Update to 6.3.14:
fetchmail 6.3.14 (released 2010-02-05, 25487 LoC):
# SECURITY FIXES
* SSL/TLS certificate information is now also reported properly on computers
that consider the "char" type signed. Fixes malloc() buffer overrun.
Workaround for older versions: do not use verbose mode.
See fetchmail-SA-2010-01.txt for details, including a minimal patch.
# BUG FIXES
* The IMAP client no longer skips messages from several IMAP servers including
Dovecot if fetchmail's "idle" is in use. Causes were that fetchmail (a)
ignored some untagged responses when it should not (b) relied on EXISTS
messages in response to EXPUNGE, which aren't mandated by RFC-3501 (the IMAP
standard) and aren't sent by Dovecot either.
Fix by Sunil Shetye (the fix also consolidates IMAP response handling,
improving overall robustness of the IMAP client), bug report and testing by
Matt Doran, with further hints from Timo Sirainen.
* The SMTP client now recovers from errors (such as servers dropping the
connection after errors) when sending an RSET command.
Fix by Sunil Shetye. Report by James Moe.
* The IMAP client now uses "SEARCH UNSEEN" rather than "SEARCH UNSEEN NOT
DELETED" again on IMAP2, to fix a regression in fetchmail 6.2.5 reported by
Will Stringer in June 2004. (Sunil Shetye)
* The IMAP client now uses "SEARCH UNSEEN UNDELETED" on IMAP4 and IMAP4r1
servers (Sunil Shetye).
* Workaround: The IMAP client now falls back to "FETCH n:m FLAGS" if the server
does not support "SEARCH". (Sunil Shetye)
* The IMAP client now requests message numbers in batches of 1,000 to avoid
problems if there are more than 1860 unseen messages. (Sunil Shetye)
Note that this wasn't security relevant because fetchmail would only read up
to the maximum buffer size and leave the remainder of the string unread, going
out of synch afterwards.
* Stricter validation of IMAP responses containing byte or message counts.
# CHANGES
* Only include gssapi.h if we're not including gssapi/gssapi.h, to fix a FreeBSD
compiler warning about gssapi.h being obsolete.
# DOCUMENTATION
* The README.SSL document was revised for grammar, spelling, and clarity.
Courtesy of Robert Mullin.
fetchmail 6.3.13 (released 2009-10-30, 25333 LoC):
# REGRESSION FIXES
* The multiline SMTP error fix in release 6.3.12 caused fetchmail to lose
message codes 400..599 and treat all of these as temporary error. This would
cause messages to be left on the server even if softbounce was turned off.
Reported by Thomas Jarosch.
fetchmail 6.3.12 (released 2009-10-05):
# REGRESSION FIXES
* The CVS-2009-2666 fix in fetchmail release 6.3.11 caused a free() of
unallocated memory on SSL connections, which caused crashes or program aborts
on some systems (depending on how initialization and free() of unallocated
memory is handled in compiler and libc).
Workaround for older versions: run in verbose mode.
Patch courtesy of Thomas Heinz, fixes Gentoo Bug #280760.
This regression affected only the 6.3.11 release, but not the patch that was
part of the security announcement fetchmail-SA-2009-01.
# BUG FIXES
* Fix error reporting for GSSAPI on Heimdal (h5l) Kerberos.
* Look for MD5_Init in libcrypto rather than libssl, fixes Gentoo Kerberos
builds; fixes upstream parts of Gentoo Bugs #231400 and #185652, and fixes
BerliOS Bug #16134.
* Report multiline SMTP errors properly, reported by Earl Chew; fixes Debian Bug
#529899, reported by Akihiro Terasaki.
Note: This fix introduced a regression, fixed in 6.3.13.
* Replace control characters in SMTP replies by '?'.
* Fetchmailconf: Fix descriptions for smtpaddress and smtpname options;
smtpaddress is for RCPT TO, not MAIL FROM. Found by Gerard Seibert.
...as well as translation updates in all three releases.
2010-02-14 10:46:00 +01:00
|
|
|
# $NetBSD: Makefile,v 1.170 2010/02/14 09:46:00 wiz Exp $
|
1998-02-28 12:05:37 +01:00
|
|
|
|
Update to 6.3.14:
fetchmail 6.3.14 (released 2010-02-05, 25487 LoC):
# SECURITY FIXES
* SSL/TLS certificate information is now also reported properly on computers
that consider the "char" type signed. Fixes malloc() buffer overrun.
