cyrus-imapd-3.8.4-bp157.1.2

- spec: add "Conflicts: leafnode" because both leafnode and cyrus-imapd
  ship a file called /usr/sbin/fetchnews (bsc#1237293)

- (bsc#1237293) Possibly re-add cyrus-imapd to Package Hub (latest version from devel project)
  Add Conflicts to be able to build on SLES

- enable httpd for caldav/carddav support

- update to version 3.8.4 (bugfix release)
  * Fixed Issue #4932: LITERAL+ broken in mupdate
  * Fixed Issue #4955: email headers in iMIP messages were not correctly encoded
  * Fixed Issue #4947: updating a script on a pre-sieve mailbox server resulted in an empty script on a sieve-mailbox replica
- update to version 3.8.3 (security fix release)
  * Fixed CVE-2024-34055

- Build with PCRE2, resolve segfault when querying mailboxes

- Use upstream configuration files

- Use correct libexecdir

- Update to version 3.8.2:
  * Major version jump, reference upstream changelog:
    https://www.cyrusimap.org/dev/imap/download/release-notes/index.html
- Drop no longer applicable patches:
  * cyrus-imapd-2.4.22-perl-5.36.patch
  * cyrus-imapd-2.4.22-recognize-new-backends.patch
  * cyrus-imapd-2.5.13-glibc-2.30-compatibility.patch
  * cyrus-imapd-2.5.13_db6.patch
  * cyrus-imapd-2.5.13_implicit-definitions.patch
  * cyrus-imapd-2.5.13_syslog-facility-doc.patch
  * cyrus-imapd-2.5.17-fix-cve-2021-33582.patch
- Add refreshed patch:
  * cyrus-imapd-3.8.2_syslog-facility-doc.patch

