invalid passwords
+ self.assertRaises(imaplib.IMAP4.error, imap.login,
+ self.user.login, '')
+ self.assertRaises(imaplib.IMAP4.error, imap.login,
+ self.user.login, '123')
+
+ # correct password
+ imap.login(self.user.login, self.user.password)
+
+ # list mailboxes
+ status, imlist = imap.list()
+ self.assertEqual(status, 'OK')
+ self.assertTrue(imlist[0].decode().endswith('INBOX'))
+
+ # check mails
+ imap.select()
+ self.assertEqual(imap.search(None, 'ALL'), ('OK', [b'1 2']))
+ self.assertEqual(imap.fetch('1', '(FLAGS)'),
+ ('OK', [b'1 (FLAGS (\\Recent))']))
+ self.assertEqual(imap.fetch('2', '(FLAGS)'),
+ ('OK', [b'2 (FLAGS (\\Seen \\Recent))']))
+ self.assertEqual(imap.fetch('1', '(BODY[TEXT])')[1][0][1],
+ b'Some really important news.\r\n')
+ self.assertEqual(imap.fetch('2', '(BODY[TEXT])')[1][0][1],
+ b'More news.\r\n\r\nGet cracking!')
+
+ self.assertEqual(imap.fetch('1', '(RFC822)')[1],
+ [(b'1 (RFC822 {163}',
+ b'''Date: Thu, 16 Nov 2006 17:12:23 -0800\r
+From: Test User 1 <test1@test1.com>\r
+To: Dovecot tester <dovecot@test.com>\r
+Subject: Test 1\r
+\r
+Some really important news.\r
+'''), b')'])
+
+ # delete mail 1
+ self.assertEqual(imap.store('1', '+FLAGS', '\\Deleted')[0], 'OK')
+ self.assertEqual(imap.expunge()[0], 'OK')
+ self.assertEqual(imap.search(None, 'ALL'), ('OK', [b'1']))
+
+ # old mail 2 is mail 1 now
+ self.assertEqual(imap.fetch('1', '(RFC822)')[1],
+ [(b'1 (RFC822 {161}',
+ b'''Date: Tue, 28 Nov 2006 11:29:34 +0100\r
+From: Test User 2 <test2@test2.com>\r
+To: Dovecot tester <dovecot@test.com>\r
+Subject: Test 2\r
+\r
+More news.\r
+\r
+Get cracking!'''), b')'])
+ imap.close()
+ imap.logout()
+
+ def test_imap(self):
+ '''Test IMAP4 protocol.'''
+
+ imap = imaplib.IMAP4('localhost')
+ self._test_imap_proto(imap)
+
+ def test_imaps(self):
+ '''Test IMAP4S protocol.'''
+
+ imap = imaplib.IMAP4_SSL('localhost')
+ self._test_imap_proto(imap)
+
+
+if __name__ == '__main__':
+ os.dup2(1, 2)
+ suite = unittest.TestSuite()
+ suite.addTest(unittest.TestLoader().loadTestsFromTestCase(DovecotBasics))
+ result = unittest.TextTestRunner(verbosity=2).run(suite)
+ sys.exit(not result.wasSuccessful())
diff --git a/debian/tests/usage/00_setup b/debian/tests/usage/00_setup
new file mode 100755
index 0000000..2eeeb2f
--- /dev/null
+++ b/debian/tests/usage/00_setup
@@ -0,0 +1,50 @@
+#!/bin/sh
+
+set -e
+
+echo "Setting up dovecot for the test"