Workaround for older versions: do not use verbose mode.
See fetchmail-SA-2010-01.txt for details, including a minimal patch.
# BUG FIXES
* The IMAP client no longer skips messages from several IMAP servers including
Dovecot if fetchmail's "idle" is in use. Causes were that fetchmail (a)
ignored some untagged responses when it should not (b) relied on EXISTS
messages in response to EXPUNGE, which aren't mandated by RFC-3501 (the IMAP
standard) and aren't sent by Dovecot either.
Fix by Sunil Shetye (the fix also consolidates IMAP response handling,
improving overall robustness of the IMAP client), bug report and testing by
Matt Doran, with further hints from Timo Sirainen.
* The SMTP client now recovers from errors (such as servers dropping the
connection after errors) when sending an RSET command.
Fix by Sunil Shetye. Report by James Moe.
* The IMAP client now uses "SEARCH UNSEEN" rather than "SEARCH UNSEEN NOT
DELETED" again on IMAP2, to fix a regression in fetchmail 6.2.5 reported by
Will Stringer in June 2004. (Sunil Shetye)
* The IMAP client now uses "SEARCH UNSEEN UNDELETED" on IMAP4 and IMAP4r1
servers (Sunil Shetye).
* Workaround: The IMAP client now falls back to "FETCH n:m FLAGS" if the server
does not support "SEARCH". (Sunil Shetye)
* The IMAP client now requests message numbers in batches of 1,000 to avoid
problems if there are more than 1860 unseen messages. (Sunil Shetye)
Note that this wasn't security relevant because fetchmail would only read up
to the maximum buffer size and leave the remainder of the string unread, going
out of synch afterwards.
* Stricter validation of IMAP responses containing byte or message counts.
# CHANGES
* Only include gssapi.h if we're not including gssapi/gssapi.h, to fix a FreeBSD
compiler warning about gssapi.h being obsolete.
# DOCUMENTATION
* The README.SSL document was revised for grammar, spelling, and clarity.
Courtesy of Robert Mullin.
fetchmail 6.3.13 (released 2009-10-30, 25333 LoC):
# REGRESSION FIXES
* The multiline SMTP error fix in release 6.3.12 caused fetchmail to lose
message codes 400..599 and treat all of these as temporary error. This would
cause messages to be left on the server even if softbounce was turned off.
Reported by Thomas Jarosch.
fetchmail 6.3.12 (released 2009-10-05):
# REGRESSION FIXES
* The CVS-2009-2666 fix in fetchmail release 6.3.11 caused a free() of
unallocated memory on SSL connections, which caused crashes or program aborts
on some systems (depending on how initialization and free() of unallocated
memory is handled in compiler and libc).
Workaround for older versions: run in verbose mode.
Patch courtesy of Thomas Heinz, fixes Gentoo Bug #280760.
This regression affected only the 6.3.11 release, but not the patch that was
part of the security announcement fetchmail-SA-2009-01.
# BUG FIXES
* Fix error reporting for GSSAPI on Heimdal (h5l) Kerberos.
* Look for MD5_Init in libcrypto rather than libssl, fixes Gentoo Kerberos
builds; fixes upstream parts of Gentoo Bugs #231400 and #185652, and fixes
BerliOS Bug #16134.
* Report multiline SMTP errors properly, reported by Earl Chew; fixes Debian Bug
#529899, reported by Akihiro Terasaki.
Note: This fix introduced a regression, fixed in 6.3.13.
* Replace control characters in SMTP replies by '?'.
* Fetchmailconf: Fix descriptions for smtpaddress and smtpname options;
smtpaddress is for RCPT TO, not MAIL FROM. Found by Gerard Seibert.
...as well as translation updates in all three releases.
2010-02-14 10:46:00 +01:00
|
|
|
DISTNAME= fetchmail-6.3.14
|
1998-02-28 12:05:37 +01:00
|
|
|
CATEGORIES= mail
|
2009-05-21 13:32:01 +02:00
|
|
|
MASTER_SITES= http://download.berlios.de/fetchmail/
|
2007-01-17 15:29:11 +01:00
|
|
|
EXTRACT_SUFX= .tar.bz2
|
1998-02-28 12:05:37 +01:00
|
|
|
|
2008-04-27 20:14:03 +02:00
|
|
|
MAINTAINER= pkgsrc-users@NetBSD.org
|
Update fetchmail to 6.2.5.5.
