26.2 Snapshot 3 (known as 26.2-snapshot-3 in the launcher) is the third snapshot for Java Edition 26.2, released on April 14, 2026.
Full changelog: https://minecraft.wiki/Java_Edition_26.2-snapshot-3
Fixed the upgrade modal to show the correct target version and cleared stale upgrade notifications when the instance was already up to date. (#7774, fixes #6039, #8707)
Fixed user deletion cleanup so team-owned Git app sources were handled safely, while instance-wide sources were preserved for the root team. (#9435, fixes #8172)
Fixed dashboard homepage add buttons so they remained visible in light mode. (#9456, fixes #9454)
Fixed port mapping validation to accept protocol suffixes like /tcp, /udp, /sctp and IP-bound mappings. (#9503, fixes #9501, #9504)
26.2 Snapshot 2 (known as 26.2-snapshot-2 in the launcher) is the second snapshot for Java Edition 26.2, released on April 9, 2026, which fixes several major issues found in the previous snapshot.
Full changelog: https://minecraft.wiki/Java_Edition_26.2-snapshot-2
26.1.2 is a hotfix for Java Edition released on April 9, 2026, which tweaks UI checkboxes and fixes an exploit. It is compatible with 26.1 and 26.1.1 servers.
Full changelog: https://minecraft.wiki/Java_Edition_26.1.2
26.2-snapshot-1 (also known as 26.2 Snapshot 1) is the first snapshot for Java Edition 26.2, released on April 7, 2026, which adds the sulfur caves, sulfur cube, sulfur and cinnabar block sets, and an experimental Vulkan renderer.
Full changelog: https://minecraft.wiki/Java_Edition_26.2-snapshot-1
1852: [bug]: res_cdrel_custom: connection to the sqlite3 database closes from time to time
Commits By Author:
George Joseph (1):
res_cdrel_custom: Resolve several formatting issues.
nappsoft (1):
res_cdrel_custom: do not free config when no new config was loaded
Commit List:
res_cdrel_custom: do not free config when no new config was loaded
res_cdrel_custom: Resolve several formatting issues.
Commit Details:
res_cdrel_custom: do not free config when no new config was loaded
Author: nappsoft
Date: 2026-04-02
When the res_cdrel_custom modules is reloaded and the config has not been changed asterisk should not free the old config. Otherwise the connection to the database will be closed and no new connection will be opened.
res_cdrel_custom: Resolve several formatting issues.
Author: George Joseph
Date: 2026-03-31
Several issues are resolved:
Internally, floats were used for timestamp values but this could result
in wrapping so they've been changed to doubles.
Historically, the default CEL eventtime format is <seconds>.<microseconds>
with <microseconds> always being 6 digits. This should have continued to be
the case but res_cdrel_custom wasn't checking the dateformat setting in
cel.conf and was defaulting to %F %T. res_cdrel_custom now gets the default
date format from cel.conf, which will be whatever the dateformat parameter
is set to or <seconds>.<microseconds> if not set.
The timeval field formatter for both CDR and CEL wasn't handling custom
strftime format strings correctly. This is now fixed so you should be able
to specifiy custom strftime format strings for the CEL eventtime and CDR start, answer and end fields. For example: eventtime(%FT%T%z).
1852: [bug]: res_cdrel_custom: connection to the sqlite3 database closes from time to time
Commits By Author:
George Joseph (1):
res_cdrel_custom: Resolve several formatting issues.
nappsoft (1):
res_cdrel_custom: do not free config when no new config was loaded
Commit List:
res_cdrel_custom: do not free config when no new config was loaded
res_cdrel_custom: Resolve several formatting issues.
Commit Details:
res_cdrel_custom: do not free config when no new config was loaded
Author: nappsoft
Date: 2026-04-02
When the res_cdrel_custom modules is reloaded and the config has not been changed asterisk should not free the old config. Otherwise the connection to the database will be closed and no new connection will be opened.
res_cdrel_custom: Resolve several formatting issues.
Author: George Joseph
Date: 2026-03-31
Several issues are resolved:
Internally, floats were used for timestamp values but this could result
in wrapping so they've been changed to doubles.
