Reset pawel@'s port www/claws-mail, he stepped down from the Ports Team.
Hope you come back one day, and take over the port again.
-Take Maintainership
PR: 226397
Submitted by: pawel
There was a bug in upstream's (src/libserver/milter.c) compatibility with
FreeBSD's libmilter (contrib/sendmail/libmilter/engine.c).
The bug causes rspamd to send reject messages after set reply.
Reported by: Philip Jocks <pj@netzkommune.de>
Reviewed by: mat, vsevolod (maintainer)
Approved by: vsevolod (maintainer)
Sponsored by: Netzkommune GmbH
Differential Revision: https://reviews.freebsd.org/D14542
When feasible do this by adding -D_WANT_SEMUN to CFLAGS or CXXFLAGS.
Where this fails due to ports not honoring C*FLAGS, patch using
__FreeBSD_version to enable the definition.
PR: 224300, 224443 (exp-run)
Approved by: portmgr (antoine)
Exp-run: antoine
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D14137
Change an ambigious "enable" to the actual value that causes a problem,
and fix spelling of "gid".
No PORTREVISION bump---there's a major update coming shortly, and this
change will get picked up then.
PR: 218392
Submitted by: Jeremy Chadwick
Changelog:
- Fixed filesystem path handling problem: sieve plugin could have
assert-crashed with specific path lengths with: "Panic: file
realpath.c: line 86 (path_normalize): assertion failed: (npath_pos +
1 < npath + asize)".
- Sieve extprograms plugin: Large output from "execute" command crashed
delivery. Fixed buffering issue in code that handles output from the
external program.
- editheader extension: Extensively reworked the low-level
implementation of adding and removing headers. This solves a few
integer arithmetic problems reported by Clang runtime checks, but also
improves code structure and reliability in general.
- imapsieve: Fix assert crash occurring when selected messages are
expunged concurrently by the time Sieve filter is to be applied.
- imap4flags extension: Fix binary byte-code corruption occurring when
the setflag, addflag, or removeflag command's flag-list is a variable.
- enotify extension: mailto method: Fixed parsing of mailto URI with
only a header part.
- enotify extension: mailto method: Make sure "From:" header is set to a
usable address and not "(null)".
- Fixed writing address headers to outgoing messages. It sometimes
erroneously applied another layer of MIME header encoding.
- Add openblas dependency when built with Torch
- Use gcc if Torch is enabled due to bug with libgfortran
Submitted by: Alexander Moisseev via private communication [1]
* CVE-2017-15130: TLS SNI config lookups may lead to excessive
memory usage, causing imap-login/pop3-login VSZ limit to be reached
and the process restarted. This happens only if Dovecot config has
local_name { } or local { } configuration blocks and attacker uses
randomly generated SNI servernames.
* CVE-2017-14461: Parsing invalid email addresses may cause a crash or
leak memory contents to attacker. For example, these memory contents
might contain parts of an email from another user if the same imap
process is reused for multiple users. First discovered by Aleksandar
Nikolic of Cisco Talos. Independently also discovered by "flxflndy"
via HackerOne.
* CVE-2017-15132: Aborted SASL authentication leaks memory in login
process.
* Linux: Core dumping is no longer enabled by default via
PR_SET_DUMPABLE, because this may allow attackers to bypass
chroot/group restrictions. Found by cPanel Security Team. Nowadays
core dumps can be safely enabled by using "sysctl -w
fs.suid_dumpable=2". If the old behaviour is wanted, it can still be
enabled by setting:
import_environment=$import_environment PR_SET_DUMPABLE=1
* doveconf output now includes the hostname.
+ mail_attachment_detection_options setting controls when
$HasAttachment and $HasNoAttachment keywords are set for mails.
+ imap: Support fetching body snippets using FETCH (SNIPPET) or
(SNIPPET (LAZY=FUZZY))
+ fs-compress: Automatically detect whether input is compressed or not.
Prefix the compression algorithm with "maybe-" to enable the
detection, for example: "compress:maybe-gz:6:..."
+ Added settings to change dovecot.index* files' optimization behavior.
See https://wiki2.dovecot.org/IndexFiles#Settings
+ Auth cache can now utilize auth workers to do password hash
verification by setting auth_cache_verify_password_with_worker=yes.
+ Added charset_alias plugin. See
https://wiki2.dovecot.org/Plugins/CharsetAlias
+ imap_logout_format and pop3_logout_format settings now support all of
the generic variables (e.g. %{rip}, %{session}, etc.)