- update to version 2.5.17
  * Fixed: tools/git-version.sh did not need bash specifically
    (gh#cyrusimap/cyrus-imapd#3143)
  * Fixed: saved session reuse crash when TLS enabled for backend connections
    (gh#cyrusimap/cyrus-imapd#3191)
  * Fixed: XFER now recognises 3.4 and 3.5 backends
  * Fixed: memory leak during backend auth state cleanup
    (gh#cyrusimap/cyrus-imapd#3320)
  * Fixed: use-after-free segfault in mupdate-client
    (gh#cyrusimap/cyrus-imapd#3312)
- incorperating a lot of work from buschmann23@opensuse.org!
- added new packages libcyrus0 and perl-Cyrus-Annotator
- enabled mailbox event notification
- enabled clamav support
- enabled SQLite support
- enablee and run unit tests
- prepared http support (using bcond; requires libical < 3)
- deprecate BDB support: upstream drops it with 3.0
- deprecate SNMP support: upstream drops it with 3.4
- removed OpenSLP support
- configuration changes
  * add some resource control settings to cyrus-imapd.service file
    + TasksMax=2048
    + LimitNOFILE=10000
    + Restart=on-failure
    + RestartSec=5
- create runtime directory structure under /run/cyrus-imapd with
  systemd-tempfiles instead of unit RuntimeDirectory. This makes
  it possible to store some files and folders on ephemeral storage
- update default shipped config files to use /run/cyrus-imapd
- dropped package conflicts for *cyrus-*-kolab; those packages weren't
  build in a really, really long time, since they were obsoleted
  with cyrus-imapd 2.4.
- removed patches now included upstream:
  - cyrus-imapd-2.4.19_autocreate-0.10-0.patch
  - cyrus-imapd-2.4.17_lmtp_catchall_mailbox.patch
  - cyrus-imapd-2.4.17_ptloader-ldap_user_attribute.patch
  - cyrus-imapd-2.4.18-D19-Outlook_2013_XLIST.patch
- other dropped patches / unsupported, obsolete, out of maintenance:
  - cyrus-imapd-2.4.17_openslp.patch
  - cyrus-imapd-2.4.17_pie.patch
- rebased patches:
  * cyrus-imapd-2.3.16_syslog-facility-doc.patch as
    cyrus-imapd-2.5.13_syslog-facility-doc.patch
  * cyrus-imapd-2.4.17_db6.patch as
    cyrus-imapd-2.5.13_db6.patch
  * cyrus-imapd-2.4.19-implicit_definitions.patch as
    cyrus-imapd-2.5.13_implicit-definitions.patch
  * cyrus-imapd-2.4.21-fix-bdb-function-conflict.patch as
    cyrus-imapd-2.5.13-glibc-2.30-compatibility.patch
  * cyrus-imapd-2.4.22-fix-cve-2021-33582.patch as
    cyrus-imapd-2.5.17-fix-cve-2021-33582.patch
- various spec cleanups
  * use conditional builds with bcond
  * remove SysV init scripts
  * remove conditionals for old openSUSE releases
  * remove unnecessary dependencies
- Changelog of prior 2.5.x releases:
  * see https://www.cyrusimap.org/imap/download/release-notes/2.5/index.html
- update to version 2.5.16
  * Fixed: XFER now correctly distinguishes between 2.3.x releases
  * Fixed Issue #3123: XFER now recognises 3.1, 3.2 and 3.3 backends
  * Fixed: XFER now syslogs a warning when it doesn’t recognise the
    backend Cyrus version
- update to version 2.5.15
  * Fixed CVE-2019-19783: When creating a missing mailbox as part of
    a sieve ‘fileinto’ directive, lmtpd would create it as administrator,
    bypassing ACL checks. lmtpd creates missing mailboxes as part of
    a sieve ‘fileinto’ directive if:
  * (2.5+) the anysievefolder option is enabled (default: not), or
  * (3.0+) the sieve_extensions option has the ‘mailbox’ extension
    enabled (default: enabled) and the ‘fileinto’ directive contains
    the ”:create” argument
    Under these conditions, a user with the ability to upload a custom
    sieve script to their account could use it to create any valid
    mailbox on the server (with ACL inherited from the parent mailbox
    as usual). lmtpd no longer creates these mailboxes as administrator,
    so users may no longer use a ‘fileinto’ directive to create a mailbox
    they couldn’t create otherwise.
  * Fixed Issue #2913: errors are now logged when maxlogins_per_host,
    maxlogins_per_user, and popminpoll limits are reached (thanks Sergey)
- update to version 2.5.14
  * Fixed CVE-2019-18928: unauthenticated HTTP requests no longer
    inherit authentication from the previous request on the same connection
  * Can now build against ClamAV >= 0.101 (thanks Christoph Moench-Tegeder)
  * Fixed Issue #2877: quota -f now works correctly with improved_mboxlist_sort: no
  * Fixed Issue #2808: UNDUMP no longer crashes when quota needs updating
- update to version 2.5.13
  * Fixed CVE-2019-11356: buffer overrun in httpd
  * Fixed: ptloader, ptexpire and ptdump now honour the
    ptscache_db_path setting
- update to version 2.5.12
  * Fixed: cyr_virusscan now integrates with event notifications
    properly
  * Fixed: mailbox expunge event notifications no longer cause a crash
  * Fixed Issue #2378: ACLs containing spaces no longer break mailboxes.db
  * Fixed Issue #2253: master now rejects unix domain listen paths
    that are too long
  * Fixed: smilint warnings for CYRUS-MASTER.mib fixed
    (thanks Fabrice Bacchella)
  * Fixed Issue #2177: backend connections no longer ignore STARTTLS
    failures (thanks Wolfgang Breyha)
  * Fixed Issue #2222: dav_reconstruct no longer crashes on expunged
    entries
  * Fixed Issue #2221: dav_reconstruct no longer crashes given bad
    user id (thanks Wolfgang Breyha)
  * Fixed: tls_prune memory leak
  * Fixed: tls_prune doesn’t fail when tls_sessions.db is missing
  * Fixed Issue #2199: recovery from mupdate failure now in correct
    order (thanks Michael Menge)
  * Fixed: backend connections no longer crash if no banner found
  * Fixed: backend connections no longer return success on certain
    types of failure
  * Fixed Issue #2185: squatter no longer tries to index non-IMAP
    mailboxes (thanks Wolfgang Breyha)
  * Fixed: special-use proxying in murder (thanks Wolfgang Breyha)
