Changelog:
What's New
new MailExtensions: Raw message source available to MailExtensions
Changes
changed MailExtensions: messages.update function extended to mark messages as junk or not junk
changed MailExtensions: browser.compose.begin functions no longer expand mailing lists
Fixes
fixed Various improvements to account setup when connecting to an Exchange server
fixed Thread collapsed when opening news message in a new window
fixed Addons not automatically updated to compatible version after upgrade from Thunderbird 60
fixed Updating addons did not prompt when requesting new permissions
fixed Extra recipients panel not keyboard-accessible
fixed Accessibility: Status bar was not detected by screenreaders
fixed MailExtensions: messages.query by folder name did not require accountsRead permission
fixed Calendar: Invitations with embedded null bytes did not always decode correctly
fixed Calendar: Cancelled events didn't show with a line-through
fixed Various security fixes
Security fixes:
#CVE-2020-6819: Use-after-free while running the nsDocShell destructor
#CVE-2020-6820: Use-after-free when handling a ReadableStream
#CVE-2020-6821: Uninitialized memory could be read when using the WebGL copyTexSubImage method
#CVE-2020-6822: Out of bounds write in GMPDecodeData when processing large images
#CVE-2020-6825: Memory safety bugs fixed in Thunderbird 68.7.0
Add missing curly brackets that caused res_ninit() to be called
with non-zeroed state structure. In NetBSD, res_ninit() detects
the mistake and quickly calls res_ndestroy(), which will close file
descriptors based on the random data provided in the state structure.
The result at mine is sendmail going mute after the MAIL FROM
command.
Include patchset from the community and Debian package maintainers to
support OpenSSL version 1.1. This is the more feature rich version of
imapproxy.
Last official changelog entries:
2016-09-12 Paul Lesniewski <paul@squirrelmail.org>
* Added support for systemd startup
* Added support for accepting pre-auth ID commands (RFC 2971)
* Added support for DNS RR to cycle through multiple IMAP
server backends (thanks to Wolfgang Breyha)
* Added ability to restrict DNS lookups to IPv4 or IPv6
only (thanks to Wolfgang Breyha)
* Make EGD support conditional, provide compatibility with
LibreSSL, other small fixes provided by the BSD team
* Fixed anomalous crashes recycling used connections (thanks
to Emmanuel Dreyfus)
* Retain compatibility with older OpenSSL versions (thanks to
Wolfgang Breyha)
* Make use of the no_new_privs flag (Linux only) when becoming
non-root (thanks to Shawn Landden)
2014-01-20 Paul Lesniewski <paul@squirrelmail.org>
* Added support for up to TLS v1.2 (thanks to Emmanuel Dreyfus)
* Added support for ECDHE ciphers (thanks to Emmanuel Dreyfus)
* Added ability to manually specify TLS ciphers (thanks to Emmanuel Dreyfus)
* Added server certificate validation (thanks to Emmanuel Dreyfus)
2012-01-01 Paul Lesniewski <paul@squirrelmail.org>
* Fixed problem where default TLS CA data would never
be loaded (thanks to Orion Poplawski)
* Fixed bug in SSL context initialization
Based on patch provided by Mike Pumford on pkgsrc-users.
Exim version 4.93+fixes
-----------------------
This is not an official release. It is just a branch, collecting
proposed bugfixes. Depending on your environment the fixes may be
necessary to build and/or run Exim successfully.
JH/05 Regard command-line receipients as tainted.
JH/07 Bug 2489: Fix crash in the "pam" expansion condition. It seems that the
PAM library frees one of the arguments given to it, despite the
documentation. Therefore a plain malloc must be used.
JH/08 Bug 2491: Use tainted buffers for the transport smtp context. Previously
on-stack buffers were used, resulting in a taint trap when DSN information
copied from a received message was written into the buffer.
JH/09 Bug 2493: Harden ARC verify against Outlook, whick has been seen to mix
the ordering of its ARC headers. This caused a crash.
JH/10 Bug 2492: Use tainted memory for retry record when needed. Previously when
a new record was being constructed with information from the peer, a trap
was taken.
JH/11 Bug 2494: Unset the default for dmarc_tld_file. Previously a naiive
installation would get error messages from DMARC verify, when it hit the
nonexistent file indicated by the default. Distros wanting DMARC enabled
should both provide the file and set the option.
Also enforce no DMARC verification for command-line sourced messages.
JH/12 Fix an uninitialised flag in early-pipelining. Previously connections
could, depending on the platform, hang at the STARTTLS response.
JH/13 Bug 2498: Reset a counter used for ARC verify before handling another
message on a connection. Previously if one message had ARC headers and
the following one did not, a crash could result when adding an
Authentication-Results: header.
JH/14 Bug 2500: Rewind some of the common-coding in string handling between the
Exim main code and Exim-related utities. The introduction of taint
tracking also did many adjustments to string handling. Since then, eximon
frequently terminated with an assert failure.
JH/16 Fix the variables set by the gsasl authenticator. Previously a pointer to
library live data was being used, so the results became garbage. Make
copies while it is still usable.
Changelog:
0.6.75 2020-03-22 Markus Schnalke - fix from Debian for vcard version format.
0.6.74 2020-01-12 Paul Wise - many changes for Debian.
0.6.73 2019-07-25 Tim Dufrane - fix segfault in pst_close()
* 3.17.5
--------
* Inline Git patches now have colour syntax highlighting
The colours of these, and patch attachments, are configurable on
the 'Other' tab of the Display/Colors page of the general
preferences.
