2011-09-07
* version 3.1.2
2011-08-03
* src/quick_search.c: applied a patch to fix quick search text color
on dark themes (thanks to speps).
2011-06-24
* src/update_check.c: win32: also check the file size of updater exe.
2011-06-24
* libsylph/utils.c: my_tmpfile(): win32: fixed a memory leak.
unix: removed alloca().
2011-08-08 Jeffrey Stedfast <fejj@gnome.org>
* README: Bumped version
* configure.in: Bumped version to 2.4.26
* build/vs2008/gmime.vcproj: Bumped version.
2011-07-17 Jeffrey Stedfast <fejj@gnome.org>
* gmime/gmime-utils.c (charset_convert): Don't skip validation of
UTF-8 text.
2011-07-17 Jeffrey Stedfast <fejj@gnome.org>
* gmime/gmime-utils.c (charset_convert): Handle ERANGE the same as
EILSEQ.
* gmime/gmime-filter-charset.c (filter_filter): Handle ERANGE the
same as EILSEQ.
* gmime/gmime-charset.c (g_mime_charset_map_init): Improved logic
for Win32 (and even Linux) systems. Don't rely on setlocale().
2011-06-15 Jeffrey Stedfast <fejj@gnome.org>
* gmime/gmime-gpg-context.c: Define nfds_t on OSX.
2011-06-09 Jeffrey Stedfast <fejj@gnome.org>
Fix for bug #652056
* gmime/gmime-param.c (decode_value): If STRICT_PARSER isn't
defined, don't require the value to start with a valid character.
2011-06-08 Jeffrey Stedfast <fejj@gnome.org>
* README: Bumped version
* configure.in: Bumped version to 2.4.25
* build/vs2008/gmime.vcproj: Bumped version.
* gmime/gmime-session.c: Don't crash if the request_passwd()
virtual method is set to NULL. Fixes bug #651825.
2011-06-08 Jeffrey Stedfast <fejj@gnome.org>
* gmime/gmime-gpg-context.c: If building on Apple, force the use
of our own implementation of poll() because Apple's poll() is
broken on some versions of MacOS.
1.9 [2011-01-23]
- Fix build warnings.
- Fix problem on linux not detecting netfilter headers.
- Add true transparent proxying, where both client and server have no
knowledge of the proxy. Documented at the proxsmtp web page.
- Use capabilities to have transparent proxying without running as root.
- Implement a simple reject filter, so no scripts need to be run.
- Allow skipping of filtering for authenticated connections.
- Bump up the top number of simultaneous connections.
- Add client IP addresses to the log line.
1.8 [2008-06-30]
- Make the XFOWARD HELO available as a environment variable in scripts. [Glenn Matthys]
- Send an RSET to the server after filter fails an email.
- Fix an uninitialized pid variable.
1.7 [2007-05-28]
- Use my real name 'Stef Walter'
See: http://memberwebs.com/nielsen/
1.6 [2006-11-13]
- On FreeBSD fix problem where stderr wasn't processed when filter
didn't read stdin.
- Add strcasestr which is missing on Solaris.
- Add back 'Header' option which was accidentally removed in 1.5. Blush!
1.5 [2006-09-05]
- Added support for setting the REMOTE variable when an XFORWARD
command is seen.
1.4 [2006-08-10]
- Fix crasher after connection closes unexpectedly.
- Fix problem with waiting for processes [Jeff Fisher]
- Better message for 'busy' [Akihiro Sagawa]
1.3 [2005-10-21]
- Handle condition of server refusing data transfers more gracefully.
- Less chatty when setting timeouts fail
- Drop privileges after binding to port. Allows listening on ports < 1024
- Ported to Solaris
- Fix problem with binding to certain 'long' addresses
- Support embedded NULLs in email data.
- Fix problems with empty addresses in logs.
- Don't let exchange send it's strange binary data through the proxy
- Don't reject emails when server is overloaded or errors.
- Don't reject emails when starting the filter command fails.
1.2.1 [2005-04-15]
- Fixed bug (introduced in 1.2) when 'Header' option is not present.
1.2 [2005-03-24]
- Don't leak file descriptors when clamsmtpd can't connect to outgoing
SMTP server [Chris Mason]
- 'Header' configuration option with special format arguments [Olivier Beyssac]
- Supress weird warnings when looking up names of local unix connections.
