Cyrus IMAP 3.12.1 Release Notes

Download from GitHub:

• https://github.com/cyrusimap/cyrus-imapd/releases/download/cyrus-imapd-3.12.1/cyrus-imapd-3.12.1.tar.gz

• https://github.com/cyrusimap/cyrus-imapd/releases/download/cyrus-imapd-3.12.1/cyrus-imapd-3.12.1.tar.gz.sig

Changes since 3.12.0

STARTTLS changes

The industry is deprecating STARTTLS (aka opportunistic TLS) in favor of implicit TLS over a dedicated port. STARTTLS is now disabled by default.

Installations that need to service clients that use opportunistic TLS should enable the allowstarttls imapd.conf(5) option for the services that need it. For example, for a service configured with the name imap in cyrus.conf(5), set imap_allowstarttls: on to enable STARTTLS.

Security changes

• Fixed Issue #5477: master: tighten up pidfile/etc handling

Build changes

• Fixed Issue #5439: safer detection of 'function nesting' support

• Fixed Issue #5450: fix zoneinfo_db code for GCC 15 (thanks Yadd)

Bug fixes

• Fixed Issue #5397: check jmap_max_size_request before parsing JSON

• Fixed Issue #5424: recognise service-specific SASL options in cyr_info conf-lint

• Fixed Issue #5423: charset.c needs stdbool.h

• Fixed Issue #5441: config bitfields must be 64-bits wide

• Fixed Issue #5420: fix double-free in http_admin (thanks Wolfgang Breyha)

• Fixed Issue #5460: pop3d: add basic prometheus support (thanks Wolfgang Breyha)

• Fixed Issue #5466: imtest: fix output for 'C: {0}+' (thanks Дилян Палаузов)

• Fixed Issue #5478: config_read_file leak on fatal

• Fixed Issue #5481: imapd: typo in SASL-IR capability

• Fixed Issue #5454: httpd fails to parse OpenSSL version for status string