  * Fixed Issue #1090: send OK NIL to subsequent ID commands
  * Fixed Issue #1434: auth_pts will now error when given a too-long
    socket file name
  * Fixed Issue #1964: correctly detect when librt is needed
  * Fixed Issue #1967: tell EXISTS count earlier when needed
  * Fixed: memory leak in httpd DAV support
- update to 2.5.11
  * Better integration with updated documentation/website infrastructure
  * The “timeout” option is now also used as an upper limit in minutes
    for IDLE connections. A new option “imapidletimeout” can be used to
    set an idle-specific timeout instead. (Thanks Philipp Gesang.)
  * Fixed: invalid free and memory leak in httpd
  * Fixed: services no longer exit when client disconnects before accept()
  * Fixed Issue #65: no longer use -Wno-sign-compare when unsupported
  * Fixed Issue #67: better support for dots in localparts
    (thanks Jeroen van Meeuwen)
  * Fixed: don’t assume LIST section options when proxying
  * Fixed: SEARCH crash on some platforms
  * Fixed: ensure directory hierarchy created when renaming empty mailboxes
  * Fixed Issue #1742: reconstruct no longer crashes when cache records
    are too short
  * Fixed Issue #11: LIST RETURN options now work properly with virtdomains
  * Fixed Issue #44: http proxy no longer crashes on starttls
    (thanks Wolfgang Breyha)
  * Fixed Issue #1752: no longer crash on notifyd mailto method
  * Fixed Issue #1768: ensure consistency of CalDav ORGANIZER
    (thanks Дилян Палаузов)
  * Fixed Issue #368: SETACL with invalid rights characters now returns BAD
  * Fixed Issue #46: renames to remote destinations now work correctly
  * Fixed Issue #38: UTF-8 :subject now supported in sieve vacations
  * Fixed Issue #1872: no longer crash on bad SSL session ids
  * Fixed Issue #1931: missing mysql/mariadb dependencies now reported
    by configure
  * Fixed: various memory and resource leaks (thanks Дилян Палаузов)
- update to 2.5.10
  * master(8) now supports a “-V” (print version and exit) option
  * Fixed Issue #34: imapd in murder no longer crashes on MOVE to
    nonexistent folder (thanks Wolfgang Breyha)
  * Fixed Issue #15: replication no longer crashes on mailboxes that
    are too old to be replicated. Instead, it fails with an error and
    logs a warning that they need to be reconstructed
  * Fixed Issue #45: extended LIST doesn’t lose options when proxied
    to backend
  * Fixed task 142: extended LIST response no longer missing
    \HasNoChildren flag on last mailbox
  * Fixed Issue #49: httpd no longer crashes with assertion failure on
    shutdown after CardDAV has been used
  * Fixed Issue #31: the ldap_timeout setting is now used correctly
  * Fixed bugzilla #3909: idled(8) no longer runs as root
    (thanks Carlos Velasco)
  * Fixed Issue #5: renaming folder with annotations no longer increases
    annotation quota usage
  * Fixed: URLFETCH crash when section is NULL
  * various build system improvements
- update to 2.5.9
  * ipurge(8) now supports a “-n” (dry run) option
    (thanks Valentin Vidic)
  * Fixed: imapd now proxies LIST (special-use) to backend
    (thanks John Capo)
  * Fixed: sync_client handles its shutdown file more reliably
    (thanks John Capo)
  * Fixed: httpd no longer crashes with assertion failure on
    shutdown after CalDAV has been used
  * Fixed bugzilla #3938: squat search now handles pre-2.5 cyrus.squat data
  * Fixed Issue #5: twoskip database I/O performance in unlocked foreach
  * various build system improvements
- udpate to 2.5.8
  * Allow replicated backends in a discrete Murder to both
    actively participate in the Murder.
  * When choosing between ANNOTATEMORE and METADATA, favour what the client used.
  * cyr_dbtool(8) now supports improved_mboxlist_sort (-M)
  * Fixed: master on pselect systems no longer chokes on repeated interrupts
    (thanks Jens Erat and team)
  * Fixed: better iOS CalDAV support (don’t announce VPOLL)
  * Fixed: backported version detection code to detect future versions
  * Fixed bug #3927: don’t break cyrus.index on XFER of mailbox with annotations
    (thanks Wolfgang Breyha)
  * Fixed: replication/XFER of mailbox names containing ‘@’
  * Fixed: METADATA and GETMETADATA pattern/list recognition
  * Fixed bug #3862: don’t leave behind inconsistent mailboxes when mupdate
    fails during mailbox rename
  * Fixed compilation with Sun Studio 12 C Compiler (thanks Marty Lee)
  * Fixed bug #3765: ctl_cyrusdb(8) now uses database paths from imapd.conf
    (thanks Simon Matter)
  * Fixed task 227: service processes no longer crash with ‘-T 0’ argument
    (thanks Ian Batten and Jens Erat)
  * various build system fixes
- update to 2.5.7
  * CVE-2015-8077, CVE-2015-8078: protect against integer overflow in urlfetch
    range checks
  * Support for legacy SSLv2 and SSLv3 protocols has been removed
  * Support for TLS compression has been removed (thanks Ondřej Surý)
  * Fixed bug #3908: crash in ctl_mboxlist -m
  * Fixed: setrlimit error on startup
  * Fixed task 216: don’t break quotas when transferring mailboxes between
    backends
  * Fixed: idled shutdown on platforms without pselect (thanks Thomas Jarosch)
  * Fixed: autocreate_sieve now uses sievedir setting correctly
  * Fixed bug #3907: cyradm --cadir option is now called --capath, and works
    (thanks Leena Heino)
  * Fixed bug #3905: fix segfault in all daemons when built with -DUSE_SETPROCTITLE
  * Fixed: pop3d no longer applies plaintextloginpause to TLS connections
  * Fixed bug #3866: lmtpd now consults local mailboxes.db first,
    before mupdate master (thanks Michael Menge)
- update to 2.5.6
  * tls_required (default: 0). Set this to 1 to require a TLS session for ALL
    authentications, not just plain ones (thanks Carlos Velasco)
  * new cyradm options
