* Potential security problems caused by maliciously-formed RFC 2231 attachment
parameters
Several other bugs fixed as well.
All users of Pine are highly encouraged to upgrade.
Improvements to the port:
* DOCSDIR'ification of plist
* Patches regenerated to remove fuzz
Approved by: security-officer, portmgr
* Update to Makefile COMMENT
* Take advantage of pkg-message to hit both ports and package installs
* Thanks to work done by winter to make ispell do reasonable things when
invoked as 'spell', properly define the speller for pico, and add a default
speller for the pine.conf. The reason for the latter is to take advantage of
the (arguably) superior behavior of ispell when files are piped to it.
* Do to the speller updates, grow a dependency on ispell and bump the revision.
* Add readme and copyright to portdocs
bugs have been fixed, mostly in new options. Users of Pine are
encouraged to upgrade.
In addition to the version upgrade, I've overhauled the port. The most
significant change is that I'm now using the include version of the
c-client library, as opposed to the shared version used by the IMAP
port. The main reason for this is to stay current with the Pine
developer's view of the program. An additional benefit is that this
change will allow me to update the Pine port more rapidly, without
having to wait for the shared cclient port.
In order to avoid conflicts with the IMAP server port, I am now
compiling the pine binary static. On my system, this actually gives
the pine binary a smaller memory footprint. I've also adopted the
same option semantics that are currently in use for cclient. Namely
that WITH_SSL is now the default.
The other change of note is that I'm now installing the rpdump and
rpload binaries that let you save and load a remote pine configuration.
The Makefile has also been cleaned up, somewhat simplified, and made
more generic. The basic functionality should be the same.
don't work well. They also don't take gnupg into account at all.
Therefore I'm removing them from here, and in their place I've created a
new pine-pgp-filters port with totally new, and fully functional versions.
enhanced rule patterns, role-based smtp server, better character set support,
and most importantly, a fix for the DoS recently reported on bugtraq. There
are other fixes and improvements as well, check out the release notes for
more information.
* Usual round of patch re-generation
* Add a makefile.bsf fix and a patch for pine/strings.c not being able to
find utf8.h
at UW. Improvements include TLS and SSL support fully integrated
into the code base (requires OpenSSL), support for remote address
books, improved rules-based filtering, and new filter options.
* Bugs fixed include longer folder names, temp file cleanup,
mail sorted by filters more accurately, et al.
* Re-generate almost all of the patches to clean out more of the fuzz.
1. Add support for building cclient with SSL. Warn about the possibility
that some ports may have been missed and need ssl added at link time.
2. Update cclient and imap-uw to latest versions.
3. Fix pine4 to add ssl libraries. This can be used as a model for what
other ports may need to do.
4. Release MAINTAINERship (by request).
Submitted by: anders@fix.no
Approved by: petef@databits.net
about the operating system, the version of Pine, and the word
"PINE". As described in http://www.crimelabs.net/docs/passive.html
this information could be of use to someone with malicious
intentions.
PR: 26051 (duplicated as 26052)
Approved by: maintainer
Update imap-uw to the latest version (imap-2000).
Update pine4 to the latest version (pine-4.31).
Despite the fact that the new releases of imap-uw and pine are
intended to improve security, the security warnings on the pine
and imap-uw ports have been left intact until they have proven
themselves.
Mike Silbersack <silby@silby.com>. Add a build- and install-time
warning about the probable existence of further remote security
problems, and remove FORBIDDEN.
Submitted by: Mike Silbersack <silby@silby.com>
Parenthetically, no software which uses 4299 sprintf/strcpy/strcat
calls can possibly be safe - I don't expect to remove this FORBIDDEN
tag any time soon. :-(
Pine has historically built against an internal copy of the c-client library,
however c-client development has progressed beyond what is shipped with pine.
(It would appear that all new development work is being done via UW's imap
server codebase.) This change allows pine to utilize improvements/bugfixes in
the c-client library. In addition, the cclient port builds c-client as a
a shared library. Now, pine links against this shared library. As a result,
pine binaries are approximately 550k smaller. On the other hand, the c-client
library itself is a good 650k. The real benefit here is that c-client may be
shared amongst multiple binaries (i.e. imap-uw, php, and perl scripts using the
p5-Mail-CClient module), thereby potentially reducing the overall disk and
memory usage.
PR: 19731
Submitted by: kbyanc@posi.net
Reviewed by: will
master). This is done by defining a variable "PRE_MK_INCLUDED" in the slave
before including ${MASTERDIR}/Makefile, and have the master check it before
including any necessary macro files.