- Added support for TLS anonymous authentication.
Thanks Uffe Jakobsen.
- Fixed sendmail wrapper handling of empty sender on command line.
Thanks Sebastian Wiedenroth.
- Fixed handling of quoted strings in the "remotes" file.
Thanks Mihai Moldovan.
- Fixed nullmailer-inject handling of leading "From " lines.
- Some build fixes.
- Fixed bogus temporary gethostbyname error message when the protocol
source address was incorrect.
- Fixed potential race condition in tests.
Thanks Felix Lechner.
- Fixed handling of time values on 32-bit big-endian systems.
Thanks Felix Lechner.
- Added support to nullmailer-send to move permanently failing messages
out of the queue, and to generate bounce messages.
- Added support for IPv6.
- Added program to generate bounce/delay messages.
- Added an "allmailfrom" control file to nullmailer-queue, causing all
messages to share a hard-coded envelope sender.
- Added logging the message sender/recipient in nullmailer-send.
- Improved handling of system errors when reading config files.
- Secured handling of password options for protocol modules.
- Support standard shell quoting for options in the "remotes" file.
- Added protocol option to set a separate TLS client private key file.
- Added protocol option to bind the source address on connections.
- Fixed nullmailer-inject to report errors to stderr.
- Fixed gnutls cast to pointer from integer of different size warning.
- Fixed nullmailer-inject and -queue to handle the null (empty) sender
address. Needed for RFC 3798 (Message Disposition Notification).
- Moved spool directory to /var/spool/nullmailer like other MTAs.
2.2.33.2:
- doveadm: Fix crash in proxying (or dsync replication) if remote is
running older than v2.2.33
- auth: Fix memory leak in %{ldap_dn}
- dict-sql: Fix data types to work correctly with Cassandra
Changes in 2.4.19:
* Complete backport of the new (2.5 and later) IMAP IDLE implementation
(thanks Thomas Jarosh). This fixes a bunch of bugs and race conditions
that were inherent to the older implementation
* New option "imapidletimeout" overrides "timeout" specifically for
connections in IDLE state
* OpenSSL 1.1.0 is now supported
* Fixed: imap ENABLED doesn't print * ENABLED when nothing new enabled
* Fixed: mailbox lock management over rename (thanks Thomas Jarosh)
* Fixed: added overflow protection to urlfetch range checks
* Fixed: lmtpd can now deliver when mupdate server isn't available
(thanks Michael Menge)
* Fixed task 227: service processes no longer divide by zero when
invoked with -T 0 argument (thanks Ian Batten and Jens Erat)
* Fixed task 229: ctl_cyrusdb now uses database paths from imapd.conf
(thanks Simon Matter)
* Fixed bug #3862: mailbox database changes now rolled back on mupdate
failure during rename (thanks Michael Menge)
* Fixed: XFER to 2.5 and later no longer downgrades index to oldest version
* Fixed: nonsensical "TEXT.MIME" section now handled as "HEADER"
* Fixed: added missing 'auditlog: ' prefix to backend connections
(thanks Wolfgang Breyha)
* Fixed: IMAP SEARCH crash on some platforms
* Fixed: memory leaks in IMAP SEARCH and IMAP APPEND
* Fixed Issue #1967: EXISTS count reported earlier if fetching past size
of previous message set
Changes in 2.4.20:
* Fixed: lmtpd crash
* Fixed: auth_pts will now error if its configured socket path is too
long for its buffer
[An on-line version of this announcement will be available at
http://www.postfix.org/announcements/postfix-3.2.3.html]
This announcement concerns fixes for problems that were introduced
with Postfix 3.2. Older releases are unaffected.
Fixed in Postfix 3.2 and later:
* Extension propagation was broken with "recipient_delimiter = .".
This change reverts a change that was trying to be too clever.
* The postqueue command would abort with a panic message after it
experienced an output write error while listing the mail queue.
This change restores a write error check that was lost with the
Postfix 3.2 rewrite of the vbuf_print formatter.
* Restored sanity checks for dynamically-specified width and precision
in format strings (%*, %.*, and %*.*). These checks were lost with
the Postfix 3.2 rewrite of the vbuf_print formatter.
v0.4.21:
* redirect action: Always set the X-Sieve-Redirected-From header to
sieve_user_email if configured. Before, it would use the envelope recipient
instead if available, which makes no sense if the primary e-mail address is
available.
+ vacation extension: Allow ignoring the envelope sender while composing the
"To:" header for the reply. Normally, the "To:" header is composed from
the address found in the "Sender", "Resent-From" or "From" headers that is
equal to the envelope sender. If none is then found, the bare envelope
sender is used. This change adds a new setting
"sieve_vacation_to_header_ignore_envelope". With this setting enabled, the
"To:" header is always composed from those headers in the source message.
The new setting thus allows ignoring the envelope, which is useful e.g.
when SRS is used.
