1.5.6:
* [Feature] Add unigramms support in bayes
* [Feature] Allow configurable sign headers for DKIM
* [Feature] Allow to add unigramm metatokens from Lua
* [Feature] DKIM Signing: envelope match exception for local IPs
* [Feature] UCL: register parser variables from Lua
* [Fix] Always try to adjust filename
* [Fix] Do extra copy to ensure that original content is never touched
* [Fix] Fix SPOOF_REPLYTO rule
* [Fix] Ignore Rmilter added Received
* [Fix] More fixes for hashed email dnsbls
* [Fix] Plug memory leak in chartable module
* [WebUI] Display multiple alerts at once
2017-04-28 Richard Russon <rich@flatcap.org>
* Bug Fixes
- Fix and simplify handling of GPGME in configure.ac (@gahr)
* Docs
- Fix typo in README.neomutt (@l2dy)
* Upstream
- Fix km_error_key() infinite loop and unget buffer pollution
- Fix error message when opening a mailbox with no read permission
Changelog:
Fixed
* Background images not working and other issues related to embedded images when composing email
* Google Oauth setup can sometimes not progress to the next step
RELEASE 1.2.5
-------------
- Fix re-positioning of the fixed header of messages list in Chrome when using
minimal mode toggle and About dialog (#5711)
- Fix so settings/upload.inc could not be used by plugins (#5694)
- Fix regression in LDAP fuzzy search where it always used prefix search
instead (#5713)
- Fix bug where namespace prefix could not be truncated on folders list if
show_real_foldernames=true (#5695)
- Fix bug where base_dn setting was ignored inside group_filters (#5720)
Mozilla Thunderbird is a redesign of the Mozilla mail component. The
goal is to produce a cross platform stand alone mail application using
the XUL user interface language. This version uses the gtk2 toolkit.
Changelog:
52.0.1:
Fixed
Clicking on a link in an email may not open this link in the external browser.
Crash due to incompatibility with McAfee Anti-SPAM add-on. Add-on is blocked in 52.0.1
52.0:
New
Folder pane toolbar and folder view selector (replacement for folder view arrows)
Optionally remove corresponding data files when removing an account from Thunderbird
Import settings from Becky! Internet Mail
Possibility to copy message filter
Dictionary setting is restored when editing a draft. Content-Language header (RFC 3282) transmitted with message
Calendar: Event can now be created and edited in a tab
Calendar: Processing of received invitation counter proposals
Chat: Support Twitter Direct Messages
Chat: Liking and favoriting in Twitter
Chat: XMPP: Support SASL SCRAM authentication mechanism
Chat: Support Jabber/XMPP Message Carbons (XEP-280)
Changed
IMPORTANT: The way images are included in a compose window has changed. Images are now included as data URIs and not as references to parts of other messages or operating system files. This allows better interoperability with office packages such as MS Office or LibreOffice. Images linked from locations on the internet will no longer be downloaded and attached to the message automatically. This can be changed for each image individually via the Image Properties dialog or globally by setting the preference mail.compose.attach_http_images.
Correspondents column now default for all new folders, can be switched off with preference mail.threadpane.use_correspondents
When replying to a mailing list, reply will be sent to address in From header ignoring Reply-to header
On Linux PulseAudio is now required to play sound
Formatting toolbar is now left in place when delivery format is switched to plain text only
Messages in IMAP folders read on external device are now filtered by default
Folders backed by mbox storage larger than 4GB are supported without warning (unless preference mailnews.allowMboxOver4GB is set to false)
IMAP caching now uses Mozilla's latest caching technology
The keyboard shortcut to insert hyperlinks into a compose window was changed from CTRL+L to CTRL+K to align with Office applications
Chat: Removed Yahoo! Messenger support (since Yahoo removed support)
Fixed
Message preview pane non-functional after IMAP folder was renamed or moved
Fixed
Editing in paragraph format: Pressing Shift+Enter sometimes doesn't move the cursor to the next line
Various corrections when composing messages in paragraph format
Paste as quotation doesn't always work
Long lines in plain text replies not properly wrapped
Undesired white-space before signature in paragraph mode
When attachment unavailable, compose shows endless "Attaching..." message instead of error
Text encoding of reply sometimes incorrect (uses encoding of last viewed message)
Text encoding of message display, reply or forwarded message sometimes incorrect (uses encoding of attachment)
Delivery Format not preserved for saved drafts (Auto-Detect|Plaintext|HTML|Both)
Reply to own e-mail does not reply with the correct identity
IMAP message part caching
Links with escaped non-ASCII (international) characters can't be clicked
Calendar: Events specified in timezone "local time" generate alerts in UTC time
Chat: XMPP Resource collisions
Various security fixes
Security fixes:
#CVE-2017-5400: asm.js JIT-spray bypass of ASLR and DEP
#CVE-2017-5401: Memory Corruption when handling ErrorResult
#CVE-2017-5402: Use-after-free working with events in FontFace objects
#CVE-2017-5403: Use-after-free using addRange to add range to an incorrect root object