    + –tlskey keyfile: use certificate with keyfile to authenticate with server
    + –notls: disable StartTLS negotiation
    + –cafile cacertfile: Use CA certificate file to validate server certificate
    + –cadir cacertdirectory: Use CA certificate directory to validate server certificate
  * Fixed: cyr_synclog checks its arguments more strictly to avoid producing
    junk sync loc entries
  * Fixed: cyradm metadata implementation cleaned up and output made consistent
    (thanks Leena Heino)
  * Fixed: timsieved no longer discloses name/version if ServerInfo is Off or Min
    (thanks Carlos Velasco)
- update to 2.5.5
  * Security fix: compiling with –enable-autocreate no longer allows arbitrary
    mailbox creation
  * Fixed task 207: don’t segfault on mboxutil -d of MBTYPE_DELETED mailboxes
    (thanks Chris Stromsoe)
  * Fixed lock management over rename (thanks Thomas Jarosch)
  * Miscellaneous other fixes (thanks Thomas Jarosch)
- update to 2.5.4
  * Security fix: handle urlfetch range starting outside message range
  * Fixed bug: better error messages when reading corrupted twoskip databases
  * Fixed bug: treat autocreate_quota_messages:0 as unlimited
  * Fixed task 203: make autocreate_quota:0 work as documented
- update to 2.5.3
  * Fixed task 183: don’t crash on login when event notifications are enabled
- update to 2.5.2
  * Fixed task 179: ptloader should no longer crash in ptsmodule_standard_root_dn
  * Improved consistency of event notification parameters
  * Fixed bug: no longer run out of memory in mupdate with twoskip (mmap leak)
  * Fixed bug: no longer crash on ctl_mboxlist -d for remote mailboxes
  * Fixed bug: no longer include RFC 5322 header fields when fetching CALDAV:calendar-data
  * Fixed bug: properly handle same XML namespace used with 2 different prefixes in requests
- update to 2.5.1
  * Fixed: allow SYNC_CRC to be optional, making upgrades easier in future
  * Fixed: XFER deletes source mailbox less aggressively, avoiding data
    loss under pathological conditions
  * Fixed task 163 : XFER no longer bails out on header CRC mismatch
  * Fixed task 117 : now error out silently on non-TLS connections to
    services with implicit TLS
  * Fixed reconstruct bug: upgrading mailbox format now adds GUIDs to
    shared folders (Thanks Norbert Warmuth)
  * Fixed task 165 : xfer no longer fails due to bad version comparison
  * Fixed xfer bug: version 2.5 is now detected properly
  * Fixed task 109 : XLIST behaviour is now compatible with Outlook 2013
    (Thanks Leena Heino)
  * Fixed task 116 : LIST now correctly handles domains starting with “inbox.”
  * Fixed task 120 : admin users can now SETANNOTATION correctly
  * Fixed task 118 : imapd no longer crashes when selected mailbox is listed
  * Fixed task 156 : LMTP no longer incorrectly rejects messages
    delivered using ‘deliver’
  * Fixed task 76 : lmtpd no longer crashes when delivering to a shared
    mailbox (Thanks Leena Heino)
  * Fixed quota bug: no longer crash when setting quotas on shared
    folder hierarchies
  * Fixed compilation problem on Solaris 10 (Thanks Leena Heino)
  * Fixed bug: QuotaChange event notification now always includes
    maxMessages parameter
  * Fixed bug: event notifications now include paths for shared folders
  * Fixed bug: GETMETADATA now handles mailbox patterns correctly
  * Various fixes to compiling and tool chains
  * changes to cyradm
    + createmailbox command now accepts –specialuse flag if server
    supports CREATE-SPECIAL-USE
    + listmailbox command now returns special-use attribute if
    server supports SPECIAL-USE
    + listmailbox command now accepts –specialuse flag to list only
    mailboxes with special-use attribute
    + cyradm now uses LIST and REMOTE rather than RLIST if server
    supports LIST-EXTENDED
    + mboxconfig now accepts –private flag to switch from default
    shared to private version of an annotation
    + getmetadata: new command
    + setmetadata: new command
    + Cyrus::IMAP::Admin::getinfo now returns a different data structure
    to support the above
    + Cyrus::IMAP::Admin new ACL flag for modifying annotations
- update to version 2.5.0
  * Underscores (the _ character) are no longer allowed in the START,
    SERVICES and EVENTS sections of cyrus.conf(5), as they interfere with
    configuration options in imapd.conf(5) being prefixed by service
    names and an underscore (_) character.
  * Extended Quota Types: New ways to restrict resource usage:
    Number of Folders, Number of Messages, Number of Annotations
  * CalDAV and CardDAV Support
  * Support for RFC 5464: IMAP METADATA
  * Event Notifications
  * The database format for mailboxes.db has been upgraded, adding a
    new mailbox type for deleted mailboxes. A key-value storage format
    is used, allowing for faster and better parsing of mailboxes.db,
    more granular updates to runtime environments, and more sustainable
    future upgrades.
  * New database format twoskip
  * Allowing Undefined Annotations
  * Catchall Mailbox for LMTP
  * Option Name Changes for autocreate: The options related to automatic
    creation of user mailboxes and sub-folders (aka. autocreate) have
    been changed to hold a prefix of autocreate_.
  * The default for the imapd.conf(5) configuration option delete_mode
    has changed from immediate to delayed.
  * The default for the imapd.conf(5) configuration option expunge_mode
    has changed from default to delayed.
  * Configuration option names for LDAP SSL/TLS configuration in
    imapd.conf(5) have been changed.
  * Configuration option names for SSL/TLS configuration in imapd.conf(5)
    have been changed to better reflect how they are used, as enhancements
    would otherwise create great confusion.
  * New Options for tls_*