+ vacation extension: Compose the "To:" header from the full sender address
found in the first "Sender:", "From:" or "Resent-From:" header. Before, it
would create a "To:" header without a phrase part. The new behavior is
nicer, since the reply will be addressed to the sender by name if possible.
- LDA Sieve plugin: Fixed sequential execution of LDAP-based scripts. A
missing LDAP-based script could cause the script sequence to exit earlier.
- sieve-filter: Removed the (now) duplicate utf8 to mutf7 mailbox name
conversion. This caused problems with mailbox names containing UTF-8
characters. The Dovecot API was changed years ago, but apparently
sieve-filter was never updated.
v2.2.33.1:
- dovecot-lda was logging to stderr instead of to the log file.
v2.2.33:
* doveadm director commands wait for the changes to be visible in the
whole ring before they return. This is especially useful in testing.
* Environments listed in import_environment setting are now set or
preserved when executing standalone commands (e.g. doveadm)
+ doveadm proxy: Support proxying logs. Previously the logs were
visible only in the backend's logs.
+ Added %{if}, see https://wiki2.dovecot.org/Variables#Conditionals
+ Added a new notify_status plugin, which can be used to update dict
with current status of a mailbox when it changes. See
https://wiki2.dovecot.org/Plugins/NotifyStatus
+ Mailbox list index can be disabled for a namespace by appending
":LISTINDEX=" to location setting.
+ dsync/imapc: Added dsync_hashed_headers setting to specify which
headers are used to match emails.
+ pop3-migration: Add pop3_migration_ignore_extra_uidls=yes to ignore
mails that are visible in POP3 but not IMAP. This could happen if
new mails were delivered during the migration run.
+ pop3-migration: Further improvements to help with Zimbra
+ pop3-migration: Cache POP3 UIDLs in imapc's dovecot.index.cache
if indexes are enabled. These are used to optimize incremental syncs.
+ cassandra, dict-sql: Use prepared statements if protocol version>3.
+ auth: Added %{ldap_dn} variable for passdb/userdb ldap
- acl: The "create" (k) permission in global acl-file was sometimes
ignored, allowing users to create mailboxes when they shouldn't have.
- sdbox: Mails were always opened when expunging, unless
mail_attachment_fs was explicitly set to empty.
- lmtp/doveadm proxy: hostip passdb field was ignored, which caused
unnecessary DNS lookups if host field wasn't an IP
- lmtp proxy: Fix crash when receiving unexpected reply in RCPT TO
- quota_clone: Update also when quota is unlimited (broken in v2.2.31)
- mbox, zlib: Fix assert-crash when accessing compressed mbox
- doveadm director kick -f parameter didn't work
- doveadm director flush <host> resulted flushing all hosts, if <host>
wasn't an IP address.
- director: Various fixes to handling backend/director changes at
abnormal times, especially while ring was unsynced. These could have
resulted in crashes, non-optimal behavior or ignoring some of the
changes.
- director: Use less CPU in imap-login processes when moving/kicking
many users.
- lmtp: Session IDs were duplicated/confusing with multiple RCPT TOs
when lmtp_rcpt_check_quota=yes
- doveadm sync -1 fails when local mailboxes exist that do not exist
remotely. This commonly happened when lazy_expunge mailbox was
autocreated when incremental sync expunged mails.
- pop3: rawlog_dir setting didn't work
1.0.1:
+ Extended experimental support for ARC results
1.0.0:
+ Added initial experimental support for ARC results
+ Swith to sematic versioning scheme and only set version in setup.py and
__init__
1.1:
Drop support for Python 3.4.
As per RFC 5321, §4.1.4, multiple HELO / EHLO commands in the same session are semantically equivalent to RSET.
As per RFC 5321, $4.1.1.9, NOOP takes an optional argument, which is ignored. API BREAK If you have a handler that implements handle_NOOP(), it previously took zero arguments but now requires a single argument.
The command line options --version / -v has been added to print the package’s current version number.
General improvements in the Controller class.
When aiosmtpd handles a STARTTLS it must arrange for the original transport to be closed when the wrapped transport is closed. This fixes a hidden exception which occurs when an EOF is received on the original tranport after the connection is lost.
Widen the catch of ConnectionResetError and CancelledError to also catch such errors from handler methods.
Added a manpage for the aiosmtpd command line script.
Added much better support for the HELP. There’s a new decorator called @syntax() which you can use in derived classes to decorate smtp_*() methods. These then show up in HELP responses. This also fixes HELP responses for the LMTP subclass.
The Controller class now takes an optional keyword argument ssl_context which is passed directly to the asyncio create_server() call.
Features:
- Limits rate of automatic responses (defaults to a maximum of one
message every hour).
- Will not respond to nearly every type of mailing list or bulk email.
- Will not respond to bounce messages or MAILER-DAEMON.
- Bounces looping messages.
- Can insert the original subject into the response.
- Can copy original message into response.
- Can use links in the rate-limiting data directory to limit inode usage
to a single inode.