#CVE-2017-5404: Use-after-free working with ranges in selections
#CVE-2017-5406: Segmentation fault in Skia with canvas operations
#CVE-2017-5407: Pixel and history stealing via floating-point timing side channel with SVG filters
#CVE-2017-5410: Memory corruption during JavaScript garbage collection incremental sweeping
#CVE-2017-5411: Use-after-free in Buffer Storage in libGLES
#CVE-2017-5408: Cross-origin reading of video captions in violation of CORS
#CVE-2017-5412: Buffer overflow read in SVG filters
#CVE-2017-5413: Segmentation fault during bidirectional operations
#CVE-2017-5414: File picker can choose incorrect default directory
#CVE-2017-5416: Null dereference crash in HttpChannel
#CVE-2017-5425: Overly permissive Gecko Media Plugin sandbox regular expression access
#CVE-2017-5426: Gecko Media Plugin sandbox is not started if seccomp-bpf filter is running
#CVE-2017-5418: Out of bounds read when parsing HTTP digest authorization responses
#CVE-2017-5419: Repeated authentication prompts lead to DOS attack
#CVE-2017-5405: FTP response codes can cause use of uninitialized values for ports
#CVE-2017-5421: Print preview spoofing
#CVE-2017-5422: DOS attack by using view-source: protocol repeatedly in one hyperlink
#CVE-2017-5399: Memory safety bugs fixed in Thunderbird 52
#CVE-2017-5398: Memory safety bugs fixed in Thunderbird 52 and Thunderbird 45.8
2017-04-21 Richard Russon <rich@flatcap.org>
* Features
- add lua scripting
- add command-line batch mode
- index_format: add support of %K
* Bug Fixes
- attachment/pager: Use mailcap for test/* except plain
- Fix uncollapse_new in pager
- fix garbage in chdir prompt due to unescaped string
- Fix inbox-first functionality when using mutt_pretty_mailbox
- add full neomutt version to log startup
- fix bug in uncolor for notmuch tag
- fix broken from_chars behaviour
* Coverity defects
- strfcpy
- add variable - function arg could be NULL/invalid
- add variable - failed function leads to invalid variable
- add variable - Context could become NULL
- add variable - alloc/strdup could return NULL
- add variable - route through code leads to invalid variable
- remove variable test
- test functions
- tidy switches
- unused variables
- refactor only
- check for buffer underruns
- fix leaks
- minor fixes
- bug: add missing break
- bug: don't pass large object by value
- fix: use correct buffer size
- shadow variables
- 0 -> NULL
* Docs
- many minor updates
- sync translations
- delete trailing whitespace
- indent the docbook manual
- use w3m as default for generating UTF8 manual.txt
* Website
- many minor updates
- fix broken links
- add to list of useful programs
- test automatic html checker
- remove trailing whitespace
- add irc description
- update issue labels (dev)
- new page: closed discussions
- new page: making neomutt (dev)
* Build
- drop obsolete m4 scripts
- don't look for lua libs unless asked for
- workaround slang warnings
- lower the gettext requirement 0.18 -> 0.17
- add keymap_alldefs.h to BUILT_SOURCES
- fix make dist distcheck
- Remove -Iimap from CFLAGS and include imap/imap.h explicitly
- mx: fix conditional builds
- Make iconv mandatory (no more --disable-iconv)
- refactor: Split out BUFFER-handling functions
* Tidy
- drop control characters from the source
- drop vim modelines
- delete trailing whitespace
- mark all local functions as static
- delete unused functions
- replace FOREVER with while (true)
- drop #if HAVE_CONFIG_H
- use #ifdef for potentially missing symbols
- remove #if 0 code blocks
- drop commented out source
- IMAP auth functions are stored by pointer cannot be static
- force OPS to be rebuilt after a reconfigure
- be specific about void functions
- expand a few more alloc macros
- add argument names to function prototypes
- drop local copy of regex code
- rearrange code to avoid forward declarations
- limit the scope of some functions
- give the compress functions a unique name
- use snake_case for function names
- add missing newlines to mutt_debug
- remove generated files from repo
- look for translations in all files
- fix arguments to printf-style functions
- license text
- unify include-guards
- tidy makefiles
- initialise pointers
- make strcmp-like functions clearer
- unify sizeof usage
- remove forward declarations
- remove ()s from return
- rename files hyphen to underscore
- remove unused macros
- use SEEK_SET, SEEK_CUR, SEEK_END
- remove constant code
- fix typos and grammar in the comments
- Switch to using an external gettext runtime
- apply clang-format to the source code
- boolify returns of 84 functions
- boolify lots of struct members
- boolify some function parameters
* Upstream
- Add $ssl_verify_partial_chains option for OpenSSL
- Move the OpenSSL partial chain support check inside configure.ac
- Don't allow storing duplicate certs for OpenSSL interactive prompt
- Prevent skipped certs from showing a second time
- OpenSSL: Don't offer (a)ccept always choice for hostname mismatches
- Add SNI support for OpenSSL
- Add SNI support for GnuTLS
- Add shortcuts for IMAP and POP mailboxes in the file browser
- Change OpenSSL to use SHA-256 for cert comparison
- Fix conststrings type mismatches
- Pass envlist to filter children too
- Fix mutt_envlist_set() for the case that envlist is null