1.1 [2005-01-27]
- Fixed crasher when outgoing connection couldn't be established
- Removed erroneous chown line from clamsmtpd.sh
Changes to the Cyrus IMAP Server since 2.4.10
* fixed replication recovery from different messages at the each end
* Bug #3489 - fixed quotalegacy handling of prefixes so only exact
subfolders match
* Bug #3498 - fixed deletion of users quota files with
unixheriarchysep enabled, thanks Leena Heino
* Bug #3491 - NOOP and UNAUTHENTICATE for timsieved, thanks Dilyan
Palauzov
* Bug #3492 - better response codes for timsieved, thanks Dilyan
Palauzov
* Bug #3497 - fix cmd syslog from master, thanks Kristof Katus
* Bug #3503 - compilation of perl libraries on dragonfly and freebsd,
thanks OBATA Akio
* Bug #3451 - allow CC to have spaces
* Bug #3505 - fix sync_reset, thanks David Carter
* Bug #3506 - use literal+ for sync_(client|server), thanks David
Carter
* Bug #3300 - use portable function for TCP constants, thanks OBATA
Akio
* Bug #3507 - fix replication recovery with non-delayed expunge,
thanks Julien Coloos
* Bug #3495 - improved duplicate suppression, thanks Kristof Katus
* Bug #2772/3463 - fixed crashes in THREAD by correcting folding of
references headers
* Bug #3439 - fix ugly syslog message for vacation
* Bug #3499 - options to disable namespaces to reduce load on big
servers with no shared folders. Thanks Olivier ROLAND
* Changed skiplist to truncate old files after checkpoint, which can
save disk space on tmpfs or small ssds when old copies were held
open by other processes
* Made Cyrus more robust against corruption in mailboxes.db data, so
it will return an error rather than crashing on invalid entries
* Fix for CVE-2011-3208, a remotely exploitable buffer overflow in
nntpd - thanks Coverity
(add an patch to fix compilation on perl 5.14)
Changes to the Cyrus IMAP Server since 2.3.16
* Fix for CVE-2011-3208, a remotely exploitable buffer overflow in
nntpd
2011-03-26 Jeffrey Stedfast <fejj@novell.com>
* README: Bumped version
* configure.in: Bumped version to 2.4.24
* build/vs2008/gmime.vcproj: Bumped version.
* gmime/gmime-gpg-context.c (gpg_ctx_parse_signer_info): Fixed to
actually set the signer status. Fixes bug #645787, based on an
initial patch by Thomas Jost.
2011-03-14 Jeffrey Stedfast <fejj@novell.com>
* configure.in: Check for glib-sharp-2.0 instead of gtk-sharp-2.0
since we really only depend on glib-sharp. Also check for gapi-2.0
via pkgconfig.
* mono/gmime-sharp.dll.config.in: Dll map the .so.MajorVersion
instead of .so.Version.
[An on-line version of this announcement will be available at
http://www.postfix.org/announcements/postfix-2.8.5.html]
Postfix stable release 2.8.5, 2.7.6, 2.6.12, and 2.5.15 are available.
These contain fixes and workarounds for the Postfix Milter client
that were already included with the Postfix 2.9 experimental release.
* The Postfix Milter client logged a "milter miltername: malformed
reply" error when a Milter sent an SMTP response without
enhanced status code (i.e. "XXX Text" instead of "XXX X.X.X
Text").
* The Postfix Milter client sent a random {client_connections}
macro value when the remote SMTP client was not subject to
any smtpd_client_* limit. As a workaround, it now sends a
zero value instead.
* doveadm: Added support for running mail commands by proxying to
another doveadm server.
* Added "doveadm proxy list" and "doveadm proxy kick" commands to
list/kick proxy connections (via a new "ipc" service).
* Added "doveadm director move" to assign user from one server to
another, killing any existing connections.
* Added "doveadm director ring status" command.
* userdb extra fields can now return name+=value to append to an
existing name, e.g. "mail_plugins+= quota".
* script-login attempted an unnecessary config lookup, which usually
failed with "Permission denied".
* lmtp: Fixed parsing quoted strings with spaces as local-part for
MAIL FROM and RCPT TO.
* imap: FETCH BODY[HEADER.FIELDS (..)] may have crashed or not
returned all data sometimes.
* ldap: Fixed random assert-crashing with with sasl_bind=yes.
* Fixes to handling mail chroots
* Fixed renaming mailboxes under different parent with FS layout when
using separate ALT, INDEX or CONTROL paths.
* zlib: Fixed reading concatenated .gz files.
Changes since version 6.3.20:
- The IMAP client no longer inserts NUL bytes into the last line of a
message when it is not closed with a LF or CRLF sequence. Reported
by Antoine Levitt. As a side effect of the fix, and in order to
avoid a full rewrite, fetchmail will now CRLF-terminate the last
line fetched through IMAP, even if it is originally not terminated
by LF or CRLF. This bears no relevance if your messages end up in
mbox, but adds line termination for storages (like Maildir) that do
not require that the last line be LF- or CRLF-terminated.