- Can limit responses to a certain date/time range.
Changes since version 1.9.0:
This is a bug fix release, coming shortly after the last release due to
a possible segfault fix with IMAP. There are also fixes for the trash
folder, imap_poll_timeout, and GMail flags notifications.
version 0.97: Thu 2 Feb 15:52:27 CET 2017
Improvements:
- spell checks from Debian.
rt.cpan.org#118328 [Angel Abad]
- share podtail with MailBox
version 0.96: Mon Sep 19 23:15:07 CEST 2016
Fixes:
- include examples in the manual-pages
version 0.95:
Improvements:
- move t/99pod.t to xt/ and remove dependency on Test::Pod
- spell checks from Debian.
rt.cpan.org#92483 [Salvatore Bonaccorso]
0.13 Mon Jan 4 11:44:52 CET 2016
-fix: Escape braces in regexp / Debian bug#809102 / CPAN bug #110664
Unescaped braces in regexp are deprecated and issue a warning when used in Perl 5.22.
-fix: typo CPAN bug #110668 Debian
--- 1.999.1 (2006-02-26 18:00)
Mail::SPF::Query:
* Do not use \p{} named properties in the "a" and "mx" mechanisms' argument
validation code, since Perl 5.6 requires (flaky) "use utf8" for them to
work, and [a-z]/[a-z0-9] should work just as well (closes rt.cpan.org bug
#17815).
* Some minor documentation formatting improvements.
Debian:
+ Added watch file.
0.80 2017-08-20 NEILB
- NEILB got co-maint to do a release that includes META.yml and META.json.
- Switched to Dist::Zilla.
- Added COPYRIGHT section to pod.
- Fixed the NAME section in pod to follow expected format.
- Added "use warnings" and fixed all the warnings.
- Manually set $VERSION, as it's used in the code
0.79_16 2006-07-08 MIVKOVIC
- experimental SMTP AUTH support (LOGIN PLAIN CRAM-MD5 DIGEST-MD5)
- Fix bug where one refused RCPT TO: would abort everything
- send EHLO, and parse response (for later AUTH implementation)
- better handling of multi-line responses, and better error-messages
- Also normalize line endings in headers
- Now keeps the Sender header if it was used. Previous versions
only used it for the MAIL FROM: command and deleted it.
- No space between "MAIL FROM:" or "RCPT TO:" and address.
version 3.003: Thu 29 Jun 15:18:15 CEST 2017
Fixes:
- change license back to "perl" after accidental change
rt.cpan.org#120319 [Jitka Plesnikova]
version 3.002: Fri 31 Mar 14:22:17 CEST 2017
Fixes:
- repair test on Windows again :(
- error while global destruction of locker
- show installed version of POP3, not POP4 (of course)
rt.cpan.org#120651 [Kent Fredric]
version 3.001: Mon 6 Feb 17:07:53 CET 2017
Fixes:
- test on windows, cause the path syntax differences
- posix lock on BSD [Slaven Rezic]
- SEE ALSO links broken.
rt.cpan.org#120119 [Christophe Deroulers]
- do not test multi-lock on BSDs
Improvements:
- Mail::Box::Locker* cleaner OO
- ::Locker::Multi uses FcntlLock, not POSIX by default
version 3.000: Thu 2 Feb 15:50:36 CET 2017
Changes:
- split Mail::Box 2* into separate distributions:
Mail::Box basic and simple mail folders
Mail::Message only message handling
Mail::Transport sending messages
Mail::Box::IMAP4 net-imap folders
Mail::Box::POP3 pop3(s) folders
Mail::Box::Dbx Outlook express folders (unpublished)
- simplify structure of tests
- do not ask questions during installation
- shared footer
1.946 2017-08-31 09:29:41-04:00 America/New_York
- propagate encode_check to subparts (thanks, Michael McClimon)
- use the new parse_content_disposition function in
Email::MIME::ContentType (thanks, Pali Rohár)
- fix a bug in AddressList handling (thanks, Pali Rohár)
This module implements RFC 2822 parser and formatter of email
addresses and groups. It parses an input string from email headers
which contain a list of email addresses or a groups of email addresses
(like From, To, Cc, Bcc, Reply-To, Sender, ...). Also it can generate
a string value for those headers from a list of email addresses
objects.
Parser and formatter functionality is implemented in XS and uses
shared code from Dovecot IMAP server.