- Add cyrus-imapd-2.4.22-perl-5.36.patch: redefine assert() macro
  to ensure compatibility with the C standard one, which is
  expected by sub-components.

- cyrus user uid outside allowed range (bsc#1198761)
  Configure cyrus user by using sysuser-tools

- Replace references to /var/adm/fillup-templates with new
  %_fillupdir macro (boo#1069468)

- Removed "cyrus-imapd-2.4.19_drac_auth.patch" and dropped drac
  from the BuildRequires. DRAC's upstream is bascially dead nowadays,
  and the drac patch in cyrus-imapd is also largely unmaintained.
  Rebased cyrus-imapd-2.4.17_openslp.patch and
  cyrus-imapd-2.4.19_autocreate-0.10-0.patch as a result of the
  removal.

- Remove filler wording from description.
- Improve find commands.

- Add cyrus-imapd-2.4.19-lmtpd_crash.patch:
  * lmtpd: fix uninitialised variable crash [boo#1045899]

- Rebased patch:
  * cyrus-imapd-2.4.18-implicit_definitions.patch as cyrus-imapd-2.4.19-implicit_definitions.patch
    Add fix for implicit-fortify-decl in ldap.c

- Update to 2.4.19
  * Complete backport of the new (2.5 and later) IMAP IDLE implementation (thanks Thomas Jarosh). This fixes a bunch of bugs and race conditions that were inherent to the older implementation
  * New option “imapidletimeout” overrides “timeout” specifically for connections in IDLE state
  * OpenSSL 1.1.0 is now supported
  * Fixed: imap ENABLED doesn’t print * ENABLED when nothing new enabled
  * Fixed: mailbox lock management over rename (thanks Thomas Jarosh)
  * Fixed: added overflow protection to urlfetch range checks
  * Fixed: lmtpd can now deliver when mupdate server isn’t available (thanks Michael Menge)
  * Fixed task 227: service processes no longer divide by zero when invoked with -T 0 argument (thanks Ian Batten and Jens Erat)
  * Fixed task 229: ctl_cyrusdb now uses database paths from imapd.conf (thanks Simon Matter)
  * Fixed bug #3862: mailbox database changes now rolled back on mupdate failure during rename (thanks Michael Menge)
  * Fixed: XFER to 2.5 and later no longer downgrades index to oldest version
  * Fixed: nonsensical “TEXT.MIME” section now handled as “HEADER”
  * Fixed: added missing ‘auditlog: ‘ prefix to backend connections (thanks Wolfgang Breyha)
  * Fixed: IMAP SEARCH crash on some platforms
  * Fixed: memory leaks in IMAP SEARCH and IMAP APPEND
  * Fixed Issue #1967: EXISTS count reported earlier if fetching past size of previous message set
- Rebased patches:
  * cyrus-imapd-2.4.17_drac_auth.patch as cyrus-imapd-2.4.19_drac_auth.patch
  * cyrus-imapd-2.4.17_autocreate-0.10-0.patch as cyrus-imapd-2.4.19_autocreate-0.10-0.patch
- Removed patches:
  - cyrus-imapd-2.4.18-CVE-2015-8077.patch (upstream)
  - cyrus-imapd-2.4.18-CVE-2015-8078.patch (upstream)
- Added cyrus-imapd-2.4.19.tar.gz.sig