+# Move aside 10-auth.conf to disable passwd-based auth
+if [ -f /etc/dovecot/conf.d/10-auth.conf ]; then
+ mv /etc/dovecot/conf.d/10-auth.conf /etc/dovecot/conf.d/10-auth.conf.bak
+fi
+
+cat >/etc/dovecot/local.conf <<-EOF
+ auth_mechanisms = plain
+ mail_location = maildir:~/Maildir
+
+ passdb {
+ driver = static
+ args = password=test
+ }
+
+ userdb {
+ driver = static
+ args = uid=nobody gid=nogroup home=/srv/dovecot-dep8/%u
+ }
+EOF
+
+mkdir -p /srv/dovecot-dep8
+chown nobody:nogroup /srv/dovecot-dep8
+
+echo "Restarting the service"
+systemctl restart dovecot
+
+echo "Sending a test message via the LDA"
+/usr/lib/dovecot/dovecot-lda -f "test@example.com" -d dep8 <<EOF
+Return-Path: <test@example.com>
+Message-Id: <dep8-test-1@debian.org>
+From: Test User <test@example.com>
+To: dep8 <dep8@example.com>
+Subject: DEP-8 test
+
+This is just a test
+EOF
+
+echo "Verifying that the email was correctly delivered"
+if [ -z "$(doveadm search -u dep8 header message-id dep8-test-1@debian.org)" ]; then
+ echo "Message not found"
+ exit 1
+fi
+
+echo "Done"
+echo
diff --git a/debian/tests/usage/imap b/debian/tests/usage/imap
new file mode 100755
index 0000000..5bdede7
--- /dev/null
+++ b/debian/tests/usage/imap
@@ -0,0 +1,38 @@
+#!/usr/bin/python3
+import imaplib
+
+imaplib.Debug = 4
+
+print("Testing IMAP")
+print("Connecting")
+client = imaplib.IMAP4('localhost')
+
+print("Checking for STARTTLS capability")
+assert 'STARTTLS' in client.capabilities
+
+client.starttls()
+
+print("Logging in")
+client.login('dep8', 'test')
+
+print("Selecting INBOX")
+client.select()
+
+print("Looking for the test message")
+res, uids = client.search(None, 'HEADER', 'MESSAGE-ID', '"<dep8-test-1@debian.org>"')
+
+assert res == 'OK'
+assert len(uids[0]) > 0
+
+uid = uids[0].split()[0]
+
+print("Fetching and verifying test message")
+res, data = client.fetch(uid, '(RFC822)')
+
+assert res == 'OK'
+
+lines = data[0][1].splitlines()
+
+assert b'Subject: DEP-8 test' in lines
+
+print("Done")
diff --git a/debian/tests/usage/pop3 b/debian/tests/usage/pop3
new file mode 100755
index 0000000..00b1657
--- /dev/null
+++ b/debian/tests/usage/pop3
@@ -0,0 +1,31 @@
+#!/usr/bin/python3
+import poplib
+
+print("Testing POP3")
+print("Connecting")
+client = poplib.POP3('localhost')
+client.set_debuglevel(2)
+
+print("Checking for STARTTLS capability")
+assert 'STLS' in client.capa()