Change homepage to http://fetchmail.berlios.de/ and update MASTER_SITES.
Changes introduced since 6.2.5:
fetchmail-6.2.5.X is a security fix branch that forked off
fetchmail-6.2.5. It does not change for anything but security and the
most severe bug fixes. Note that no 6.2.5.X security audits are planned
except when a particular bug is reported, and that 6.2.5.X is unsafe to
use on some systems, particularly those that lack a *working and secure*
snprintf implementation.
The fetchmail 6.2.5.X branch will be discontinued early in 2006.
fetchmail-6.2.5.5 2005-12-19 Matthias Andree
* SECURITY FIX CVE-2005-4348: fix null pointer dereference in
multidrop mode when the message is empty. Reported by Daniel Drake
<http://article.gmane.org/gmane.mail.fetchmail.user/7573> and others
(Debian Bug #343836). Fix by Sunil Shetye.
* Fix Debian bug #301964, fetchmail leaks sockets when SSL negotiation
fails. Fix suggested by Goswin Brederlow.
* Add fetchmail-SA-2005-{01,02,03}.txt
fetchmail-6.2.5.4 2005-11-13 Matthias Andree
* Also ship pre-built rcfile_y.[ch] for systems that don't have flex,
yacc or bison.
* On FreeBSD, add /usr/local/include to CPPFLAGS so that libintl.h is found.
* Avoid automatically picking up HESIOD implementations that lack
hesiod_getmailhost, such as the one in FreeBSD's base system.
* Fix makedepend for separated build (where the build is not run from
the source directory), but prevent packaging from separated build, it
yields bogus results.
* Fix resolv.h autodetection.
* Add +HESIOD to version printout if appropriate.
fetchmail-6.2.5.3 2005-11-12 Matthias Andree
* SECURITY FIX CVE-2005-3088: fetchmailconf: fix password exposure: use
umask 077 before opening output file and restore umask later.
* Critical fix: fix IMAP timeouts, counting message count down on
servers that do not send EXISTS counts after EXPUNGE. Debian Bug#314509.
* Ship pre-built rcfile_l.c for systems that don't have flex.
* Build environment: Update included gettext. Fix
--with-included-gettext. Fix parallel build (make -j). Fix "always
rebuild fetchmail" syndrome.
* Do not link against -ll or -lfl (not needed).
fetchmail-6.2.5.2
(patch Fri Jul 22 01:52 GMT 2005,
tarball Sat Jul 23 21:34 GMT 2005)
* README: Added a note about release status - READ IT!
* Note: Due to a Makefile.in bug, you may need to use GNU make.
* SECURITY FIX CVE-2005-2335: truncate UIDL replies, lest malicious or
compromised POP3 servers overflow fetchmail's stack. Debian bug
#212762. This is a remote root exploit.
Thanks: Miloslav Trmac for pointing out the fix in 6.2.5.1 was buggy.
Thanks: Ludwig Nussel for a much simpler fix.
* Critical fix: omit blank between MAIL FROM: and <user@example.org>,
as this causes mail loss with some listeners.
* Fix: POP2 driver wouldn't properly check authentication failure.
* Sunil Shetye's fix to force fetchsizelimit to 1 for APOP and RPOP.