+ Added auth_policy_check_before_auth, auth_policy_check_after_auth
and auth_policy_report_after_auth settings.
- v2.2.33: doveadm-server: Various fixes related to log handling.
- v2.2.33: doveadm failed when trying to access UNIX socket that didn't
require authentication.
- v2.2.33: doveadm log reopen stopped working
- v2.2.30+: IMAP stopped advertising SPECIAL-USE capability
- v2.2.30+: IMAP stopped sending untagged OK/NO storage notifications
- replication: dsync sends unnecessary replication notification for
changes it does internally. NOTE: Folder creates, renames, deletes
and subscribes still trigger unnecessary replication notifications,
but these should be rather rare.
- mail_always/never_cache_fields setting changes weren't applied for
existing dovecot.index.cache files.
- Fix compiling and other problems with OpenSSL v1.1
- auth policy: With master user logins, lookup using login username.
- FTS reindexed all mails unnecessarily after loss of
dovecot.index.cache file
- mdbox rebuild repeatedly fails with "missing map extension"
- SSL connections may have been hanging with imapc or doveadm client.
- cassandra: Using protocol v3 (Cassandra v2.1) caused memory leaks and
also timestamps weren't set to queries.
- fs-crypt silently ignored public/private keys specified in
configuration (mail_crypt_global_public/private_key) and just
emitted plaintext output.
- lock_method=dotlock caused crashes
- imapc: Reconnection may cause crashes and other errors
MFH: 2018Q1
Security: CVE-2017-14461
Security: CVE-2017-15130
Security: CVE-2017-15132
Firt definition of MARIADB_VERSION_ID can be found in mariadb102
therefore we have to use MARIADB_BASE_VERSION which is defined in
mariadb55 and mariadb10x
PR: 226266 [1], 220224
Reported by: Zilon [1]
Firt definition of MARIADB_VERSION_ID can be found in mariadb102
therefore we have to use MARIADB_BASE_VERSION which is defined in
mariadb55 and mariadb10x
PR: 226266 [1], 220224
Reported by: Zilon [1]
- Update ports to version to 0.26.
- Unconditionally install completions according to Porter's Handbook Chapter 6.31.
without adding extra dependencies.
- Turn on the MANPAGES option by default. Building the manual pages is kept as an option
to allow for more minimal custom builds.
- Remove RUBY option as it never did anything. There are no build or install instructions
in the Makefile nor %%RUBY%% references in pkg-plist.
Building with the RUBY option enabled makes absolutely no difference to the produced package.
The only thing ever requiring the Ruby bindings to the Notmuch library is the Vim client,
which isn't built either.
- Turn mail/py-notmuch into a slave port of mail/notmuch.
- Split off EMACS option into the flavor aware slave port mail/notmuch-emacs.
- Split off MUTT option into the slave port mail/notmuch-mutt.
- Perform miscellaneous cleanups.
PR: 225059
Submitted by: seschwar AT gmail.com
Reviewed by: mat, fluffy, maintainers
Approved by: maintainers
Differential Revision: D13944
[WARN] stat /root/go/src: no such file or directory
[ERROR] Could not find any of /root/go/src.
[INFO] As of Glide 0.5/Go 1.5, this is required.
[ERROR] Without src, cannot continue.
Reported by: pkg-fallout
- Add LICENSE
It explicitly requires user agreement (thus no-auto-accept) and
forbids distribution for a fee `beyond reasonable duplication
charges` which is too vague I don't think can be guaranteed in
any case (thus no-*-sell)
tdir port uses another variant of license, which also forbids
modification, and since the port requires shebangfix and Makefile
patching, also mark it no-pkg-mirror and BROKEN.
- Don't install licenses with documentation, since our license
framework already handles this
- Fix python shebangs
- Limit python version to 2.7, as no port is compatible with python3
- Add NO_ARCH
- User options targets helpers
- Simplify installation in a few cases
Approved by: portmgr blanket
- When no virtualhosts are defined, and the default localhost/localhost is
effective, the post-install script now adds DEFAULT_EMAIL_HOST,
DEFAULT_URL_HOST, and add_virtualhost() lines to mm_cfg.py.
Add corresponding support to remove unchanged configurations to the
deinstall script.
- While here, overhaul crontab configuration to only request a merge if the
crontab had been modified, and unify progress reports.
- Merge pkg-deinstall into pkg-install, to avoid duplication of code
that might be missed in later maintenance.
PR: 225961
Reported by: Terry Kennedy
