A new version of Dovecot has been released, I’ve installed it on my test servers and production server without a problem. I would advise you to upgrade this time as the SSL stuff is recommended to be used. The noticeable changes are:
Proxying now supports sending SSL client certificate to server with ssl_client_cert/key settings.
doveadm dump: Added support for dumping dbox headers/metadata.
Fixed memory leaks in login processes with SSL connections
The PHP development team released 5.3.8, it is an improvement on the stability and contains some security fixes. I’ve successfully tested it on my servers without a noticeable problem.
Security Enhancements and Fixes in PHP 5.3.9:
Added max_input_vars directive to prevent attacks based on hash collisions. (CVE-2011-4885)
Fixed bug #60150 (Integer overflow during the parsing of invalid exif header). (CVE-2011-4566)
Key enhancements in PHP 5.3.9 include:
Fixed bug #55475 (is_a() triggers autoloader, new optional 3rd argument to is_a and is_subclass_of).
Fixed bug #55609 (mysqlnd cannot be built shared)
Many changes to the FPM SAPI module
To see the buglist solved in this release, read them in the ChangeLog.
For instructions on how to upgrade PHP please read: Upgrading PHP.
This week the Mac mini turned 7 years. Steve introduced this at MacWorld in San Fransisco.
The quote he started with was “Why doesn’t Apple offer a stripped down Mac that is more affordable” and he said “I wish I had a nickel for every time somebody asked me that.”
The mini has evolved greatly since that day. I think it was intended as a cheap desktop replacement to help switchers but has now evolved to be used as a capable server for small and medium sized companies. There are even many companies that use it as there internet presence (I know as I helped a few of them setting it up). Read this blog post at the Macminiolo blog for the increase in performance in these 7 years.
The mini is used for many things, as embedded computer, media player, in-car entertainment system and many more. Just try some google queries. This one is awesome, only not for home use: a 48U rack enclosure to hold 140 mini’s.
The predecessor of this site switch.richard5.net was started a little later as my first Mac mini was bought a few months after the introduction with a 23″ Cinema Display. I started using it as my main machine at home after long exposure to Linux and Windows, it was my first Mac after admiring them from a distance.
I’ve since bought five mini’s and still have 3. A G4 for testing PowerPC Leopard installs, an intel one for testing Snow Leapard and Lion and the last one is located at Macminicolo.net and serving amongst others this site. My current main desktop is an 27″iMac and for sentimental reasons I recently even bought a PowerMac G5. I loved the case and this one was without a scratch, additional this was the first model that was sold using water-cooled CPU’s.
The team at Roundcube is still hard at work and they have released a new version of their awesome webmail client. It contains another round of bug fixing and they added some security improvements which will protect the Roundcube users from XSS and clickjacking attacks.
A new version of Dovecot has been released, as usual I’ve installed it on my test servers and production server without a problem. Check the improvements and decide if you want to upgrade as it are many small fixes, plus some more noticeable:
Comment from Timo on this release was:
I only now noticed that the VSZ limits weren’t being enforced with earlier v2.0.x releases (or they were set 1024 times too high). So if a Dovecot process was leaking memory, it wasn’t being killed by kernel. Now that this enforcing is done, some installations will probably start seeing errors about reaching these limits in normal operation. The default_vsz_limit is 256 MB. You may want to increase it in larger installations to 1 GB just in case.
Besides the changes listed below, a lot of smaller fixes were done.
A list of the bigger fixes:
VSZ limits weren’t being enforced for any processes. On server with large mailboxes you may now see errors about it if the limits aren’t high enough. To fix them, either increase individual service { vsz_limit } values or simply increase the default_vsz_limit setting.
Proxying: If using ssl=yes or starttls=yes with a hostname (not IP) as proxy destination, require that the certificate matches the given hostname.
LMTP: Changed default client_limit to 1. This should improve LMTP throughput with default settings.
dsync: Quota is no longer enforced (i.e. dsync can’t fail because user is over quota).
Added “auto” mail storage driver, which can be used to auto detect mailbox location and format. This behavior is already the default for empty mail_location setting, so this change is mainly useful for shared namespace’s location setting.
checkpassword: Export all auth %variables to AUTH_* environment.