Release notes for 6.0:
Thunderbird is based on the new Mozilla Gecko 6 engine
Several theme improvements for Windows 7
Support for Windows 7 Jump lists
Several fixes when importing email from Microsoft Outlook
Default mail client check now works with newer Linux distributions
Various other user interface fixes and improvements
Numerous platform fixes that improve speed, performance, stability and security
Release notes for 5.0:
More responsive and faster to start up and use
Thunderbird is based on the new Mozilla Gecko 5 engine
New Add-ons Manager
Revised account creation wizard to improve email setup
New Troubleshooting Information page
Tabs can now be reordered and dragged to different windows
Attachment sizes now displayed along with attachments
Plugins can now be loaded in RSS feeds by default
There are several theme fixes for Windows Vista and Windows 7
Support for Mac 32/64 bit Universal builds (Thunderbird no longer supports PowerPC on Mac)
Over 390 platform fixes that improve speed, performance, stability and security
- Fix parsing bug: https://rt.cpan.org/Ticket/Display.html?id=66025
- Fix typo: https://rt.cpan.org/Ticket/Display.html?id=65387
- Fix unit tests on Perl 5.8.x: https://rt.cpan.org/Ticket/Display.html?id=66188
- Fix unit test failure on Win32: (https://rt.cpan.org/Ticket/Display.html?id=66286)
- Add build_requires 'Test::Deep'; to Makefile (rt.cpan.org #64659)
- Fix spelling errors (rt.cpan.org #64610)
- Fix double-decoding bug when decoding RFC-2231-encoded parameters
(rt.cpan.org #65162)
- Fix inappropriate inclusion of CR characters in parsed headers
(rt.cpan.org #65681)
- Document that MIME::WordDecoder is mostly deprecated.
- Document that MIME::Head->get(...) can include a trailing newline.
- Increase buffer size from 2kB to 8kB in MIME::Entity and MIME::Body
(part of rt.cpan.org #65162)
- (cleanup) IO-Stringy (specifically, IO::ScalarArray, IO::Lines, and
IO::InnerFile) is no longer used
- (ticket 22684) Fix deadlock in filter() when invoking external
programs such as gzip. (Alexey Tourbin <at -at- altlinux.ru>)
- Remove auto_install from Makefile.PL
- (ticket 60931) If preamble is empty, make sure it's still empty after roundtripping through MIME::Entity
- (ticket 63739) Properly decude RFC2231 encodings in attachment filenames
Postfix stable release 2.8.4 is available. This contains fixes and
workarounds that were already included with the Postfix 2.9
experimental release. Where applicable these fixes will also be
made available for the legacy releases Postfix 2.5..2.7.
* Performance: a high load of DSN success notification requests
could slow down the queue manager. Solution: make the trace
client asynchronous, just like the bounce and defer clients.
* The local(8) delivery agent ignored table lookup errors in
mailbox_command_maps, mailbox_transport_maps, fallback_transport_maps
and (while bouncing mail to alias) alias owner lookup.
* Workaround: dbl.spamhaus.org rejects lookups with "No IP
queries" even if the name has an alphanumerical prefix. We
play safe, and skip both RHSBL and RHSWL queries for names
ending in a numerical suffix.
* The "sendmail -t" command reported "protocol error" instead
of "file too large", "no space left on device" etc.
* The Postfix Milter client reported a temporary error instead
of "file too large" in three cases.
* Linux kernel version 3 support. Linus Torvalds has reset the
counters for reasons not related to changes in code.
You can find the updated Postfix source code at the mirrors listed
at http://www.postfix.org/.
* In mimedefang.c, truncate overlong responses from the multiplexor. Also sanitize replies so "\r" doesn't get fed to smfi_setmlreply.
* If a slave process replies with a very long reply, have the multiplexor consume (and discard) the excess input so the multiplexor-to-slave protocol does not become de-synchronized.
* When mimedefang becomes a daemon, have it wait for a "go/no-go" message from the child before exiting. This should eliminate race conditions whereby the MTA starts before the milter socket is present.
* Avoid run-time errors from Unix::Syslog on some platforms.
Version 1.4.22 - 12 July 2011
-----------------------------
- Backported default timezone fix from version 1.5.2; helps mitigate
timezone errors in environments where a default has not been set
by the administrator.
- Fixed system lock-ups caused by a combination of certain rare,
malformed message headers and buggy versions of PHP mbstring
(#3053349).