Historically, the default CEL eventtime format is <seconds>.<microseconds>
with <microseconds> always being 6 digits. This should have continued to be
the case but res_cdrel_custom wasn't checking the dateformat setting in
cel.conf and was defaulting to %F %T. res_cdrel_custom now gets the default
date format from cel.conf, which will be whatever the dateformat parameter
is set to or <seconds>.<microseconds> if not set.
The timeval field formatter for both CDR and CEL wasn't handling custom
strftime format strings correctly. This is now fixed so you should be able
to specifiy custom strftime format strings for the CEL eventtime and CDR start, answer and end fields. For example: eventtime(%FT%T%z).
1852: [bug]: res_cdrel_custom: connection to the sqlite3 database closes from time to time
Commits By Author:
George Joseph (1):
res_cdrel_custom: Resolve several formatting issues.
nappsoft (1):
res_cdrel_custom: do not free config when no new config was loaded
Commit List:
res_cdrel_custom: do not free config when no new config was loaded
res_cdrel_custom: Resolve several formatting issues.
Commit Details:
res_cdrel_custom: do not free config when no new config was loaded
Author: nappsoft
Date: 2026-04-02
When the res_cdrel_custom modules is reloaded and the config has not been changed asterisk should not free the old config. Otherwise the connection to the database will be closed and no new connection will be opened.
res_cdrel_custom: Resolve several formatting issues.
Author: George Joseph
Date: 2026-03-31
Several issues are resolved:
Internally, floats were used for timestamp values but this could result
in wrapping so they've been changed to doubles.
Historically, the default CEL eventtime format is <seconds>.<microseconds>
with <microseconds> always being 6 digits. This should have continued to be
the case but res_cdrel_custom wasn't checking the dateformat setting in
cel.conf and was defaulting to %F %T. res_cdrel_custom now gets the default
date format from cel.conf, which will be whatever the dateformat parameter
is set to or <seconds>.<microseconds> if not set.
The timeval field formatter for both CDR and CEL wasn't handling custom
strftime format strings correctly. This is now fixed so you should be able
to specifiy custom strftime format strings for the CEL eventtime and CDR start, answer and end fields. For example: eventtime(%FT%T%z).
26w14a, supposedly the first and only snapshot for the "Herdcraft Update", is an April Fools' Day joke snapshot released on April 1, 2026. Similar to 22w13oneBlockAtATime, it disables many inventory features. Instead, the player can command "living blocks" using various tools in their hotbar. The blocks act as mobs, meaning they can be hurt, moved, and attacked.
Full changelog: https://minecraft.wiki/Java_Edition_26w14a
26.1.1 is a hotfix for Java Edition released on April 1, 2026, which fixes an issue with chat reporting. It is compatible with 26.1 servers.
Full changelog: https://minecraft.wiki/Java_Edition_26.1.1
26.1.1 Release Candidate 1 (known as 26.1.1-rc-1 in the launcher) is the first and only release candidate for Java Edition 26.1.1, released on March 31, 2026, which fixes a bug.
Full changelog: https://minecraft.wiki/Java_Edition_26.1.1-rc-1
There are experimental features in 2.4, one is enabled with --enable-experimental-mail-utf8, and another with --enable-experimental-imap4rev2, and you also need to set mail_utf8_extensions=yes and imap4rev2_enabled=yes to enable them in config.
Critical bug fixes
CVE-2025-59028: Invalid base64 authentication can cause DoS for other
logins.
CVE-2025-59031: decode2text.sh OOXML extraction may follow symlinks
and read unintended files during indexing. Fixed by dropping the script.
CVE-2026-24031: SQL injection possible if auth_username_chars is
configured empty. Fixed escaping to always happen. v2.4 regression.
CVE-2026-27859: Excessive RFC 2231 MIME parameters in email would cause
excessive CPU usage. Fixed by limiting number of parameters to process.
CVE-2026-27860: LDAP query injection possible if auth_username_chars
is configured empty. Fixed escaping to always happen. v2.4 regression.