2017-09-12 Richard Russon <rich@flatcap.org>
* Bug Fixes
- broken check on resend message
- crash in vfolder-from-query
* Build
- Be more formal about quoting in m4 macros
- fix warnings raised by gcc7
- notmuch: add support for the v5 API
RELEASE 1.2.6
-------------
- Don't ignore (global) userlogins/sendmail logging in per_user_logging mode
- Managesieve: Fix AM/PM suffix in vacation time selectors
- Fix bug where comment notation within style tag would cause the whole style
to be ignored (#5747)
- Fix bug where it wasn't possible to scroll folders list in Edge (#5750)
- Fix addressbook searching by gender (#5757)
- Fix SQL syntax error on MariaDB 10.2 (#5774)
- Fix bug where it wasn't possible to set timezone to auto-detected value
(#5782)
- Fix uninitialized string offset in rcube_utils::bin2ascii() and make sure
rcube_utils::random_bytes() result has always requested length (#5788)
- Fix potential XSS vulnerability with malformed HTML message markup
2017-09-07 Richard Russon <rich@flatcap.org>
* Contrib
- Add guix build support
* Bug Fixes
- Only match real mailboxes when looking for new mail
- Fix the printing of ncurses version in -v output
- Bind editor \<delete\> to delete-char
- Fix overflowing colours
- Fix empty In-Reply-To generation
- Trim trailing slash from completed dirs
- Add guix-neomutt.scm
- Fix setting custom query_type in notmuch query
* Website
- New technical documentation LINK
- Improve Gentoo distro page
* Build
- Better curses identification
- Use the system's wchar_t support
- Use the system's md5 tool (or equivalent)
- Clean up configure.ac
- Teach gen-map-doc about the new opcode header
* Source
- Rename functions (snake_case)
- Rename constants/defines (UPPER_CASE)
- Create library of shared functions
- Much tidying
- Rename globals to match user config
- Drop unnecessary functions/macros
- Use a standard list implementation
- Coverity fixes
- Use explicit NUL for string terminators
- Drop OPS\* in favour of opcodes.h
* Upstream
- Fix menu color calls to occur before positioning the cursor
- When guessing an attachment type, don't allow text/plain if there is a null character
- Add $imap_poll_timeout to allow mailbox polling to time out
- Handle error if REGCOMP in pager fails when resizing
- Change recvattach to allow nested encryption
- Fix attachment check_traditional and extract_keys operations
- Add edit-content-type helper and warning for decrypted attachments
- Add option to run command to query attachment mime type
- Add warning about using inline pgp with format=flowed
+ $ssl_verify_partial_chains permits verifying partial certificate chains.
This allows the storage of only intermediate/host certificates in the
$certificate_file. (OpenSSL 1.0.2b and newer only)
! SNI support added for OpenSSL and GnuTLS.
+ Choice and confirmation prompts can now wrap across multiple lines.
+ Window resizes are handled while in the line editor.
+ "color compose" can color the compose menu header fields and the
security status. See "Using Color and Mono Video Attributes" in the
manual for more details.
+ Setting $header_color_partial allows partial coloring of headers in the
pager. This can be used to color just the header labels, or strings
inside the headers. hdrdefault controls the color of the unmatched part.
+ When $history_remove_dups is set, duplicates in the history ring will
be scanned and removed each time a new entry is added.
! IMAP header downloading was improved to support out-of-order and
missing MSN entries.
! $message_cache_clean should be faster for large mailboxes.
+ Self-encryption can be enabled using the $pgp_self_encrypt,
$pgp_self_encrypt_as, $smime_self_encrypt, and $smime_self_encrypt_as
options.
! $postpone_encrypt now will use the $pgp_self_encrypt_as or
$smime_self_encrypt_as option values first. $postpone_encrypt_as will
be checked second, but should be considered deprecated.
+ $forward_attribution_intro and $forward_attribution_trailer can be used
to customize the message preceding and following a forwarded message.
+ The ~<() and ~>() pattern operators match messages whose immediate parent,
or immediate children respectively, match the subpattern inside ().
They are more specific versions of the ~() pattern operator.
+ $imap_poll_timeout allow IMAP mailbox polling to time out. This defaults
to 15 seconds.
+ The attachment menu now supports nested encryption. This allows
attachments in nested encrypted messages to be saved or operated on.
+ $mime_type_query_command specifies a command to run to determine
a new attachment's mime type. When $mime_type_query_first is set,
this command will be run before looking at the mime.types file.
Changelog v0.4.20:
+ Made the retention period for redirect duplicate identifiers
configurable. For accounts that perform many redirects, the lda-dupes
database could grow to impractical sizes. Changed the default
retention period from 24 to 12 hours.
- sieve-filter: Fixed memory leak: forgot to clean up script binary at
end of execution. Normally, this would merely be an inconsequential
memory leak. However, when the script comes from an LDAP storage, this
would cause io leak warnings.
- managesieve-login: Fixed handling of AUTHENTICATE command. A second
authenticate command would be parsed wrong. This problem was caused by
changes in the previous release.
- LDA Sieve plugin: Fixed minor memory leak caused by not cleaning up
the sieve_discard script.
msmtp provides MacOS X Keychain support by using the configuration
option `--with-macosx-keyring`. With this setting enabled passwords
for msmtp can be stored in the MacOS X keychain.
