Package: dovecot-imapd Version: 1:2.2.27-3 Severity: normal Dear Maintainer, dovecot doesn't start after the upgrade, when you configured (more) secure TLS with the line
ssl_protocols = !SSLv2 !SSLv3 with the error message: dovecot: imap-login: Fatal: Invalid ssl_protocols setting: Unknown protocol 'SSLv2' After removing !SSLv2 from the line (I assume, SSLv2 is now fully removed from dovecot) it starts without problems. As this configuration is recommended in many "how to secure your mailserver" howtos, i think this will break for many people on upgrade, while ignoring a "!SSLv2" line when there is no such protocol should be safe. with kind regards, Alexander Schier -- Package-specific info: -- System Information: Debian Release: 9.0 APT prefers stable APT policy: (500, 'stable'), (500, 'oldstable') Architecture: amd64 (x86_64) Kernel: Linux 4.8.0-0.bpo.2-amd64 (SMP w/8 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init) Versions of packages dovecot-imapd depends on: ii dovecot-core 1:2.2.27-3 ii libbz2-1.0 1.0.6-8.1 ii libc6 2.24-11 ii liblz4-1 0.0~r131-2+b1 ii liblzma5 5.2.2-1.2+b1 ii ucf 3.0036 ii zlib1g 1:1.2.8.dfsg-5 dovecot-imapd recommends no packages. Versions of packages dovecot-imapd suggests: pn ufw <none> Versions of packages dovecot-imapd is related to: ii dovecot-core [dovecot-common] 1:2.2.27-3 pn dovecot-dbg <none> pn dovecot-dev <none> pn dovecot-gssapi <none> ii dovecot-imapd 1:2.2.27-3 pn dovecot-ldap <none> pn dovecot-lmtpd <none> ii dovecot-managesieved 1:2.2.27-3 ii dovecot-mysql 1:2.2.27-3 pn dovecot-pgsql <none> pn dovecot-pop3d <none> ii dovecot-sieve 1:2.2.27-3 pn dovecot-sqlite <none> -- no debconf information