- Try to cleanup with spec-cleaner
- Remove exit 0 in pre that stopped execution of the rest of the code
- Update pre/post requires to be acutally correct
- Disable stict-aliasing to avoid some problems

- Add cyrus-imapd-2.4.18-D19-Outlook_2013_XLIST.patch to add
  Outlook 2013-compatible XLIST behaviour.

- Added cyrus-imapd-2.4.18-CVE-2015-8077.patch:
  boo#954200, CVE-2015-8077: Integer overflow in range checks
- Added cyrus-imapd-2.4.18-CVE-2015-8078.patch:
  boo#954201, CVE-2015-8078: Integer overflow in index_urlfetch

- Update to 2.4.18 [boo#945844]
  * Security fix: handle urlfetch range starting outside message range
  * A bunch of cleanups and fixes to compiling
  * A bunch of sieve cleanups
  * Enhanced SSL/TLS configuration options
  * Disable use of SSLv2/SSLv3
  * Allow SQL backend for mboxlist and statuscache (thanks Julien Coloos)
  * Fixed Task #116: correct LIST response for domains starting with ?inbox.?
  * Fixed Task #76: fixed lmtpd userdeny db checks (thanks Leena Heino)
  * Fixed bug #3856: lmtpd now performs userdeny checks
  * Fixed bug #3848: support charset aliases in encoded headers
  * Fixed bug #3853: disconnect_on_vanished_mailbox: release mailbox lock before exiting (thanks Wolfgang Breyha)
  * Fixed bug #3415: fixed nntpd LIST/GROUP bug
  * Fixed bug #3784: no longer crash in THREAD REFERENCES when messages reference themselves
  * Fixed bug #3757: don?t segfault on mailbox close with no user
  * New ssl/tls configuration options
    tls_compression: 0
    Enable TLS compression. Disabled by default.
    tls_eccurve: prime256v1
    Select the elliptic curve used for ECDHE.
    tls_prefer_server_ciphers: 0
    Prefer the cipher order configured on the server-side.
    tls_versions: tls1_0 tls1_1 tls1_2
    Disable SSL/TLS protocols not in this list.
- Removed the following patches (included upstream):
  - cyrus-imapd-2.4.17_tls-session-leak.patch
  - cyrus-imapd.tls_options.patch
- Added patch cyrus-imapd-2.4.18-implicit_definitions.patch:
  - Have the correct #include when using implicit definitions

- Changed cyrus-imapd-rc-2.tar.gz/cron.daily.cyrus to use 'su -s
  /bin/bash - cyrus', as the default shell is now /sbin/nologin
  [boo#908014]
- Changed cyrus-imapd-rc-2.tar.gz/rc.cyrus to set
  /var/run/cyrus-master.pid as the PID file (was: /var/run/cyrus.pid)
  [boo#908006]

- Drop unused patch:
  * KOLAB_cyrus-imapd-2.3.18_cross-domain-acls.patch

- Replace the TLS/POODLE patch with what was merged into the upstream
  git repo:
  * cyrus-imapd.tls_options.patch
  * Obsoletes patches cyrus-imapd.tls_tlsonly.patch and
    cyrus-imapd.tls_ec.patch
- Add a default tls_versions settings to imapd.conf which disables
  POODLE affected SSL versions.