From Thomas Merkel in NetBSD/pkgsrc#14
There are various changes in this release that can be used to significantly reduce disk IO with:
1) NFS storage especially, but I guess also other remote filesystems and even some with local disks
2) When mail storage and INDEX storage are separated
* imapc: Info-level line is logged every time when successfully
connected to the remote server. This includes local/remote IP/port,
which can be useful for matching against external logs.
* config: Log a warning if plugin { key=no } is used explicitly.
v2.3 will support "no" properly in plugin settings, but for now
any value at all for a boolean plugin setting is treated as "yes",
even if it's written as explicit "no". This change will now warn
that it most likely won't work as intended.
+ Various optimizations to avoid accessing files/directories when it's
not necessary. Especially avoid accessing mail root directories when
INDEX directories point to a different filesystem.
+ mail_location can now include ITERINDEX parameter. This tells Dovecot
to perform mailbox listing from the INDEX path instead of from the
mail root path. It's mainly useful when the INDEX storage is on a
faster storage.
+ mail_location can now include VOLATILEDIR=<path> parameter. This
is used for creating lock files and in future potentially other
files that don't need to exist permanently. The path could point to
tmpfs for example. This is especially useful to avoid creating lock
files to NFS or other remote filesystems. For example:
mail_location=sdbox:~/sdbox:VOLATILEDIR=/tmp/volatile/%2.256Nu/%u
+ mail_location's LISTINDEX=<path> can now contain a full path.
This allows storing mailbox list index to a different storage
than the rest of the indexes, for example to tmpfs.
+ mail_location can now include NO-NOSELECT parameter. This
automatically deletes any \NoSelect mailboxes that have no children.
These mailboxes are sometimes confusing to users.
+ mail_location can now include BROKENCHAR=<char> parameter. This can
be useful with imapc to access mailbox names that aren't valid mUTF-7
charset from remote servers.
+ If mailbox_list_index_very_dirty_syncs=yes, the list index is no
longer refreshed against filesystem when listing mailboxes. This
allows the mailbox listing to be done entirely by only reading the
mailbox list index.
+ Added mailbox_list_index_include_inbox setting to control whether
INBOX's STATUS information should be cached in the mailbox list
index. The default is "no", but it may be useful to change it to
"yes", especially if LISTINDEX points to tmpfs.
+ userdb can return chdir=<path>, which override mail_home for the
chdir location. This can be useful to avoid accessing home directory
on login.
+ userdb can return postlogin=<socket> to specify per-user imap/pop3
postlogin socket path.
+ cassandra: Add support for result paging by adding page_size=<n>
parameter to the connect setting.
+ dsync/imapc, pop3-migration plugin: Strip also trailing tabs from
headers when matching mails. This helps with migrations from Zimbra.
+ imap_logout_format supports now %{appended} and %{autoexpunged}
+ virtual plugin: Optimize IDLE to use mailbox list index for finding
out when something has changed.
+ Added apparmor plugin. See https://wiki2.dovecot.org/Plugins/Apparmor
- virtual plugin: A lot of fixes. In many cases it was also working
very inefficiently or even incorrectly.
- imap: NOTIFY parameter parsing was incorrectly "fixed" in v2.2.31.
It was actually (mostly) working in previous versions, but broken
in v2.2.31.
- Modseq tracking didn't always work correctly. This could have caused
imap unhibernation to fail or IMAP QRESYNC/CONDSTORE extensions to
not work perfectly.
- mdbox: "Inconsistency in map index" wasn't fixed automatically
- dict-ldap: %variable values used in the LDAP filter weren't escaped.
- quota=count: quota_warning = -storage=.. was never executed (try 2).
v2.2.31 fixed it for -messages, but not for -storage.
- imapc: >= 32 kB mail bodies were supposed to be cached for subsequent
FETCHes, but weren't.
- quota-status service didn't support recipient_delimiter
- acl: Don't access dovecot-acl-list files with acl_globals_only=yes
- mail_location: If INDEX dir is set, mailbox deletion deletes its
childrens' indexes. For example if "box" is deleted, "box/child"
index directory was deleted as well (but mails were preserved).
- director: v2.2.31 caused rapid reconnection loops to directors
that were down.
Changelog:
Fixed
Unwanted inline images shown in rogue SPAM messages
Fixed
Deleting message from the POP3 server not working when maildir storage was used
Fixed
Message disposition flag (replied / forwarded) lost when reply or forwarded message was stored as draft and draft was sent later
Fixed
Inline images not scaled to fit when printing
Fixed
Selected text from another message sometimes included in a reply
Fixed
No authorisation prompt displayed when inserting image into email body although image URL requires authentication
Fixed
Large attachments taking a long time to open under some circumstances
Fixed
Various security fixes
This project uses a Perl-style Configure script that can use a
custom config.sh to provide default answers to questions that it
asks as part of the configuration process. Modify the custom
${FILESDIR}/config.sh to allow substituting for @PKGMANDIR@ in the
default location for unformatted manpages.