- Fix setenv overwriting to not truncate the envlist
- Fix (un)sidebar_whitelist to expand paths
- Fix mutt_refresh() pausing during macro events
- Add a menu stack to track current and past menus
- Change CurrentMenu to be controlled by the menu stack
- Set refresh when popping the menu stack
- Remove redraw parameter from crypt send_menus
- Don't full redraw the index when handling a command from the pager
- Filter other directional markers that corrupt the screen
- Remove the OPTFORCEREDRAW options
- Remove SidebarNeedsRedraw
- Change reflow_windows() to set full redraw
- Create R_MENU redraw option
- Remove refresh parameter from mutt_enter_fname()
- Remove redraw flag setting after mutt_endwin()
- Change km_dokey() to pass SigWinch on for the MENU_EDITOR
- Separate out the compose menu redrawing
- Separate out the index menu redrawing
- Prepare for pager redraw separation
- Separate out the pager menu redrawing
- Don't create query menu until after initial prompt
- Silence imap progress messages for pipe-message
- Ensure mutt stays in endwin during calls to pipe_msg()
- Fix memleak when attaching files
- Add $ssl_verify_partial_chains option for OpenSSL
- Move the OpenSSL partial chain support check inside configureac
- Don't allow storing duplicate certs for OpenSSL interactive prompt
- Prevent skipped certs from showing a second time
- OpenSSL: Don't offer (a)ccept always choice for hostname mismatches
- Add SNI support for OpenSSL
- Add SNI support for GnuTLS
- Add shortcuts for IMAP and POP mailboxes in the file browser
- Updated French translation
- Change OpenSSL to use SHA-256 for cert comparison
- Fix conststrings type mismatches
- Pass envlist to filter children too
- Fix mutt_envlist_set() for the case that envlist is null
- Fix setenv overwriting to not truncate the envlist
- Fix mutt_refresh() pausing during macro events
- Add a menu stack to track current and past menus
- Change CurrentMenu to be controlled by the menu stack
- Set refresh when popping the menu stack
- Remove redraw parameter from crypt send_menus
- Don't full redraw the index when handling a command from the pager
- Fix (un)sidebar_whitelist to expand paths
- Filter other directional markers that corrupt the screen
- Remove the OPTFORCEREDRAW options
- Remove SidebarNeedsRedraw
- Change reflow_windows() to set full redraw
- Create R_MENU redraw option
- Remove refresh parameter from mutt_enter_fname()
- Remove redraw flag setting after mutt_endwin()
- Change km_dokey() to pass SigWinch on for the MENU_EDITOR
- Separate out the compose menu redrawing
- Separate out the index menu redrawing
- Prepare for pager redraw separation
- Separate out the pager menu redrawing
- Don't create query menu until after initial prompt
- Silence imap progress messages for pipe-message
- Ensure mutt stays in endwin during calls to pipe_msg()
- Fix memleak when attaching files
- automatic post-release commit for mutt-181
- Added tag mutt-1-8-1-rel for changeset f44974c10990
- mutt-181 signed
- Add ifdefs around new mutt_resize_screen calls
- Add multiline and sigwinch handling to mutt_multi_choice
- Set pager's REDRAW_SIGWINCH when reflowing windows
- Add multiline and sigwinch handling to mutt_yesorno
- Change the sort prompt to use (s)ort style prompts
- Handle the pager sort prompt inside the pager
- Fix GPG_TTY to be added to envlist
- automatic post-release commit for mutt-182
The flufl.bounce library provides a set of heuristics and an API for
detecting the original bouncing email addresses from a bounce message.
Many formats found in the wild are supported, as are VERP and RFC 3464
(DSN).
This is a server for SMTP and related protocols, similar in utility to
the standard library's smtpd.py module, but rewritten to be based
on asyncio for Python 3.
- Elliptic curve negotiation with OpenSSL >= 1.0.2. This changes the
default smtpd_tls_eecdh_grade setting to "auto", and introduces a
new parameter tls_eecdh_auto_curves with the names of curves that may
be negotiated.
- Stored-procedure support for MySQL databases.
- Cidr: table support for if/endif and negation (by prepending ! to a
pattern), just like regexp: and pcre: tables. See the cidr_table(5)
manpage for details.
- The postmap command and the inline: and texthash: maps now support
spaces in left-hand field of lookup table source text. Use double
quotes (") around a left-hand field that contains spaces, and use
backslash (\) to protect quotes in a left-hand field.
- Support for per-client Milter configuration (smtpd_milter_maps) that
overrides the main.cf smtpd_milters setting, and that has the same
syntax. A lookup result of "DISABLE" turns off Milter support for that
client.
- The local SMTP server IP address and port are available in the
policy delegation protocol (attribute names: server_address,
server_port), in the Milter protocol (macro names: {daemon_addr},
{daemon_port}), and in the XCLIENT protocol (attribute names:
DESTADDR, DESTPORT).
- For safety reasons, the Postfix sendmail -C option must specify an
authorized directory: the default configuration directory, a
directory that is listed in the default main.cf file with
alternate_config_directories or multi_instance_directories, otherwise
the command must be invoked with root privileges. This mitigates a
recurring "jail break" problem with the PHP mail() function.
