Re: Debian Bookworm packages, please !

On 27/06/24 06:48, pgnd via dovecot wrote: for anyone interested, for dovecot v2.3.14+ @ Fedora, https://src.fedoraproject.org/rpms/dovecot/blob/rawhide/f/dovecot-2.3.14-opensslv3.patch dovecot hums along nicely. i've not seen a _crash_ in _many_ moons (quick looking thru ~ 18mos of lo

Re: Debian Bookworm packages, please !

Scott Q. via dovecot skrev den 2024-06-26 20:50: In your stead, I'd be happy and say thank you that a serious company is making such a huge public/free contribution. i can only say i am happy gentoo user with dovecot, but i would like to pay for dovecot-pro, but its not avail anywhere sadly

Re: Timeout when opening folder

> "Entrepreneur" == Entrepreneur AJ via dovecot > writes: Ok so does it work moving mails to a new folder or not? The lots are showing a bunch of useless (to this problem of saving mails to a new folder) SSL: issues. The rest of the log lines look good, since you can look up user

Re: Debian Bookworm packages, please !

What's her point really ? That someone owes her up to date, FREE,  secure software that she wants to use in a commercial setting ? This has been debated ad nauseum. Get your expectations in check. https://news.ycombinator.com/item?id=38301710 On Wednesday, 26/06/2024 at 16:13 Simon B via dovecot

Re: Debian Bookworm packages, please !

With all due respect, you're welcome to disagree with Laura's point, but she does have one. So, please take your ad hominem attacks elsewhere. Regards Simon On Wed, 26 Jun 2024, 21:55 Michael Tokarev via dovecot, wrote: > Can we please stop this thread here? > > Clearly, Laura does not seek

Re: Debian Bookworm packages, please !

Can we please stop this thread here? Clearly, Laura does not seek solutions, the intention seems to be shouting at people. As they say, don't feed the trolls, - don't give more caises fpr shouting. Let this thread die in peace. Thanks, /mjt 26.06.2024 22:26, Laura Smith via dovecot wrote: W

Re: Debian Bookworm packages, please !

> Why do you care about the repo then ? Use the patch locally, > publish it, etc. You care about OpenSSL 3.0 compatibility right ? What > do you care if it's in the public tree or not. Because Aki has been shouting from the rooftops here that "beware, its not that easy, Dovecot crashes with Open

Re: Debian Bookworm packages, please !

Why do you care about the repo then ? Use the patch locally, publish it, etc. You care about OpenSSL 3.0 compatibility right ? What do you care if it's in the public tree or not. Again, no open source project has any responsibility to make sure you can function the way you want to. It's nothing mo

Re: Debian Bookworm packages, please !

I suggest you descent rapidly off your high horse Scott, for two reasons: 1. I know people how have approached OpenXChange for commercial Dovecot support. TL;DR OpenXChange are basically not interested unless you're going to spend the big-bucks (i.e. if you're not a major ISP/Telco  or somethi

Re: Debian Bookworm packages, please !

+1 here too. FOSS is FOSS community, not "FOSS service". El 26/6/24 a les 15:47, Scott Q. via dovecot ha escrit: Hi Laura, I understand your frustration but if you are relying on Dovecot for a commercial solution, I believe your anger is misguided. The open source project has no duty nor do th

Re: Debian Bookworm packages, please !

Hi Laura, I understand your frustration but if you are relying on Dovecot for a commercial solution, I believe your anger is misguided. The open source project has no duty nor do they have to guarantee anything. Open source means everyone can contribute, but in this case, only one major contributo

Re: Debian Bookworm packages, please !

+1 El 26/6/24 a les 14:34, Laura Smith via dovecot ha escrit: You are conflating OS with packages.  I don't think you'll find any OS making promises about packages. And even if it were the case, you are expecting a community patch based on what exactly ? OpenSSL are not releasing the code to

Re: Debian Bookworm packages, please !

You are conflating OS with packages.  I don't think you'll find any OS making promises about packages.  And even if it were the case, you are expecting a community patch based on what exactly ? OpenSSL are not releasing the code to non-premium customers, and as Aki has repeatedly told us here,

Re: Debian Bookworm packages, please !