CVE-2026-27857: Sending excessive parenthesis causes imap-login to use
excessive memory.
CVE-2026-27856: Doveadm credentials were not checked using timing-safe
checking function.
Remove default service/*/service_extra_groups=$SET:default_internal_group.
They are now replaced by default mail_access_groups=$SET:default_internal_group.
The version file has been renamed as version.txt to avoid clash with
C++ headers.
auth: oauth2 - Do not export token automatically, must be exported using
fields.
config: Don't accept 0 as meaning unlimited anymore for
last_valid_uid, last_valid_gid, mail_cache_max_headers_count,
mail_cache_max_header_name_length, mail_vsize_bg_after_count,
mail_sort_max_read_count, message_max_size, submission_max_recipients
and quota_mail_size.
imap, pop3: Don't autoexpunge if Dovecot is shutting down or process
is killed.
imap: LIST - Handle invalid mUTF-7 mailbox names as never matching anything
lazy-expunge: Change lazy_expunge_only_last_instance default to yes.
lda: Use EX_TEMPFAIL (75) if configuration is invalid instead of 89.
v2.4 regression.
lib-master: Increase ANVIL_DEFAULT_LOOKUP_TIMEOUT_MSECS from 5s to 30s
lib: crc32 - Use zlib's built-in CRC32 function
New features
Improve UTF-8 support for mail storage.
auth: Add default auth-token UNIX socket for token-based authentication.
doc: solr-config-9.xml - Make it compatible with Solr 9.8.0
doveadm: dsync - Search mails when exporting to reduce number of mails
exported by dsync-server.
dovecot-sysreport: Add -D|--destdir support.
imap, imap-hibernate: Use DOVECOT-TOKEN authentication for unhibernation.
Default imap-master socket permissioms have been changed due to this.
imap: Add APPENDLIMIT capability when configured with quota_mail_size.
imap: Support STATUS (DELETED) for IMAP4rev2.
imapc: Add support for SEARCH MIMEPART
imapc: Improve error forwarding.
imapc: Support SORT and ESORT extensions.
imapc: Support STATUS (DELETED) for IMAP4rev2.
lib-sql: Support parameterized queries.
lib-test: Add new test-dir API for better temporary test directory
handling.
lmtp: Advertize SIZE capability when configured with quota_mail_size.
lmtp: Support XCLIENT DESTADDR and DESTPORT
pop3-login: proxy - Add support for XCLIENT DESTIP and DESTPORT
submission-login: proxy - Add support for XCLIENT DESTIP and DESTPORT
Various optimizations have been made to the code.
Bug fixes
Fix building dovecot with BSD, Solaris and macOS.
auth: Crash would occur if users were iterated but
userdb_ldap_iterate_fields was not set.
auth: Fix request leak when client authenticates with unsupported mechanism.
auth: Some passdbs would default to PLAIN instead of CRYPT scheme.
config: Section and setting names could have been intermixed, resulting
in the setting being silently ignored.
configure: Fix checking if BUILD_IMAP_HIBERNATE is set
doveadm: dsync - -e parameter was handled wrong with dsync-server.
fts-flatcurve: Mailbox leak would occur if mailbox failed to open.
imap: Fix potential issues with unhibernation and process state handling.
imapc: SEARCH failure handling was done wrong.
imapc: UID STORE commands included extra comma in uidset.
lib-auth-client: auth-master - Fix panic when reconnecting after
handshake timeout.
lib-compression: Lz4 algorithm would assert-crash with malicious data.
lib-dcrypt: Fix digest algorithm handling.
lib-dict: Escape username paths to prevent traversal issues with dict-fs.
lib-http: Fix HTTP parsing edge cases and state handling.
lib-iostream: Disallow empty ssl_min_protocol.
lib-json: Fix incorrect character handling logic.
lib-ldap: Fix various TLS related bugs.
lib-mail: Fix charset translation and MIME parsing edge cases.
lib-mail: Fix multiple bounds checks and parsing issues in message handling.
lib-var-expand: Multiple fixes and improvements for expansion handling.
Log in