+
+client.stls()
+
+print("Logging in")
+client.user('dep8')
+client.pass_('test')
+
+print("Listing INBOX")
+res, data, _ = client.list()
+assert res.startswith(b'+OK')
+
+print("Fetching and verifying test message")
+for entry in data:
+ _id, _ = entry.split(maxsplit=1)
+ res, body, _ = client.retr(int(_id))
+ if b'Subject: DEP-8 test' in body:
+ break
+else:
+ raise AssertionError("Test message not found")
+
+print("Done")
diff --git a/debian/upstream/metadata b/debian/upstream/metadata
new file mode 100644
index 0000000..02236b7
--- /dev/null
+++ b/debian/upstream/metadata
@@ -0,0 +1,5 @@
+Name: dovecot
+Repository: https://github.com/dovecot/core
+Repository-Browse: https://github.com/dovecot/core
+Contact: Dovecot Mailing List <dovecot at dovecot.org>
+Bug-Submit: Dovecot Mailing List <dovecot at dovecot.org>
diff --git a/debian/upstream/signing-key.asc b/debian/upstream/signing-key.asc
new file mode 100644
index 0000000..c490707
--- /dev/null
+++ b/debian/upstream/signing-key.asc
@@ -0,0 +1,51 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mQINBFoyisIBEADXxIfb89+FkI5DKPaI9M33vV7f9PkXkCWvXszAH2R9iJEafzUQ
+JaRzb0ZhZP6XKT+2P6quRTdBseFvEiH2qT5EpXYGGRNlCHB3+4Wjv1t4EZZe0fUK
+eHHpND4b4HGn7G6FrcZKtA1NebcmNlhO7ZNBaOOJSv93+TbNdk2vrRvmj57eX8TB
+1FJure5F/wZpD64DO5apNllxXO4zsype5+zYMoFQfExn3k7HUqmI0+PAAQ2yy/Wm
+WPMSACmeyhz/gCdtpgpnW+GFn4MsNFJF+ytF64FXvBOXxC61A5UBntKN0pAqSb/N
+JzIajRnrN8i7KR50AH0e0xGz9rq+4+5K9cckoLwiIC1Z6ymjDGt9yzgZssMWMfY8
+EFfl3DhQbG2dzDChj7t2jZ7o3fGpgPor+PnKKtLosgFFlf8eU8gBgb6nKEwTBV2S
+eJvU/j6KkRk/qDZEknVIK8D4XBdiNCSaB4AATE2/V2SdTThu9bqiVJ0+Dcn4oHBa
+W/6Da34NG0wfvJlOsxDMVBCgt7XKKemeDa4zxdbEG0yleaLLdv5UgN9GqtV7a8mP
+mKzyE36hjZRhAfJNwpQwYbzT4/22aSD8jd8fBkkHY4OSE+DA3UQrTKvEIp+wfQ4v
+KgvRjYEdEH/0A3U/TxybFPjHFux26pEBwNW6D7g19fXsEmSB125ozmkUGwARAQAB
+tDJEb3ZlY290IENvbW11bml0eSBFZGl0aW9uIDxkb3ZlY290LWNlQGRvdmVjb3Qu
+b3JnPokCOAQTAQIAIgUCWjKKwgIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AA
+CgkQGKNIru1AnaG2IxAAihlcooJxXAtOMq9qzb9S6QR49jzlgO6fSJZcwa6mHsxS
+u2aaT4eDXiJOVp2I2JA9G2nEoXpnzAOcDbqsP0Bdvyz8Kse0M07xboza31li0oW8
+JGyJmuCR1f8EwjUuTK8oFPYMfJbcFlhMCFU9JFpNFLTsHTkcWVfcJhVwR7IR5Qnf
+ekf1UKukf/J245f0/ut1/BRJYKNfgOOAwC5eHEL0WY3yTPdiUoiJbxWNaGGvgW2N
+zkTyCuL52TY0J+b6us7Umilck58C9+LjtDVLfgXZssLCeErwbE/XIUmlgVqcvexq
+/eVEoE/PBkSWsMAxUuTqUYDv2JcJJJTolmYVGN9S8EVZ3FfoMvqBsWPAyE6MAayT
+G3l5gci8Hm4QFf3gKW94daUPAUMxR5fjTWhyu3Fw/t7pe6I73FPEkllGBy75gJqg