Upstream changes:
1.021 2017-08-02 19:35:56-04:00 America/New_York
- reject non-ASCII and control characters in strict mode (thanks, Pali
Roh獺r)
1.020 2017-07-25 12:39:31-04:00 America/New_York
- unbreak Email::MIME (which violates encapsulation (again))
- eliminate some @_ / $_ confusion
1.019 2017-07-06 16:06:19-04:00 America/New_York (TRIAL RELEASE)
- better parsing all around, thanks to Pali Roh獺r:
- support for RFC 2231 (character set and parameter continuations)
- support for RFC 2822 comments
- we only Carp if header-parsing fails now
- we're more lenient in dealing with spaces around tokens
ytnef, programs that use libytnef to parse and handle Microsoft TNEF
attachments.
These are the programs that come with the same distfile as libytnef
and are from the same author.
The changes in patch-ytnef.c has been applied upstream.
patch-ytnef.c has now been removed.
Changes from Changelog:
v1.9.2 - February 23, 2017
Thanks to @hannob for finding some Out-of-bound exceptions in memory handline.
* [SECURITY] An invalid memory access (heap overrun) in handling LONG datatypes (CVE-2017-6800)
* [SECURITY] Missing a check for fields of size 0 (CVE-2017-6801)
* [SECURITY] Potential buffer overrun on incoming Compressed RTF Streams (CVE-2017-6802)
This version & the previous 1.9.1 resolves the following CVEs:
* CVE-2017-6306
* CVE-2017-6305
* CVE-2017-6304
* CVE-2017-6303
* CVE-2017-6302
* CVE-2017-6301
* CVE-2017-6300
* CVE-2017-6299
* CVE-2017-6298
v1.9.1 - Feb 14, 2017
* BugFix for path handling- label both / and \ as invalid characters inattachments
* Remove lots of exit(-1)'s from the code that would crash calling programs
* [SECURITY] Thanks to EricSesterhennX41 for a patch to fix lots of invalid
memory allocation around corrupted files.
v1.9 - January 2, 2017
* Unify libytnef and ytnef tools into a single build & package (Thanks @jmallach)
* Fix applied for CVE-2010-5109
* Various fixes for errors found via Static Analysis (cppcheck)
* Various memory leaks plugged (Thanks @slonik-v-domene)
* Bugfix for a broken "uniqueness" checker
* Lots of formatting & documentation cleanups
Now that the two packages are unified into a single install & build, I've had
to choose a unifier of Version Numbers. I chose 1.9 .
Enigmail 1.9.8
Released 2017-06-30, works with Thunderbird 52.0 & newer and SeaMonkey 2.46 & newer.
Notable Changes
This is a bugfix release. In addition, some locales were updated.
Bugs fixed
This version fixes a bug which blocks the mail sending process.
Notmuch 0.25 (2017-07-25)
=========================
General
-------
Add regexp searching for mid, paths, and tags.
Skip HTML tags when indexing
In particular this avoids indexing large inline images.
Command Line Interface
----------------------
Bash completion is now installed to /usr/share by default.
Allow space as separator for keyword arguments.
Emacs
-----
Support for stashing message timestamp in show and tree views
Invoking `notmuch-show-stash-date` with a prefix argument
stashes the unix timestamp of the current message instead of
the date string.
Don't use 'function' as variable name, workaround emacs bug 26406.
Library Changes
---------------
Add workaround for date parsing of bad input in older GMime
In certain circumstances, older GMime libraries could return
negative numbers when parsing syntactically invalid dates.
Replace deprecated functions with status returning versions
API of notmuch_query_{search,count}_{messages,threads} has
changed. notmuch_query_add_tag_exclude now returns a status
value.
Add support for building against GMime 3.0.
Rename libutil.a to libnotmuch_util.a.
libnotmuch SONAME is incremented to libnotmuch.so.5.
The installed cyradm shell script contained the path to the shell
in the tools directory instead of the system /bin/sh. This
happened as part of the build process by the Perl MakeMaker system
used to build the Cyrus Perl modules. Make the replacement at
post-build time to change it back to /bin/sh.
This fix was mirrored from the identical fix to the cyrus-imapd24
module by jnemeth@pkgsrc.org.
Bump the PKGREVISION of the cyrus-imapd and cyrus-imapd23 packages
due to the change in the installed script.
- Apply the qbiff-utmpx patch to (probably) fix build on FreeBSD
- Enable "qmail-srs" by default
- Add "qmail-customerror", enabled by default
- Move TLS config steps from INSTALL to MESSAGE.tls
Set PKG_SYSCONFSUBDIR where appropriate, and use {MAKE,OWN}_DIRS to
create the directory tree under ${PKG_SYSCONFDIR} instead of using
INSTALLATION_DIRS.
Bump the PKGREVISION of packages that changed due to changes in the
package install scripts.
For all services where we set procname, prefix "nb". This makes it even
harder for observers to fail to notice that this isn't a Life with qmail
install, and happens to match the log tags already being applied.
Bump version.
from /service), the rc.d script can't tell which is ours. Make and use
a pidfile.