- Add two patches from Kristian Kraemmer Nielsen found on the info-cyrus mailing list
  (http://lists.andrew.cmu.edu/pipermail/info-cyrus/2014-October/037708.html)
  * cyrus-imapd.tls_ec.patch		- adding tls_ec for Perfect Forward Secrecy
  * cyrus-imapd.tls_tlsonly.patch	- add tlsonly config option to fix POODLE vulnerability

- Added -snmp and -snmp-mibs sub-packages
- Added README.SNMP to cyrus-imapd-rc-2.tar.gz
- Added sysconfig option to use SNMP
  * TODO: convert to a yesno option

- Updated to upstream release 2.4.17 (fate#311137)
  Changes to the Cyrus IMAP Server since 2.3.x:
  * All databases are now default skiplist, and ctl_cyrusdb will automatically convert database type on startup.
  * make_sha1 and make_md5 are removed (replaced by GUID and reconstruct changes)
  * Charset subsystem rewritten - Unicode 5.2 rather than Unicode 2, and UTF-8 support in sieve.
  * Core mailbox handling code largely rewritten with new APIs, CRC checksums, new locking mechanisms, merging of cyrus.index and cyrus.expunge, inclusion of user \Seen flag, and much more.
  * Replication code largely rewritten to provide better performance, consistency checking, and recovery from "split-brain" scenarios.
  * Added support for LIST-EXTENDED IMAP extension. Removed support for deprecated (compile-time) LISTEXT IMAP extension. Based on work by Martin Konold <martin.konold@erfrakon.de>
  * Added support for ESEARCH IMAP extension.
  * Added support for WITHIN extension to IMAP SEARCH.
  * Added support for ENABLE IMAP extension.
  * Added support for QRESYNC IMAP extension.
  * Added support for URLAUTH=BINARY IMAP extension.
  * Removed legacy IMAP[2|3|4] cruft. We now only support IMAPrev1 + extensions.
  * Added support for marking QoS on traffic. (courtesy of Philip Prindeville <philipp@redfish-solutions.com>)
  * Modified user_deny.db code to open database once at service startup time.
  * ... and hundreds of tiny things too numerous to mention in a short change log ...
- Added the following patches:
  - cyrus-imapd-2.4.17_drac_auth.patch -- this is a rebased version of contrib/drac_auth.patch
  - cyrus-imapd-2.4.17_ptloader-ldap_user_attribute.patch -- Allow a result attribute to be specified with ptclient/ldap.c
  * Supersedes KOLAB_cyrus-imapd-2.3.18_UID.patch
- Renamed the following patches:
  - syslog-facility-doc.patch to cyrus-imapd-2.3.16_syslog-facility-doc.patch
- Rebased the following patches for cyrus-imapd-2.4.17:
  - cyrus-imapd-db6.diff as cyrus-imapd-2.4.17_db6.patch
  - cyrus-imapd-openslp.patch as cyrus-imapd-2.4.17_openslp.patch
  - luser_relay.patch as cyrus-imapd-2.4.17_lmtp_catchall_mailbox.patch
  * Option 'lmtp_luser_relay' was renamed to 'lmtp_catchall_mailbox'
  * https://bugzilla.cyrusimap.org/show_bug.cgi?id=2360
  - cyrus-imapd_tls-session-leak.dif as cyrus-imapd-2.4.17_tls-session-leak.patch
  * https://bugzilla.cyrusimap.org/show_bug.cgi?id=3252
  - cyrus-imapd-2.3.16-autocreate-0.10-0.drac.diff as cyrus-imapd-2.4.17_autocreate-0.10-0.patch
  - pie.patch as cyrus-imapd-2.4.17_pie.patch
- Removed the following patches (unknown upstream status):
  - KOLAB_cyrus-imapd-2.3.18_Folder-names.patch
  * There is no need for us to extend the mailbox name restrictions
  * https://bugzilla.cyrusimap.org/show_bug.cgi?id=2633
  - KOLAB_cyrus-imapd-2.3.18_Groups2.patch
  * optional/not needed
  * https://bugzilla.cyrusimap.org/show_bug.cgi?id=2632
  * https://bugzilla.cyrusimap.org/show_bug.cgi?id=3282
  - KOLAB_cyrus-imapd-2.3.18_timsieved_starttls-sendcaps.patch
  * Workaround for an issue with kontact/kio ~ KDE 3.5.9
  - KOLAB_cyrus-imapd-2.3.18_UID.patch
  * Superseded by cyrus-imapd-2.4.17_ptloader-ldap_user_attribute.patch
- Removed the following patches (upstream inclusion):
  - charset.patch
  - cyrus-imapd-perl-5.14.patch
  - cyrus-imapd-perl-path.patch
  - cyrus-imapd_references_header-dos.dif
  - KOLAB_cyrus-imapd-2.3.18_Cyradm_Annotations.patch
  * http://git.cyrusimap.org/cyrus-imapd/commit/?h=cyrus-imapd-2.4&id=98dd7a9130653ac848c0782a7688d26a090b494b
  - KOLAB_cyrus-imapd-2.3.18_Logging.patch
  * Use 'auditlog: 1' in imapd.conf
  * https://bugzilla.cyrusimap.org/show_bug.cgi?id=2964
  - user_deny_db-once.patch
- Changed cyrus-imapd-rc.tar.gz contents, now having cyrus-imapd-rc-2.tar.gz:
  - dir name now is SUSE (was: SuSE)
  - renamed README.SuSE -> README.SUSE
  - added annotation definitions for groupware folders
  - imapd.conf: added annotaion definitions and lmtp_fuzzy_mailbox_match
  - imapd.conf: changed path to TLS certs form /usr/ssl/ to /etc/SSL_accept
  - imapd.conf: set default 'delete_mode' and 'expunge_mode' to 'delayed'
  - cyrus.conf: added more services, added deleteprune and expungeprune
  - moved DB_CONFIG into cyrus-imapd-rc.tar.gz
- Spec file cleanup
- Prepared systemd support
  * with systemd, we use cyrus-imapd as service name
  * we have a symlink 'rccyrus-imapd' to '/usr/sbin/service'
  * for compatibility, we have an alias 'rccyrus' = 'rccyrus-imapd'
- New package: cyrus-imapd-utils, which now contains tools to test mail servers
- New package: cyrus-imapd-cyradm, which now contains the cyradm tool
- TODO:
  - Check KOLAB_cyrus-imapd-2.3.18_cross-domain-acls.patch
  * Patch is optional
  * https://roundup.kolab.org/issue1141
  - systemd service not yet working as expected, so we disabled it atm