- Now allow multiple plugins to handle (add links for) a single
attachment MIME type.
- Now allow administrators to disable all plugins or enable just
a select few plugins (overriding the active plugins in the normal
configuration) by setting $temporary_plugins as an empty array
(all disabled) or an array with one or more plugin directory names
in config_local.php.
- Backport fix for call_user_func_array not supporting NULL as empty
array in PHP 5.3.3
- Fixed sqauth_read_password() for plugins on the login_verified hook.
- Added SMTP SASL PLAIN authentication option to configuration tool
(core support for such is not new).
- Gmail doens't support standard search commands; removed sort buttons.
- Forced addition of a file suffix to attachments that lack a filename
(helps forwarded messages avoid spam filters) (thanks to Petr
Kletecka) (#3139004).
- Fixed missing security token in listcommands plugin.
- Added smtp_auth hook (thanks to Emmanuel Dreyfus).
- Made speed enhancements to threaded message display (thanks to Siim
Poder) (#3288123).
- Allow administrators to configure subfolders of user INBOXes to be
treated as special folders by adding $subfolders_of_inbox_are_special
to config_local.php.
- Fixed incorrect display of INBOX subfolders under some configurations.
IMPORTANT: You may need to update your configuration so that
$default_sub_of_inbox is TRUE if it was FALSE (e.g., Courier IMAP users)
and after updating to this version, your special folders are no longer
listed at the top of your folder list. Also, if this change prevents
users from logging in with an error such as "ERROR: Could not complete
request. Query: CREATE "Trash" Reason Given: Invalid mailbox name.",
you will need to correct the user preference values for the problem
folders. You can do so with commands such as the following for file-
based preferences (adjust the data directory location as needed):
find /var/lib/squirrelmail/data/ -name *.pref -exec sed --in-place 's/trash_folder=Trash/trash_folder=INBOX.Trash/g' {} \;
find /var/lib/squirrelmail/data/ -name *.pref -exec sed --in-place 's/trash_folder=Drafts/trash_folder=INBOX.Drafts/g' {} \;
find /var/lib/squirrelmail/data/ -name *.pref -exec sed --in-place 's/trash_folder=Sent/trash_folder=INBOX.Sent/g' {} \;
Or, for database-based preferences:
UPDATE userprefs SET prefval = 'INBOX.Trash' WHERE prefkey = 'trash_folder' AND prefval = 'Trash';
UPDATE userprefs SET prefval = 'INBOX.Drafts' WHERE prefkey = 'draft_folder' AND prefval = 'Drafts';
UPDATE userprefs SET prefval = 'INBOX.Sent' WHERE prefkey = 'sent_folder' AND prefval = 'Sent';
MAKE SURE to back up your user preferences first!
- Optimized message highlighting rules; faster message list display
and faster highlight rules management (thanks to C. Bensend for
extensive effort helping diagnose)
- New Mail plugin no longer removes normal organization title when
putting the number of new messages in the browser title
- Added clickjacking protection (thanks to Asbjorn Thorsen and Geir
Hansen for bringing this to our attention). [CVE-2010-4554]
- Fixed XSS holes in generic options inputs, XSS hole in the SquirrelSpell
plugin, XSS hole in the Index Order page, and added anti-CSRF protection
to the empty trash feature and the Index Order page (thanks to Nicholas
Carlini for finding all these issues). [CVE-2010-4555]
- Fixed XSS problem with unsanitized style tags in messages. [CVE-2011-2023]
While here,
* Exactly enable/disable PCRE support with package option, enabled by default.
* Add workaround patches for PR#44275, sizeof(time_t) > sizeof(unsigned long).
Changes to the Cyrus IMAP Server since 2.4.9
* fixed handling of unparsable emails during append (which would
cause invalid cyrus.index records otherwise)
* quota: fix a pile of bugs. #1801, virtdomain support; #2728, slow
user delete; #3178, "file name too long" with big mailbox names;
#3179, quota -f doubles usage.
* Bug #3043 - parse multiple groups in headers correctly
* Bug #3158 - lmtp backend connection timeout
* Bug #3223 - limit MIME parsing depth to avoid stack overflows
* Bug #3273 - add SORT=DISPLAY support (but note: still questions
about correctness of unicode sorting)
* Bug #3504 - convert all sieve scripts to \r\n line endings on
upload
* Bug #3402 - options to munge 8bit characters in headers during lmtp
delivery to avoid backscatter
* sync_client: fix broken keepalive TCP options (I doubt anyone ever
tried to use it)
* Bug #3482 - add "-o" option to ipurge to only purge messages with
\Deleted flag set