To support my prior comment, FreeBSD are quite clear about it (see below explicit statement on one of their previous Security Advisories) and I expect it to be the same with Debian and any other FOSS operating system. Security Advisory FreeBSD-SA-20:33.openssl CVE-2020-1971: "However, the OpenSS

Re: Debian Bookworm packages, please !

They likely do not, but vulnerabilities reported are also patched for the duration of the OS lifecycle. With or without premium access. Since that's what the OS has committed to, unless they pull a redhat and deprecate an OS before initial EOL date. Sent from Outlook for iOS

Re: Debian Bookworm packages, please !

So you're saying other operating systems magically get access to OpenSSL premium ?  I somehow doubt it. On Wednesday, 26 June 2024 at 13:01, Lucas Rolff wrote: > That Debian doesn't patch their LTS releases properly like other operating > systems, should probably be brought up with the Debi

Re: Debian Bookworm packages, please !

That Debian doesn't patch their LTS releases properly like other operating systems, should probably be brought up with the Debian release and security teams. Sent from Outlook for iOS From: Laura Smith via dovecot Sent: Wednesday, June 26,

Re: Debian Bookworm packages, please !

The fundamental problem here is that this turns into a security problem, which in 2024 is not a nice thing to have. Yes, theoretically I could run the previous Debian release, 11 Bullseye which is now EOL but in LTS until 2026. However, the OpenSSL delivered with Bullseye is 1.1.1. Any LTS pat

Re: Timeout when opening folder

If it helps; Dockerfile: FROM alpine:3.20 RUN apk add dovecot dovecot-pgsql dovecot-lmtpd RUN addgroup -S -g 1000 vmail && adduser -S vmail -G vmail -u 1000 -h /srv/vmail RUN rm -rf /etc/dovecot && mkdir /etc/dovecot && mkdir /etc/dovecot/conf.d ADD dovecot.conf /etc/dovecot/dovecot.conf ADD con

Re: Timeout when opening folder

Applied John's recommendation and getting less in the logs now but here is the full log from fresh pod start (confirmed to be a single pod deployment only. Personal IP MODIFIED: [eaj@lpt1 ~]$ k logs -f pod/dovecot-86c75498c8-hdqtr Jun 26 09:32:10 master: Info: Dovecot v2.3.21 (47349e2482) starti

Re: Debian Bookworm packages, please !

> On 26/06/2024 11:42 EEST Laura Smith via dovecot wrote: > > > > > could you please elaborate on this? are there any security issues with > > > using the debian version? what are the problems you are implicating with > > > your above statement, that it's 'not fully working either'? > > > >

Re: Debian Bookworm packages, please !

> > could you please elaborate on this? are there any security issues with > > using the debian version? what are the problems you are implicating with > > your above statement, that it's 'not fully working either'? > > > > greetings... > > > It can sometimes crash. > > Aki Does Dovecot eve

Re: Debian Bookworm packages, please !

> On 26/06/2024 11:17 EEST Michael via dovecot wrote: > > > On Tuesday, June 25, 2024 5:08:15 PM CEST, Aki Tuomi via dovecot wrote: > > We can already see that the Debian/RedHat patched 2.3 which is > > offered is broken because there is more than just "making it > > compile" with things li

Re: Debian Bookworm packages, please !

On Tue, Jun 25, 2024 at 06:08:15PM +0300, Aki Tuomi via dovecot wrote: > We can already see that the Debian/RedHat patched 2.3 which is offered is > broken because there is more than just "making it compile" with things like > OpenSSL3, and yes, I can appreciate that it's not fully broken, but it

Re: Debian Bookworm packages, please !

On Tuesday, June 25, 2024 5:08:15 PM CEST, Aki Tuomi via dovecot wrote: We can already see that the Debian/RedHat patched 2.3 which is offered is broken because there is more than just "making it compile" with things like OpenSSL3, and yes, I can appreciate that it's not fully broken, but it's