(The other rc.d scripts set argv[0] to names that are unlikely to
collide, but there's no easy way to do that for the qmail-send process
exec'd by qmail-start.)
Bump PKGREVISION.
install-destdir and instcheck about the .gz extensions. While here,
handle INSTALL and SENDMAIL docs on case-insensitive filesystems in a
more straightforward way. Bump PKGREVISION.
being terminated with bare LFs, getting tempfailed by some SMTP servers
(such as qmail!), and getting stuck in the local queue. Tweak the EAI
patch to terminate header lines with CRLF, as unpatched qmail-remote
would have done. Submitted upstream. Bump PKGREVISION.
during the build stage, so can't use a simple REPLACE_SH.
This is a build problem that likely is only detected when
PKG_DEVELOPER=YES so bump PKGREVISION anyways.
- Collapse redundant code for invoking service-specific rc.d scripts.
- Don't try to run a service's rc.d script if it isn't enabled in rc.conf.
- Run "pause" in reverse sequence, like "stop" does.
- Support "stat", "pause", and "cont" in qmailqread.
Bump version.
Upstream changes:
1.945 2017-07-25 14:17:32-04:00 America/New_York
- fix encode-check.t to pass under legacy Test::Builder
1.944 2017-07-25 12:38:41-04:00 America/New_York
- non-trial release of header_as_obj changes
- support for supplying a non-croak encode_check (thanks, Matthew
Horsfall)
1.943 2017-06-09 19:00:09-04:00 America/New_York (TRIAL RELEASE)
- add Email::MIME::Header::AddressList and related support code
1.942 2017-03-05 08:15:00-05:00 America/New_York (TRIAL RELEASE)
- This adds ->header_as_obj to get MIME headers out of the header not
as strings, but as objects. The field-to-header mapping can be
amended with the ->set_class_for_header method.
1.941 2017-03-04 19:12:11-05:00 America/New_York (TRIAL RELEASE)
- pointless mistake release
- Remove qmail-qfilter-*-queue shell scripts, which would conflict with
the C programs of the same name included in mail/qmail 1.03nb29 with
the "qmail-rejectutils" option (enabled by default).
- Bump mail/qmail dependency to 1.03nb29.
- Shorten and improve MESSAGE.
Remove unneeded options:
- Unconditionally apply netqmail (which includes a local patch; remove it)
- Unconditionally apply bigdns, maildiruniq, outgoingip, rcptcheck, remote
- Unconditionally apply the TLS + SMTP AUTH _patch_ (not the options)
- Record all applied patches (mandatory and optional) in QMAILPATCHES
- Remove badrcptto, qregex, realrcptto, viruscan (moved to rejectutils)
Simplify packaging:
- Extract a standalone patch <https://schmonz.com/qmail/rejectutils> to
repackage the mutually conflicting recipient- and content-checking
patches as separate programs, along with wrappers for running checks
in sequence
- Extract a standalone patch <https://schmonz.com/qmail/destdir> to
build to a staging area, as non-root, without hardcoded IDs
- Run the destdir patch's `install-destdir` to make or repair the queue
and set special file permissions, obviating the need for a dependency
on mail/queue-fix and handcrafted SPECIAL_PERMS
- While here, run `instcheck` to ensure we've installed just like `make
setup check` as root would have
- Install INSTALL and SENDMAIL docs under their original names,
even on Darwin
- Avoid building catpages, since we don't install them, and remove nroff
from USE_TOOLS
Default-enable more useful options:
- "eai" (new) permits UTF-8 almost everywhere in email
- "qmail-rejectutils" (new) adds several tools for selectively
rejecting messages
- "syncdir" forces synchronous link() and related syscalls
- "tls" and "sasl", instead of causing patch conflicts, cause the TLS
and SMTP AUTH code to be included (!)
2017-07-14 Richard Russon <rich@flatcap.org>
* Translations
- Update German translation
* Docs
- compile-time output: use two lists
- doxygen: add config file
- doxygen: tidy existing comments
* Build
- fix hcachever.sh script
* Upstream
- Fix crash when $postponed is on another server.
