dovecot24-2.4.2-160000.1.1

- drop dovecot-fix-gssapi.patch

- Update dovecot to 2.4.2 (boo#1252839 CVE-2025-30189)
  - Critical bug fixes
  - CVE-2025-30189: Passdb oauth2 (not oauth2 mechanism), passdb
    passwd, passdb bsdauth, and userdb passwd drivers would cause
    users to be cached with same cache key when auth cache was
    enabled.
  - Changes
  - auth: Remove proxy_always field.
  - config: Change settings history parsing to use python3.
  - doveadm: Print table formatter - Print empty values as "-".
  - imapc: Propagate remote error codes properly.
  - lda: Default mail_home=$HOME environment if not using userdb
    lookup
  - lib-dcrypt: Salt for new version 2 keys has been increased to
    16 bytes.
  - lib-dregex: Add libpcre2 based regular expression support to
    Dovecot, if the library is missing, disable all regular
    expressions. This adds libpcre2-32 as build dependency.
  - lib-oauth2: jwt - Allow nbf and iat to point 1 second into
    future.
  - lib: Replace libicu with our own unicode library. Removes
    libicu as build dependency.
  - login-common: If proxying fails due to remote having invalid
    SSL cert, don't reconnect.
  - New features
  - auth: Add ssl_client_cert_fp and ssl_client_cert_pubkey_fp
    fields, see
    https://doc.dovecot.org/latest/core/summaries/settings.html#ssl_peer_certificate_fingerprint_hash
    for more information.
  - config: Add support for $SET:filter/path/setting.
  - config: Improve @group includes to work with overwriting
    their settings.
  - doveadm kick: Add support for kicking multiple usernames
  - doveadm mailbox status: Add support for deleted status item.
  - imap, imap-client: Add experimental partial IMAP4rev2
    support.
  - imap: Implement support for UTF8=ACCEPT for APPEND
  - lib-oauth2, oauth2: Add oauth2_token_expire_grace setting.
  - lmtp: lmtp-client - Support command pipelining.
  - login-common: Support local/remote blocks better.
  - master: accept() unix/inet connections before creating child
    process to handle it. This reduces timeouts when child
    processes are slow to spawn themselves.
  - Bug fixes
  - SMTPUTF8 was accepted even when it wasn't enabled.
  - auth, *-login: Direct logging with -L parameter was not
    working.
  - auth: Crash occured when OAUTH token validation failed with
    oauth2_use_worker_with_mech=yes.
  - auth: Invalid field handling crashes were fixed.
  - auth: ldap - Potential crash could happen at deinit.
  - auth: mech-gssapi - Server sending empty initial response
    would cause errors.
  - auth: mech-winbind - GSS-SPNEGO mechanism was erroneously
    marked as
  - not accepting NUL.
  - config: Multiple issues with $SET handling has been fixed.
  - configure: Building without LDAP didn't work.
  - doveadm: If source user didn't exist, a crash would occur.
  - imap, pop3, submission, imap-urlauth: USER environment usage
    was broken when running standalone.
  - imap-hibernate: Statistics would get truncated on
    unhibernation.
  - imap: "SEARCH MIMEPART FILENAME ENDS" command could have
    accessed memory outside allocated buffer, resulting in a
    crash.
  - imapc: Fetching partial headers would cause other cached
    headers to be cached empty, breaking e.g. imap envelope
    responses when caching to disk.
  - imapc: Shared namespace's INBOX mailbox was not always
    uppercased.
  - imapc: imapc_features=guid-forced GUID generation was not
    working correctly.
  - lda: USER environment was not accepted if -d hasn't been
    specified.
  - lib-http: http-url - Significant path percent encoding
    through parse and create was not preserved. This is mainly
    important for Dovecot's Lua bindings for lib-http.
  - lib-settings: Crash would occur when using %variables in
    SET_FILE type settings.
  - lib-storage: Attachment flags were attempted to be added for
    readonly mailboxes with mail_attachment_flags=add-flags.
  - lib-storage: Root directory for unusable shared namespaces
    was unnecessarily attempted to be created.
  - lib: Crash would occur when config was reloaded and logging
    to syslog.
  - login-common: Crash might have occured when login proxy was
    destroyed.
  - sqlite: The sqlite_journal_mode=wal setting didn't actually
    do anything.
  - Many other bugs have been fixed.
- Update pigeonhole to 2.4.2
  - Changes
  - lib-sieve: Use new regular expression library in core.
  - managesieve: Add default
    service_extra_groups=$SET:default_internal_group.
  - New features
  - lib-sieve: Add support for "extlists" extension.
  - lib-sieve: regex - Allow unicode comparator.
  - Bug fixes
  - lib-sieve-tool: sieve-tool - All sieve_script settings were
    overriden.
  - lib-sieve: storage: dict: sieve_script_dict filter was
    missing from settings.
  - sieve-ldap-storage: Fix compile without LDAP.