+lyvQi7TSv3P7HRWUP7YzWQXTTt9/e9OYIRM3wSn/75u3tF/3nmmaAeX1ThipCLYU
+jz+x2xixXXieRvXVPZFmBy9R2QByKK7UbuC0QvZlbJM+KjQq9TeCwpLH9TOe04jy
+I1dU5GJAqbhPs4eVD61ZAft8/fhAmXeDOEFo/bhW62R4DR50C+eBMlHkPps/eg8i
++vLzQ4SeMMnr0YBGHyPM8Tr5laYdLNX2t8MoGT/Su/htmDR43DeFt9QUddFHb4G5
+Ag0EWjKKwgEQAL3QJYywB4fLxg6MqWkCj9CK2ZOA87UvtZW4KCXYy9uZtavSKOlL
+CkS24N8bCXtZwZmRXrgjPY1auvxHofSZVgla0BBWl+zC3NsyTtLHaLBZU5FYub4w
+q81U8tkCJZYc7EogGx1IPcC9jFRN8vEbZmqSMRbPZBTIr6qVLJyqEqQY/VrkKBDx
+sZ2oY+I/uc4zY47g53SVMRWjELmYCrtuLWCRhK1haxRp0Jr7W5jj8iKoI8z5kpMz
+LKzIKoEa4VnLAdQvQI6gRKQEYZ3lKjaaWkd+2A+vP7lMURvJdn2OfnV3j5esbfLj
+vzjTkMw1Jbtq1tg/vlCEGKPmOZGN+OlpKu9pD/6/IXrt7bfaFviCrmAFNjlEDk0+
+NqtuHyxrS+gNDIu5SaFniUxDNJCoor3Hpy+qRq2x8FneR6fsh4JXXR+lNsYPF6E4
+zWhkgChxBlH9ijosieCwUADbacHznQ4kjZTbEBbFEb0Mpj34FuNbGqYNaUyQta82
+tPw82dOcM5uRXuKdJ8r9ObXRDbci8AgQrn2atOo4aTzgK5UoMehVO1/NMy2zkGmQ
+dS/KqPfOnW8TIMozgkEzTE2i/VPUZklfSKTcTcGDaEy1OLpPru7wzVhnCeO9L2z4
+JsN1AOZ4snayQ7JdgMdMqOXufYFtbonJLnKlGI3WMWRlyG1lrIHS2hTnABEBAAGJ
+Ah8EGAECAAkFAloyisICGwwACgkQGKNIru1AnaFOlg/+KQpWeTg8AqwVqGQwJ64i
+I7dutIQQIjBy8fKc0j6eiNujukBbWeQv6KSyGLxhbRo9as2iVDeSD1oqBjhT1BHz
+JZjqUL6IdkYefVpg3hjikzRr3DLFj4TVA5fGxB187bhoRchPh5uuVZ1QqZBiwnKb
+PIhwK7Imi9OEbdjmarytNZKxnsq2e095EDB+cXiiJ9IrVLLcuXDJQCLY6VVWPHTc
+pp6adN7Ve65itOPc4jIoe8SAeMl55eI6reBMt8CgMuGSJNsM3pia1CC6PwcRgWL9
+pcEr1XQO63gFLnRFkjVdcuLs9K3MLS7+aGe7ZOORCUv0E1gzmEggCXTFpk2V6uH8
+9CP0LzBGKwUVkpFhNw1Wk79tvQIpKLz5wUQEXFYhcFODqEUH407b6VO+SvDsVT8l
+YgUGUOI8Nw3GGyaw6ZOlKLu2z72mtcBF2KBrSGs3brD8Keo7GmViasniYQyVCOiP
+5LSQbgBVrNt2yLvOVNSNF6k2fmYIoOe3GPPhsQBFx6Qi9Ci8LLDadDiR5qTTxff2
+3SnkJQL1M2gwh55d7PzJdVCa3mBE5p8hr4AyoNQM9wS+NkSwfyKRuOUpotVVx9Uk
+bT1WdQKTu7HYEJ9eev5Ch0yfQV8nFkKdMfTtYl0gjsWkpKFxJvhAvd8gNYk22GDK
+BWoyZxpdESCzsL3JU8wy7TQ=
+=Z5jJ
+-----END PGP PUBLIC KEY BLOCK-----
diff --git a/debian/watch b/debian/watch
new file mode 100644
index 0000000..002a368
--- /dev/null
+++ b/debian/watch
@@ -0,0 +1,8 @@
+# watch control file for uscan
+version=4
+# core
+opts="pgpmode=auto, dversionmangle=s/\+dfsg\d*//, oversionmangle=s/(.*)/$1+dfsg1/" \
+ https://dovecot.org/releases/2.3/dovecot-([\.0-9]+)\.tar\.gz debian
+# pigeonhole
+opts="pgpmode=auto, dversionmangle=s/\+dfsg\d*//, oversionmangle=s/(.*)/$1+dfsg1/, component=pigeonhole" \
+ https://pigeonhole.dovecot.org/releases/2.3/dovecot-[\.0-9]+-pigeonhole-([\.0-9]+)\.tar\.gz ignore uupdate