– Fixed crash in auth process when auth-policy was configured and authentication was aborted/failed without a username set.
– director: If two users had different tags but the same hash, the users may have been redirected to the wrong tag’s hosts.
– Index files may have been thought incorrectly lost, causing “Missing middle file seq=..” to be logged and index rebuild. This happened more easily with IMAP hibernation enabled.
– Various fixes to restoring state correctly in un-hibernation.
– dovecot.index files were commonly 4 bytes per email too large. This is because 3 bytes per email were being wasted that could have been used for IMAP keywords.
– Various fixes to handle dovecot.list.index corruption better.
– lib-fts: Fixed assert-crash in address tokenizer with specific input.
– Fixed assert-crash in HTML to text parsing with specific input (e.g. for FTS indexing or snippet generation)
– doveadm sync -1: Fixed handling mailbox GUID conflicts.
– sdbox, mdbox: Perform full index rebuild if corruption is detected inside lib-index, which runs index fsck.
– quota: Don’t skip quota checks when moving mails between different quota roots.
– search: Multiple sequence sets or UID sets in search parameters weren’t handled correctly. They were incorrectly merged together.

– Fixed crash in auth process when auth-policy was configured and authentication was aborted/failed without a username set.
– director: If two users had different tags but the same hash, the users may have been redirected to the wrong tag’s hosts.
– Index files may have been thought incorrectly lost, causing “Missing middle file seq=..” to be logged and index rebuild. This happened more easily with IMAP hibernation enabled.
– Various fixes to restoring state correctly in un-hibernation.
– dovecot.index files were commonly 4 bytes per email too large. This is because 3 bytes per email were being wasted that could have been used for IMAP keywords.
– Various fixes to handle dovecot.list.index corruption better.
– lib-fts: Fixed assert-crash in address tokenizer with specific input.
– Fixed assert-crash in HTML to text parsing with specific input (e.g. for FTS indexing or snippet generation)
– doveadm sync -1: Fixed handling mailbox GUID conflicts.
– sdbox, mdbox: Perform full index rebuild if corruption is detected inside lib-index, which runs index fsck.
– quota: Don’t skip quota checks when moving mails between different quota roots.
– search: Multiple sequence sets or UID sets in search parameters weren’t handled correctly. They were incorrectly merged together.

– Fixed crash in auth process when auth-policy was configured and authentication was aborted/failed without a username set.
– director: If two users had different tags but the same hash, the users may have been redirected to the wrong tag’s hosts.
– Index files may have been thought incorrectly lost, causing “Missing middle file seq=..” to be logged and index rebuild. This happened more easily with IMAP hibernation enabled.
– Various fixes to restoring state correctly in un-hibernation.
– dovecot.index files were commonly 4 bytes per email too large. This is because 3 bytes per email were being wasted that could have been used for IMAP keywords.
– Various fixes to handle dovecot.list.index corruption better.
– lib-fts: Fixed assert-crash in address tokenizer with specific input.
– Fixed assert-crash in HTML to text parsing with specific input (e.g. for FTS indexing or snippet generation)
– doveadm sync -1: Fixed handling mailbox GUID conflicts.
– sdbox, mdbox: Perform full index rebuild if corruption is detected inside lib-index, which runs index fsck.
– quota: Don’t skip quota checks when moving mails between different quota roots.
– search: Multiple sequence sets or UID sets in search parameters weren’t handled correctly. They were incorrectly merged together.

Security fix for CVE-2016-6318

Security fix for CVE-2016-6318