- "PASS" and "STRIP" actions in header/body_checks. "STRIP" is similar
to "IGNORE" but also logs the action, and "PASS" disables header,
body, and Milter inspection for the remainder of the message content.
- The collate.pl script by Viktor Dukhovni for grouping Postfix
logfile records into "sessions" based on queue ID and process ID
information, in the auxiliary/collate directory of the Postfix source
tree.
Disabled or removed behavior:
- SMTPUTF8 support: Postfix 3.2 disables the 'transitional'
compatibility between the IDNA2003 and IDNA2008 standards for
internationalized domain names (domain names beyond the limits of
US-ASCII). This makes Postfix behavior consistent with contemporary
web browsers.
- Postfix 3.2 removes tentative features that were implemented before
the DANE spec was finalized: support for certificate usage
PKIX-EE(1), the ability to disable digest agility, and the ability to
disable support for "TLSA 2 [01] [12]" records that specify the digest
of a trust anchor.
Notable changes since 3.2:
- Added mailer previews feature based on 37 Signals mail_view
gem.
- Instrument the generation of Action Mailer messages. The time it
takes to generate a message is written to the log.
- link_to and url_for generate absolute URLs by default in templates,
it is no longer needed to pass only_path: false.
- Introduced deliver_later which enqueues a job on the application's
queue to deliver emails asynchronously.
- Added the show_previews configuration option for enabling mailer
previews outside of the development environment.
1.5.5:
* [CritFix] Fix classifier learning with Redis backend
* [CritFix] Fix issue when parsing encoded rfc822/messages
* [Feature] Add escaped version of lua_ucl import
* [Feature] Add task:headers_foreach function
* [Feature] Allow to process filenames from content type
* [Feature] Allow to query hashed emails
* [Feature] Ignore bayes with mostly metatokens or with too few text
* [Feature] Probabilistically skip metatokens
* [Feature] Retrieve all virus names from SAVAPI
* [Feature] Rework classifiers lua metatokens
* [Feature] Store headers order
* [Feature] Store text tokens inside bayes tokens
* [Feature] Use cached shingles keys
* [Fix] Add missing score normalisation for HFILTER_URL_ONLY
* [Fix] Avoid lookup in absent hash
* [Fix] Check return values from Lua functions called from C
* [Fix] Do not count sending and loading time in rspamc
* [Fix] Escape json strings for controller rejplies from Lua
* [Fix] Fix archive scans for savapi
* [Fix] Fix domain_only emails RBL
* [Fix] Fix ip_score map configuration
* [Fix] Fix JSON output for history_redis
* [Fix] Fix one character length substrings search
* [Fix] Fix parsing of non-RFC compatible Exim received
* [Fix] Fix parsing of options for workers with the same type
* [Fix] Fix processing of small tokens vectors
* [Fix] Fix rfc2047 tokenization
* [Fix] Fix typo
* [Fix] More fixes for inplace decoding
* [Fix] Try to avoid modifications of the original data
* [Fix] URL redirector: Fix call to is_redirector
* [Rework] Set token data as uint64_t instead of chars array
* [WebUI] Check if neighbours' history backend versions match
* [WebUI] Disable phrase connectors replacement in history filtering
* [WebUI] Disable phrase connectors replacement in symbols filtering
* [WebUI] Do not hide messages with bad subject, just replace it with '???'
* [WebUI] Fix error message
* [WebUI] Fix history v2 display
* [WebUI] Fix legacy history
* [WebUI] history: break To address lists on commas
* [WebUI] Increase default timeout to 20 seconds
* [WebUI] Save some history table space
1.5.4:
* [Conf] Add history_redis default configuration
* [Feature] Add spoofed rules
* [Feature] Add URL_IN_SUBJECT rule
* [Feature] Allow to get task's subject
* [Feature] Allow to specify maximum number of shots for symbols
* [Feature] Distinguish URLs found in Subject
* [Feature] Memoize LPEG grammars
* [Feature] Parse else parts in SA rules
* [Feature] Process subject for mixed characters
* [Feature] Resolve url chains in url_redirector module
* [Feature] Stat greylisted messages as greylisted not soft-rejected
* [Feature] Support checking for redirector in Lua SURBL
* [Feature] Support tag_exists SA function
* [Feature] Work with broken rfc2047 tokens
* [Fix] Check all watcher's dependencies
* [Fix] Do not compile hyperscan with no SSSE3 support
* [Fix] Do not crash if cannot decode qp encoded part
* [Fix] Fix dependencies of DKIM when multiple signatures are found
* [Fix] Fix lists in whitelist plugin
* [Fix] Fix one-shot symbols weight calculations
* [Fix] Fix options and shots match
* [Fix] Fix order of symbol options
* [Fix] Fix parsing of dot at the end of the address
* [Fix] Fix parsing of lua table arguments
* [Fix] Fix processing of subject words
* [Fix] Fix string split memoization
* [Fix] Fix templates grammar usage
* [Fix] Fix various issues related to Lua stack manipulation
* [Fix] Force actions: Use postfilter if we have honor_action / require_action
* [Fix] Further fixes to avoid PHISHING FP
* [Fix] Preserve order of options in symbols
* [Fix] Rspamadm grep: deal with unusually-formatted logs
* [Fix] Use hostname suffix when dealing with history
* [Rework] Remove outdated SA rules
* [WebUI] Add flexible columns
* [WebUI] Add footable
* [WebUI] Add sender, recipients and subject columns
* [WebUI] Allow message-id break
* [WebUI] Fix history clustering
* [WebUI] Fix history display
* [WebUI] Fix sorting
* [WebUI] Humanize sizes
* [WebUI] Initial move towards footable
* [WebUI] Remove datatables
* [WebUI] Replace `.values` method with `.map`
* [WebUI] Rework v2 symbols display
* [WebUI] Try to normalize frequencies
* [WebUI] Unbreak WebUI
* [WebUI] Use Footable to draw Throughput summary table
v0.4.18 12-04-2017 Stephan Bosch <stephan@rename-it.nl>
+ imapsieve plugin: Implemented the copy_source_after rule action. When this
is enabled for a mailbox rule, the specified Sieve script is executed for
the message in the source mailbox during a "COPY" event. This happens only
after the Sieve script that is executed for the corresponding message in the
destination mailbox finishes running successfully.