* The previously hidden preference, 'summary_from_show', is now
configurable within the UI, on the 'Message List' tab of the
Display/Summaries page of the general preferences, 'Displayed in
From column [ ]'.
* 'Re-edit' has been added to the message context menu when in the
Drafts folder.
* Additional Date header formats are supported:
- weekday, month, day, hh, mm, ss, year, zone
- weekday, month, day, hh, mm, ss, year
* LiteHtml viewer plugin: scrolling with the keyboard has been
implemented.
* The included tools/scripts have been updated:
o eud2gc.py converted to Python 3
o tbird2claws.py converted to Python 3
o tbird2claws.py converted to Python 3
o google_search.pl has been replaced with ddg_search.pl (that is,
duckduckgo.com instead of google.com)
o fix_date.sh and its documentation have been updated
o multiwebsearch.pl 'fm' (freshmeat.net) has been removed; 'google'
has been replaced by 'ddg'
o the outdated OOo2claws-mail.pl script has been removed
* Updated manuals
* Updated translations: British English, Catalan, Czech, Danish,
Dutch, French, German, Russian, Slovak, Spanish, Swedish,
Traditional Chinese, Turkish
* bug fixes:
o bug 2131, 'Focus stealing after mail check' [improved fix]
o bug 4237, '403 is Forbidden not Unauthorized'
o bug 4239, 'Preferences: Text Options Header Display modal
is not modal' [sic]
o bug 4248, 'Sup[p]ort C99 compilers in m4/spamassassin.m4'
o bug 4253, 'Claws metadata included in MBOX exports'
o bug 4257, 'claws-mail 3.17.4 breaks copy-pasting from
emacs-gtk3'
o bug 4277, 'INBOX being "read" automatically - being marked
as read before being selected' [sic]
o bug 4278, 'Mark all as read/unread does not belong to the
message context menu'
o bug 4305, 'goto folder UI confusing'
o Fix crash in litehtml_viewer when <base> tag has no href
o removed "The following file has been attached..." dialogue
o MBOX import: give a better estimation of the time left and
grey out widgets while importing
o Fixed "vcard.c:238:2: warning: ‘strncpy’ output truncated
before terminating nul copying as many bytes from a string
as its length"
o RSSyl: Fix handling deleted feed items where modified and
published dates do not match
o fix bolding of target folder
o when creating a new account, don't pre-fill data from the
default account
o respect 'default selection' settings when moving a msg with
manual filtering
o Fix printing of empty pages when the selected part is
rendered with a plugin not implementing print
o Addressbook folder selection dialogs: make sure folder list
is sorted and apply global prefs to get stripes in lists.
o when user cancels the GPG signing passphrase dialogue,
don't bother the user with an "error" dialogue
o Fix imap keyword search. Libetpan assumes keyword search is
a MUST but RFC states it is a MAY. Fix advanced search on
MS Exchange
o fix SHIFT+SPACE in msg list, moving in reverse
o revert pasting images as attachments
o Fix help about command-line arguments that require a
parameter.
o Printing: only print as plain text if the part is of type
text
o fix a segfault with default info icon when trying to print
a non-text part.
Not only cleaner, but also fixes a build issue seen on macOS likely related to
variable definition ordering, where GPG was not set correctly and ended up
trying to use a non-existent "gpg" command. This change has the added benefit
of using the full path to the gpg binary instead of relying on PATH.
This is a micro update (actually 2) with security fixes, and is
trivial except for hand-applying some patch hunks that have textual
but not semantic conflicts.
The upstream announcement hints at minor new features and a new
plugin, but does not explain. (There is no NEWS file.)
version 2.21: Tue 21 May 16:26:30 CEST 2019
Fixes:
- fix metadata [Mohammad S Anwar]
Improvements:
- add more to the README
- add Mail::Mailer option StartSSL for smtp backend
rt.cpan.org#125871 [Guilhem Moulin]
- deprecate Mail::Mailer backend smtps
- document need for escaping docs for Mail::Send
rt.cpan.org#129627 [Jonathan Kamens]
- document limit on parameters for Mail::Send::new()
rt.cpan.org#129633 [Sven Neuhaus]
### GMime 3.2.7
* Added some configure logic to auto-detect the system shift-jis charset alias. (issue #81)
* Fixed tests/Makefile.am to exit with a non-negative value (issue #82)
* Fixed logic to skip expired or revoked gpg subkeys when looking for the correct subkey to
use for signing or encrypting. (issue #88)
* Fixed a regression introduced into 3.2.6 as part of the header parsder rewrite that lost
the ability to warn about invalid headers for non-toplevel MIME parts. (issue #89)
* Fixed S/MIME to always set GPGME_KEYLIST_MODE_VALIDATE when looking up certificates
as this is needed in order to correctly populate the GMimeCertificates (issue #90)
2020-03-20 Richard Russon <rich@flatcap.org>
* Bug Fixes
- Fix COLUMNS env var
- Fix sync after delete
- Fix crash in notmuch
- Fix sidebar indent
- Fix emptying trash
- Fix command line sending
- Fix reading large address lists
- Resolve symlinks only when necessary
* Translations
- 100% Lithuanian
- 96% Spanish
* Docs
- Include OpenSSL/LibreSSL/GnuTLS version in neomutt -v output
- Fix case of GPGME and SQLite
* Build
- Create libcompress (lz4, zlib, zstd)
- Create libhistory
- Create libbcache
- Move zstrm to libconn
* Code
- Add more test coverage
- Rename magic to type
- Use mutt_file_fopen() on config variables
- Change commands to use intptr_t for data
