Package: dovecot-gssapi Version: 1:2.4.1+dfsg1-2 Severity: grave Tags: upstream Justification: Breaks other package's autopkgtests
Issue was first observed in gsasl's autopkgtest failures. Protocol traces are available in #1104411. Some (but not all) IMAP clients are unable to negotiate GSSAPI authentication with Dovecot 2.4.1. Earlier versions worked as expected. The issue has been traced to a particular upstream change [1], and has been reported on upstream's mailing list [2]. While investigating a proper fix, we can potentially revert the implicated change, which will additionally require reverting support for SCRAM-SHA-1-PLUS and SCRAM-SHA-256-PLUS. These mechanisms have never been supported in a Debian release, so this would not be a regression, and we should be able to re-enable them once the correct fix is identified. 1. https://github.com/dovecot/core/commit/1486c30e191ff079bfa78e7950173bb33d8073d9 2. https://dovecot.org/mailman3/archives/list/dove...@dovecot.org/message/LMUX23ZRYPOJ6RRZWBPBUBSBYK4FLI6O/