+ imapsieve plugin: Added non-standard Sieve environment items for the source
and destination mailbox.
- multiscript: The execution of the discard script had an implicit "keep",
rather than an implicit "discard".
v2.2.29.1 2017-04-12 Timo Sirainen <tss@iki.fi>
- imapc reconnection fix was forgotten from 2.2.29 release, which also
made "make check" fail in a unit test
- dict-sql: Merging multiple UPDATEs to a single statement wasn't
actually working.
- Fixed building with vpopmail
v2.2.29 2017-04-10 Timo Sirainen <tss@iki.fi>
* passdb/userdb dict: Don't double-expand %variables in keys. If dict
was used as the authentication passdb, using specially crafted
%variables in the username could be used to cause DoS (CVE-2017-2669)
* When Dovecot encounters an internal error, it logs the real error and
usually logs another line saying what function failed. Previously the
second log line's error message was a rather uninformative "Internal
error occurred. Refer to server log for more information." Now the
real error message is duplicated in this second log line.
* lmtp: If a delivery has multiple recipients, run autoexpunging only
for the last recipient. This avoids a problem where a long
autoexpunge run causes LMTP client to timeout between the DATA
replies, resulting in duplicate mail deliveries.
* config: Don't stop the process due to idling. Otherwise the
configuration is reloaded when the process restarts.
* mail_log plugin: Differentiate autoexpunges from regular expunges
* imapc: Use LOGOUT to cleanly disconnect from server.
* lib-http: Internal status codes (>9000) are no longer visible in logs
* director: Log vhost count changes and HOST-UP/DOWN
+ quota: Add plugin { quota_max_mail_size } setting to limit the
maximum individual mail size that can be saved.
+ imapc: Add imapc_features=delay-login. If set, connecting to the
remote IMAP server isn't done until it's necessary.
+ imapc: Add imapc_connection_retry_count and
imapc_connection_retry_interval settings.
+ imap, pop3, indexer-worker: Add (deinit) to process title before
autoexpunging runs.
+ Added %{encrypt} and %{decrypt} variables
+ imap/pop3 proxy: Log proxy state in errors as human-readable string.
+ imap/pop3-login: All forward_* extra fields returned by passdb are
sent to the next hop when proxying using ID/XCLIENT commands. On the
receiving side these fields are imported and sent to auth process
where they're accessible via %{passdb:forward_*}. This is done only
if the sending IP address matches login_trusted_networks.
+ imap-login: If imap_id_retain=yes, send the IMAP ID string to
auth process. %{client_id} expands to it in auth process. The ID
string is also sent to the next hop when proxying.
+ passdb imap: Use ssl_client_ca_* settings for CA validation.
- fts-tika: Fixed crash when parsing attachment without
Content-Disposition header. Broken by 2.2.28.
- trash plugin was broken in 2.2.28
- auth: When passdb/userdb lookups were done via auth-workers, too much
data was added to auth cache. This could have resulted in wrong
replies when using multiple passdbs/userdbs.
- auth: passdb { skip & mechanisms } were ignored for the first passdb
- oauth2: Various fixes, including fixes to crashes
- dsync: Large Sieve scripts (or other large metadata) weren't always
synced.
- Index rebuild (e.g. doveadm force-resync) set all mails as \Recent
- imap-hibernate: %{userdb:*} wasn't expanded in mail_log_prefix
- doveadm: Exit codes weren't preserved when proxying commands via
doveadm-server. Almost all errors used exit code 75 (tempfail).
- ACLs weren't applied to not-yet-existing autocreated mailboxes.
- Fixed a potential crash when parsing a broken message header.
- cassandra: Fallback consistency settings weren't working correctly.
- doveadm director status <user>: "Initial config" was always empty
- imapc: Various reconnection fixes.