2017-07-07 Richard Russon <rich@flatcap.org>
* Features
- Support Gmail's X-GM-RAW server-side search
- Include pattern for broken threads
- Allow sourcing of multiple files
* Contrib
- vombatidae colorscheme
- zenburn colorscheme
- black 256 solarized colorscheme
- neonwolf colorscheme
- Mutt logos
* Bug Fixes
- flags: update the hdr message last
- gpgme S/MIME non-detached signature handling
- menu: the thread tree color
- Uses CurrentFolder to populate LastDir with IMAP
- stabilise sidebar sort order
- colour emails with a '+' in them
- the padding expando '%>'
- Do not set old flag if mark_old is false
- maildir creation
- Decode CRLF line endings to LF when copying headers
- score address pattern do not match personal name
- open attachments in read-only mode
- Add Cc, In-Reply-To, and References to default mailto_allow
- Improve search for mime.types
* Translations
- Update Chinese (Simplified) translation
* Coverity defects
- dodgy buffers
- leaks in lua get/set options
- some resource leaks
* Docs
- update credits
- limitations of new-mail %f expando
- escape <>'s in nested conditions
- add code of conduct
- fix ifdef examples
- update mailmap
- Update modify-labels-then-hide
- fix mailmap
- drop UPDATING files
* Website
- Changes pages (diff)
- Update Arch distro page
- Update NixOS distro page
- Add new Exherbo distro page
- Update translation hi-score table
- Update code of conduct
- Update Newbies page
- Add page about Rebuilding the Documentation
- Add page of hard problems
* Build
- remove unnecessary steps
- drop instdoc script
- move smime_keys into contrib
- fixes for Solaris
- don't delete non-existent files
- remove another reference to devel-notes.txt
- Handle native Solaris GSSAPI.
- drop configure options --enable-exact-address
- drop configure option --with-exec-shell
- drop configure option --enable-nfs-fix
- drop configure option --disable-warnings
- Completely remove dotlock
- More sophisticated check for BDB version + support for DB6 (non default)
* Tidy
- drop VirtIncoming
- split mutt_parse_mailboxes into mutt_parse_unmailboxes
- tidy some buffy code
- tidy the version strings
* Upstream
- Add ~<() and ~>() immediate parent/children patterns
- Add L10N comments to the GNUTLS certificate prompt
- Add more description for the %S and %Z $index_format characters
- Add config vars for forwarded message attribution intro/trailer
- Block SIGWINCH during connect()
- Improve the L10N comment about Sign as
- Auto-pad translation for the GPGME key selection "verify key" headers
- Enable all header fields in the compose menu to be translated
- Force hard redraw after $sendmail instead of calling mutt_endwin
- Make GPGME key selection behavior the same as classic-PGP
- Rename 'sign as' to 'Sign as'; makes compose menu more consistent
- Change the compose menu fields to be dynamically padded
Moll in NetBSD/pkgsrc#4. From the DESCR:
mailsend is a simple command line program to send mail via SMTP protocol.
The program does not use any config file and everything needed to compose
mails (and attachments) is driven via command line parameters.
- bugfix: if password_command parameter was used with a non-existent program,
getmail would error out during the handling of that condition and not report
the problem correctly.
- new release numbering scheme; previous version numbers were just getting
too high.
- catch and ignore/exit cleanly after reset connection in IMAP IDLE mode.
Thanks: Stephan Schulz.
- allow specifying an expected SSL certificate hostname, for when the
server's certificate does not match the domain name used to connect to
it. Thanks: "Andre".
- fix error message not actually giving the header field name incorrectly
specified as containing the envelope recipient address. Thanks: Hardy
Braunsdorf.
- add new password_command configuration parameter for retrievers, allowing
getmail to retrieve the account password from any arbitrary external
command. Suggestion: "ng0".
Upstream changes:
2017-04-14: Marc Bradshaw <marc@marcbradshaw.net>
* commit aac893fdbaa7f8ccd5d37fa7f20d1785406cda51
Author: Marc Bradshaw <marc@marcbradshaw.net>
Date: Fri Mar 17 14:53:53 2017 +1100
Avoid use of $_ in read loop
RT 106485: Mail::DKIM::PrivateKey->load tampering $_ and <FILE>
* commit 06934f259e392b2a3cf94560e6051d9e522d0bf3
Author: Marc Bradshaw <marc@marcbradshaw.net>
Date: Fri Mar 17 14:44:44 2017 +1100
Ensure PrivateKey file is closed properly.
Store PrivateKey file handle in lexical variable and close it
once we are done.
RT 120638: Mail::DKIM::PrivateKey does not close FILE
* commit 9e7c1c4cb78a6cb1cf396ece4379c7ed2c44c974
Author: Marc Bradshaw <marc@marcbradshaw.net>
Date: Fri Feb 27 12:08:11 2015 +1100
Allow greater control over signed headers
* commit 8291c034dc7db4394e9df80e70b8cbe8428a38c2
Author: Marc Bradshaw <marc@marcbradshaw.net>
Date: Fri Jan 23 09:54:02 2015 +1100
Allow greater control over which headers are signed by Signer
NEWS:
Changes of Sylpheed
* 3.6.0 (stable)
* The Japanese manual was updated.
* 3.6.0beta1 (development)
* The feature to use multiple signatures in one account was added.
* The edit group dialog of the address book was improved to allow
multilple selection and display its available list with folder tree.
* The menu 'Tools - Open configuration/attachments folder' was added.
* Printing settings and page setup are now saved.
* The Japanese manual was updated.
* IMAP: SUBSCRIBE command is explicitly issued for a newly created folder
by CREATE.
* Unix: the search location of SSL certificates for OpenBSD was added
(#222).
* Win32: a notice about not removing user data in the installer was
modified.