- Move kolab tag from package name to version field

- Add cyrus-imapd-db6.diff to fix compile abort with db >= 5

- Package perl-Cyrus-SIEVE-managesieve provides the sieveshell as
  well as the package python-managesieve, therefore make them
  conflicting

- Added /var/lib/imap/ptclient to %files section

- Add cyrus-imapd-2.4.22-fix-cve-2021-33582.patch: Fix CVE-2021-33582
- Add cyrus-imapd-2.4.22-recognize-new-backends.patch: Recognize
  backends of Cyrus versions 3.6 and 3.7

- Add conflicts entry for mailutils-delivery

- disable cmu.mib url, which no longer exists.

- Fix Tumbleweed build: don't depend on insserv. In fact, just
  drop all sysvinit blocks.

- Update to 2.4.22
  * Fixed: use-after-free segfault in imapd and mupdate-client
    (gh#cyrusimap/cyrus-imapd#3312)
  * Fixed: XFER now recognises 3.4 and 3.5 backends
- change source URLs to GitHub
- set correct perl interpreter shebang in tools/rehash

- fix build with glibc 2.30+
  * cyrus-imapd-2.4.21-fix-bdb-function-conflict.patch
- disable lto

- Update to 2.4.21
  * Fixed: timsieved segfault (gh#cyrusimap/cyrus-imapd#885)
  * Fixed: better recovery from mupdate failure
    (gh#cyrusimap/cyrus-imapd#2199)
  * Fixed: sync_client now replicates annotations in user/mailbox mode
  * Fixed: build failure with LibreSSL 2.7
  * Fixed: XFER now correctly distinguishes between 2.3.x releases
  * Fixed: XFER now recognises 3.1, 3.2 and 3.3 backends
    (gh#cyrusimap/cyrus-imapd#885)
  * Fixed: XFER now syslogs a warning when it doesn't recognise the
    backend Cyrus version

- removal of SuSEfirewall2 service, since SuSEfirewall2 has been replaced by
  firewalld, see [1].
  [1]: https://lists.opensuse.org/opensuse-factory/2019-01/msg00490.html

- Update to 2.4.20
  * Fixed: lmtpd crash
  * Fixed: auth_pts will now error if its configured socket path is
    too long for its buffer
- Removed cyrus-imapd-2.4.19-lmtpd_crash.patch

- bsc#1119629 cyrus-imapd.service contains bogus User and Groupi
    specification
- bsc#1115999 Please convert SysV init scripts by cyrus-imapd
    into native systemd services
  - Removed User and Group from the service file

- Avoid repeated emission of the %service_* boilerplate.

- Fixed startup of cyrus-imapd when using native systemd service
  by setting RuntimeDirectory=cyrus-imapd in the service file

- cyrus-imapd: migrate from cron to systemd timers
  (bsc#1115438)
  Created script service and timer replacing cron daily script

- Please convert SysV init scripts by cyrus-imapd into native systemd services
  (bsc#1115999)
  Fixed using the with_systemd macro