LD_LIBRARY_PATH is not propagated when set with env, e.g.:
env LD_LIBRARY_PATH=path/to/lib ./script.sh
will not work (other variable names work correctly).
mess822. Turn it off by default. This should let us once again
publish binary packages.
To use another ofmipd, set qmailofmipd_ofmipdcmd in rc.conf. Likewise
for qmail-smtpd and qmail-pop3d.
Bump version.
used only for qmail-pop3d, which is likely not being used much anymore.
Other installs might need a different implementation of checkpassword
anyhow. And this implementation is not (yet?) in the public domain, so
it's blocking us from publishing binary packages of qmail.
Unless (until?) sysutils/checkpassword becomes "public-domain", it
remains under "djb-nonlicense". If you continue to need it, since you've
already accepted the nonlicense, simply install it directly.
I believe this package and all its remaining dependencies are now in
DEFAULT_ACCEPTABLE_LICENSES. Bump PKGREVISION.
Upstream changes:
1.300031 2017-04-04 14:35:42-04:00 America/New_York
- EMAIL_SENDER_TRANSPORT did not properly handle the =-prefix case
Now: =Foo::Bar expands to Foo::Bar, Foo::Bar expands to Foo::Bar,
and FooBar expands to Email::Sender::Transport::FooBar, as intended.
Previously, =Foo::Bar expanded to Email::Sender::Transport::Foo::Bar
Notmuch 0.24.1 (2017-04-01)
===========================
General
-------
Fix regressions in non-regexp search for `from:` and `subject:`.
The regexp search code in 0.24 introduced a regression in the
handling of empty queries and wildcards. These are both corrected in
this release.
Command Line Interface
----------------------
Fix several memory leaks in `notmuch show`.
Update NEWS for 0.24 to mention schema changes.
Fix bug in dump header.
The previous version of the dump header failed to mention the
inclusion of tags. This fix bumps the version number of the dump
format to 3. There are no other changes to the format.
Library Changes
---------------
Fix a read-after-free in the library.
2011.02.05: I hereby place the mess822 package (in particular, mess822-
0.58.tar.gz, with MD5 checksum 8ce4c29c994a70dcaa30140601213dbe) into
the public domain. The package is no longer copyrighted.
Scheme for SMTP forwarding.
SPF (and related systems) present a challenge to forwarders, since the
envelope sender address might be seen by the destination as a forgery by
the forwarding host. Forwarding services must rewrite the envelope
sender address, while encapsulating the original sender and preventing
relay attacks by spammers.
The Sender Rewriting Scheme, or SRS, provides a standard for this
rewriting which makes forwarding compatible with these address
verification schemes, preserves bounce functionality and is not
vulnerable to attacks by spammers.
qmail-{bigdns,realrcptto} (in addition to qmail-netqmail) by default.
These are conservative choices: small patches that make qmail behave
more like it probably wanted to without breaking existing systems,
adding attack surface, or failing on some platforms we support.
Bump PKGREVISION.
Changelog:
#CVE-2017-5400: asm.js JIT-spray bypass of ASLR and DEP
#CVE-2017-5401: Memory Corruption when handling ErrorResult
#CVE-2017-5402: Use-after-free working with events in FontFace objects
#CVE-2017-5404: Use-after-free working with ranges in selections
#CVE-2017-5407: Pixel and history stealing via floating-point timing side channel with SVG filters
#CVE-2017-5410: Memory corruption during JavaScript garbage collection incremental sweeping
#CVE-2017-5408: Cross-origin reading of video captions in violation of CORS
#CVE-2017-5405: FTP response codes can cause use of uninitialized values for ports
#CVE-2017-5398: Memory safety bugs fixed in Thunderbird 45.8
source package stopped initializing the queue. (DESTDIR makes source
packages generate binary packages, which had never had that feature. See
<http://mail-index.netbsd.org/pkgsrc-changes/2011/06/07/msg056339.html>
for where the regression was introduced.)
Add a dependency on mail/queue-fix and, if no queue is present at
pkg_add time, initialize it.
Defer creating users and groups all the way to pkg_add time, and improve
DESTDIR support to full "user-destdir". Since mail/postfix lets
unprivileged users install it, we do too. (Can't run a server that way,
but so what.)
A typical (privileged) binary package should now:
1. Install on any other system of matching OS and architecture,
2. Not need matching numeric UIDs and GIDs to do so, and
3. Be usable in production.
You know, like any other binary package.
Bump PKGREVISION.
From Bartosz Kuzma <bartosz.kuzma@gmail.com> via pkgsrc-wip.