- Enable build for all arches again. The build failure on 32bit has
  been addressed upstream.

- Allow for %is_opensuse to be unset, following up to
  https://src.suse.de/products/SLFO/pulls/204 (bsc#1248485).

- [SLFO:Main] [SLES16.0] Please lower the libldap2 dependency for dovecot24
  (bsc#1247601)

- Update to actual version (Fri May 30 17:05:02 2025) in main branch to fix bsc#1245075
  [sle16][ppc64le][dovecot] dovecot service failed to start and coredump on ppc64le
  Turn off tests.
  * lib-auth: Fix linking due to duplicate symbols
  * lib-settings: test-settings - Refactor initialization of params3
  * lib-var-expand: Test hierarchical SETTINGS_EVENT_VAR_EXPAND_PARAMS
  * lib-settings: Pad initial var expand context with empty tables and providers when needed
  * Panic: file settings.c: line 1560 (settings_var_expand_init_add): assertion failed: (I_MAX(num_tables, num_provs) == num_ctx)
  * auth: db-oauth2 - Don't mix table and providers_arr
  * lib: test-file-cache - Ignore RLIMIT_AS enforcement failure
  * If the OS does not respect RLIMIT_AS here, lets skip all the rest of the tests.
  * auth: Fix using passdb_fields with passdb_ldap_bind_userdn=yes

- dovecot gssapi authentication fails when starting with empty auth data
  (bsc#1243489)
  dovecot-fix-gssapi.patch applied to fix gssapi

- Dovecot: /etc/dovecot/conf.d/ doesn't exist after installing dovecot
  (bsc#1242774)
  Dovecot misses many configuration files (bsc#1242687)
  Remove list of not delivered files
- dovecot fails to build (bsc#1242418)
  Do not use libunwind on s390x

- Fix bsc#1240399 dovecot24 has incomplete config.
  Ignore the broken config in the sources and deliver a minimal
  configuration for the system users.

- update to 2.4.1
  * auth: Change unix_listener/auth-userdb/group = $SET:default_internal_group
    This change needs dovecot_config_version=2.4.1.
  * auth: lua - Remove support for single string result.
  * imap: Unconditionally advertise SPECIAL-USE capability.
  * lib-dcrypt: Install dcrypt_openssl.so into dovecot modules directory.
  * lib-master: For glibc, default MALLOC_MMAP_THRESHOLD_=131072.
  * lib-storage: Change default mail_cache_fields to:
    hdr.date hdr.subject hdr.from hdr.sender hdr.reply-to hdr.to
    hdr.cc hdr.bcc hdr.in-reply-to hdr.message-id
    date.received size.virtual imap.bodystructure mime.parts hdr.references
    hdr.importance hdr.x-priority hdr.x-open-xchange-share-url
    pop3.uidl pop3.order. This change needs dovecot_config_version=2.4.1.
  * lib-var-expand: Use moduledir instead of pkglibdir for crypt.
  * lmtp: Change the default lmtp_user_concurrency_limit to 10.
    This change needs dovecot_config_version=2.4.1.
  * lmtp: Change the default service_restart_request_count to 1.
    This change needs dovecot_config_version=2.4.1.
  + auth: Allow configuring passdb/userdb sql to use auth-workers.
  + config: Add default group @mailbox_defaults = english.
  + config: Improve "Unknown setting" error with more details and
    suggestions.
  + doveconf: Add -U parameter to ignore unknown settings in config file.
  + fts-flatcurve: Support lock files in VOLATILEDIR.
  + imap-acl: Add support for the IMAP LIST-MYRIGHTS capability (RFC 8440).
  + imap-client: Support ANONYMOUS authentication.
  + imap: Implement support for the REPLACE capability.
  - Many bugs have been fixed.

- Adapt dependency for SLES.

- Remove not used macro

- make apparmor conditional more readable