2005-12-20 15:27:53 +01:00
|
|
|
HOMEPAGE= http://fetchmail.berlios.de/
|
2003-07-21 18:56:41 +02:00
|
|
|
COMMENT= Batch mail retrieval/forwarding utility for pop2, pop3, apop, imap
|
1998-02-28 12:05:37 +01:00
|
|
|
|
2008-01-05 21:50:00 +01:00
|
|
|
PKG_DESTDIR_SUPPORT= user-destdir
|
2004-01-06 08:05:24 +01:00
|
|
|
PKG_INSTALLATION_TYPES= overwrite pkgviews
|
|
|
|
|
|
2004-08-05 04:31:24 +02:00
|
|
|
.include "../../mk/bsd.prefs.mk"
|
|
|
|
|
|
2004-03-31 04:32:56 +02:00
|
|
|
USE_PKGLOCALEDIR= yes
|
|
|
|
|
GNU_CONFIGURE= yes
|
2001-06-27 06:17:35 +02:00
|
|
|
CONFIGURE_ARGS+= --without-hesiod
|
2007-01-17 20:18:01 +01:00
|
|
|
CONFIGURE_ENV+= PYTHON=:
|
2001-06-27 06:28:48 +02:00
|
|
|
LDFLAGS+= ${CFLAGS}
|
2006-04-13 20:23:29 +02:00
|
|
|
USE_TOOLS+= msgfmt tbl
|
1999-08-18 11:24:08 +02:00
|
|
|
|
2005-10-21 22:56:50 +02:00
|
|
|
.if ${OPSYS} == "Darwin"
|
|
|
|
|
LDFLAGS+= -lresolv
|
|
|
|
|
CFLAGS.Darwin+= -DBIND_8_COMPAT -DHAVE_RESOLV_H
|
|
|
|
|
.endif
|
|
|
|
|
|
2004-08-05 04:31:24 +02:00
|
|
|
.include "options.mk"
|
1998-02-28 12:05:37 +01:00
|
|
|
|
2004-03-31 04:25:11 +02:00
|
|
|
DOCDIR= ${PREFIX}/share/doc/fetchmail
|
2003-09-12 00:58:05 +02:00
|
|
|
RCD_SCRIPTS= fetchmail
|
1998-02-28 12:05:37 +01:00
|
|
|
|
2004-07-30 23:05:41 +02:00
|
|
|
.include "../../devel/gettext-lib/buildlink3.mk"
|
|
|
|
|
|
1998-02-28 12:35:39 +01:00
|
|
|
post-extract:
|
2001-07-31 18:19:08 +02:00
|
|
|
@${RM} -f ${WRKSRC}/intl/libintl.h
|
1999-10-09 00:06:51 +02:00
|
|
|
.if ${OPSYS} == "NetBSD"
|
|
|
|
|
@${RM} -f ${WRKSRC}/md5.h
|
1999-10-01 12:31:57 +02:00
|
|
|
.endif
|
2004-03-31 04:22:04 +02:00
|
|
|
|
2001-03-23 11:01:01 +01:00
|
|
|
.if defined(REPLACE_KERBEROS_LIBS)
|
2004-09-15 09:43:01 +02:00
|
|
|
pre-configure:
|
2001-03-23 11:01:01 +01:00
|
|
|
cd ${WRKSRC} && \
|
|
|
|
|
for F in configure.in configure; do \
|
|
|
|
|
${SED} -e "s/-lkrb -ldes/-lkrb -ldes -lcom_err -lroken/" \
|
|
|
|
|
$$F > $$F.mod; \
|
|
|
|
|
${MV} -f $$F.mod $$F; \
|
|
|
|
|
done
|
|
|
|
|
${CHMOD} a+x ${WRKSRC}/configure
|
|
|
|
|
.endif
|
1998-02-28 12:05:37 +01:00
|
|
|
|
1999-10-09 00:06:51 +02:00
|
|
|
post-build:
|
2004-03-31 04:22:04 +02:00
|
|
|
for file in ${WRKSRC}/fetchmail.man; do \
|
|
|
|
|
${MV} -f $$file $$file.tbl; \
|
2004-07-09 14:34:53 +02:00
|
|
|
${TBL} $$file.tbl > $$file; \
|
2004-03-31 04:22:04 +02:00
|
|
|
done
|
2000-02-05 20:51:13 +01:00
|
|
|
|
1998-02-28 12:05:37 +01:00
|
|
|
post-install:
|
2008-01-05 21:50:00 +01:00
|
|
|
${INSTALL_DATA_DIR} ${DESTDIR}${DOCDIR}
|
2004-03-31 04:25:11 +02:00
|
|
|
cd ${WRKSRC}; for file in \
|
|
|
|
|
FAQ NOTES FEATURES README COPYING \
|
|
|
|
|
fetchmail-FAQ.html fetchmail-features.html \
|
|
|
|
|
design-notes.html; \
|
|
|
|
|
do \
|
2008-01-05 21:50:00 +01:00
|
|
|
${INSTALL_DATA} $$file ${DESTDIR}${DOCDIR}; \
|
2004-03-31 04:25:11 +02:00
|
|
|
done
|
1998-02-28 12:05:37 +01:00
|
|
|
|
1998-04-15 12:38:15 +02:00
|
|
|
.include "../../mk/bsd.pkg.mk"
|