1.5.3:
* [Conf] Add composite for hacked wordpress phishing
* [CritFix] Fix base64 decoding when there are unparseable characters
* [Feature] Additional symbol metadata in metadata exporter
* [Feature] Add method to get protocol reply from Lua
* [Feature] Add symbols when tagged rcpt/sender are normalised
* [Feature] Add task:get_symbols_all() function
* [Feature] Allow multiple formats of DKIM signing key
* [Feature] Allow to cache and use flexible protocol reply
* [Feature] Allow to set one_shot flag from register_symbol
* [Feature] Allow to skip certain types of hashes when learning fuzzy
* [Feature] Cache and insert scan time into the protocol
* [Feature] Detect newlines in rspamc --mime
* [Feature] DKIM signing: support use of maps
* [Feature] Greylist: Support excluding low-scoring messages from greylisting
* [Feature] Implement lua history in controller
* [Feature] Implement redis history querying
* [Feature] Preliminary implementation of redis history plugin
* [Feature] Support using request headers in settings
* [Fix] Change default template to deal with non-ASCII characters
* [Fix] Deal with lists of maps in whitelist module
* [Fix] DKIM signing: use domain-specific signing key
* [Fix] Do not reallocate completed zstd buffer
* [Fix] Do not use local_addrs in proxy
* [Fix] Fix crash when resolver is undefined
* [Fix] Fix double free when closing lua_tcp connections
* [Fix] Fix for lua 5.3
* [Fix] Fix freeing of arrays iterators
* [Fix] Fix issue with task:get_symbol and symbols with no metric
* [Fix] Fix log line duplication in `rspamadm grep`
* [Fix] Fix memory corruption on termination
* [Fix] Fix out-of-bound access in base64 decode
* [Fix] Fix ratelimit + greylisting
* [Fix] Fix subject rewriting
* [Fix] Fix task:set_recipients function
* [Fix] Fix URI_COUNT_ODD rule
* [Fix] Follow the traditional symbols conventions in RCPT_COUNT rule
* [Fix] Greylist: Suppress greylist action for whitelisted hosts too
* [Fix] Metadata exporter: use rule-specific settings for emails
* [Fix] Properly set missing fields in exporter
* [Fix] Proxy: max_retries option
* [Fix] RCPT_COUNT fixes
* [Fix] Rework HAS_X_PRIO rule to match symbols conventions
* [Fix] Update issues in ac-trie
* [Fix] Use optimised base64 decoding in DKIM
* [WebUI] Add preliminary v2 history parser
* [WebUI] Allow different history parsers
* [WebUI] Display symbols
* [WebUI] Rework history v2 function
1.5.2:
* [Conf] Add default config for spamassasssin plugin
* [Conf] Add default configuration for antivirus module
* [Conf] Add dkim signing docs
* [Conf] Add mx_check default config
* [Conf] Add replies config
* [Conf] Add trie default config
* [Feature] Add heuristic to find text parts in files
* [Feature] Add rule to detect broken content type
* [Feature] Allow to extract CTE in Lua API
* [Feature] Allow to set from address for a lua_task
* [Feature] Allow to set recipients of a task from Lua
* [Feature] Enchance text_part:get_content method
* [Feature] Remove + aliases from emails
* [Feature] Support rmilter block and dkim signature in CGP helper
* [Feature] Support running event loop from Lua
* [Fix] Antivirus: use scanner-specific redis prefix
* [Fix] Couple of fixes for DKIM signing module
* [Fix] Distinguish missing and broken mandatory headers
* [Fix] Do more heuristical detection for missing CTE
* [Fix] Do not resort cache on each check
* [Fix] Fix CGP escaping
* [Fix] Fix MISSING_MIME_VERSION rule for plain messages
* [Fix] Fix parsing of cte in expressions
* [Fix] Fix partial matches in rspamadm grep
* [Fix] Fix setting class on style field
* [WebUI] Auto-switch Throughput units to `msg/min` for very low rate
* [WebUI] Update D3Evolution to 0.0.2
1.5.1:
* [CritFix] Fix processing of stop_patterns with `\0` character
* [CritFix] Fix setting of raw key for signing
* [Fix] Fix lua exports from plugins during reload
* [Fix] Fix prefilters action scores
* [Fix] Fix symbols processing order
* [Minor] Help cmake find gthread
* [Minor] Some cmake fixes
1.5.0:
* [Conf] Add configurations for asn, clickhouse and dcc
* [Conf] Add default config for url redirector plugin
* [Conf] Add the default config for greylist module
* [Conf] Allow to edit all local maps from WebUI by default
* [CritFix] Deal with absent headers in DKIM
* [CritFix] Do not trust remote shingles count
* [CritFix] Fix bad memory leak in TLS certificates validation
* [CritFix] Fix critical memory issues with radix maps
* [CritFix] Fix descriptors leak on reload
* [CritFix] Fix headers selection in DKIM verification
* [CritFix] Fix parsing of boundaries that end with `--`
* [CritFix] Repair PTR_ARRAY_FOREACH macro
* [Feature] Add CORS support to the controller
* [Feature] Add FROM_NAME_EXCESS_SPACE rule
* [Feature] Add REPLYTO_EMAIL_HAS_TITLE rule
* [Feature] Add `caseless_hash` method to `lua_util`
* [Feature] Add `rip` keyword to ratelimit module
* [Feature] Add a simple benchmark for content type parsing
* [Feature] Add boundaries parsing in content type
* [Feature] Add charset detection for text parts
* [Feature] Add content disposition parser
* [Feature] Add fallback if too many updates are failing
* [Feature] Add function to convert struct tm to time using timezone
* [Feature] Add function to normalize HTTP paths
* [Feature] Add fuzzy collection plugin
* [Feature] Add fuzzy logic for images
* [Feature] Add gmime parser to mime_tool
* [Feature] Add heuristic to detect broken messages
* [Feature] Add heuristic to find displayed URLs
* [Feature] Add heuristic to process broken email addresses
* [Feature] Add images normalization
* [Feature] Add mechanism for disabling composites (Fixes#1270)
* [Feature] Add method to create regexp from a glob pattern
* [Feature] Add mime encoding manipulation routines
* [Feature] Add mime tool to explore messages
* [Feature] Add more meta tokens from received headers
* [Feature] Add neighbours option to support Rspamd cluster in WebUI
* [Feature] Add new function to parse mime addresses
* [Feature] Add new methods for lua_tcp
* [Feature] Add own headers decoding routine
* [Feature] Add own routine to generate a message id
* [Feature] Add parser for SMTP date
* [Feature] Add per-task lua cache to reuse 'heavy' objects
* [Feature] Add plugins list path in WebUI
* [Feature] Add preliminary multipart support
* [Feature] Add preliminary version of DKIM signing module
* [Feature] Add profiling support in client output
* [Feature] Add rfc2047 grammar
* [Feature] Add rfc2047 variant for QP decoding
* [Feature] Add rmilter_headers module (Fixes#1227)
* [Feature] Add sse42 version of base64 decoding
* [Feature] Add ssse3 and avx2 base64 decoders
* [Feature] Add support of libgd
* [Feature] Add the preliminary version of redirects resolver in Lua
* [Feature] Add ucl_object_iterate_full function
* [Feature] Add url encoding function
* [Feature] Allow SOA requests in lua dns
* [Feature] Allow custom parse types in lua ucl
* [Feature] Allow plugins to register webui handlers
* [Feature] Allow to add options explicitly to symbols
* [Feature] Allow to call a callback when symbol frequency is on peak
* [Feature] Allow to call redirector script from SURBL
* [Feature] Allow to create variable length dkim keys
* [Feature] Allow to have module specific options for Redis in plugins
* [Feature] Allow to pass sign key directly from Lua
* [Feature] Allow to register configuration docs from Lua API
* [Feature] Allow to return options as a table
* [Feature] Allow to set peak callbacks from Lua
* [Feature] Allow to specify custom method for a message
* [Feature] Allow to store dkim keys in Redis
* [Feature] Allow to store messages in files
* [Feature] Apply DCT using AAN for fuzzy signature
* [Feature] Avira SAVAPI support
* [Feature] Cache and simplify DCT and jpeg decode
* [Feature] Cache libicu convertors
* [Feature] Detect URLs with suspicious omographs
* [Feature] Do not increase score for duplicate options
* [Feature] Do not trust CTE, check base64 and qp strictly
* [Feature] Dynamic reputation in URL reputation plugin
* [Feature] Extend redis lock when learning spawned
* [Feature] Filter non-utf chars from all decoded headers
* [Feature] Fix phishing detection for IDNA urls
* [Feature] Ignore bad symbols on base64 decoding
* [Feature] Ignore too wide elements in SPF
* [Feature] Implement fuzzy collection mode
* [Feature] Implement helo maps in multimap
* [Feature] Implement human readable buckets configuration
* [Feature] Implement min-hash shingles for DCT data from images
* [Feature] Implement new algorithm for fuzzy hashes of images
* [Feature] Implement new unicode normalizer
* [Feature] Implement quoted printable decoding
* [Feature] Implement received headers flags
* [Feature] Implement rspamdgrep tool
* [Feature] Implement sane checksum for config file
* [Feature] Implement url tags concept
* [Feature] Improve detection of omographs using libicu
* [Feature] Improve url redirector module
* [Feature] Multimap: Received header processing
* [Feature] Multiple improvements in the maps
* [Feature] New URL filters in multimap
* [Feature] Plugin to force actions on selected symbols
* [Feature] RBL module: support hashing for emails and helo RBL
* [Feature] Reuse URL tags in SURBL module
* [Feature] Rework RRD ds count, add conversion path
* [Feature] Rework surbl module to avoid extra redirector calls
* [Feature] Send config id to the WebUI
* [Feature] Simplify HTTPCrypt client support
* [Feature] Skip processing for large images
* [Feature] Start collection only mode implementation for fuzzy storage
* [Feature] Start import of the optimized base64 decode
* [Feature] Store all received headers in lua
* [Feature] Store relational order of all headers in a message
* [Feature] Support DKIM signing in Lua plugins
* [Feature] Support HTTPCrypt client in lua_http
* [Feature] Support setting SMTP message in multimap
* [Feature] Support setting metric subject from Lua
* [Feature] Support setting subject in force actions module
* [Feature] Treat v6 mapped addresses as v4 addresses
* [Feature] URL reputation plugin
* [Feature] Use Redis instead of memcached in URLs redirector
* [Feature] Use Rspamd rfc2047 decoder instead of gmime one
* [Feature] Use a different normalization for fuzzy images
* [Feature] Use normalized images in fuzzy hashes
* [Feature] Use own code for parsing of date
* [Feature] Use shingles for images fuzzying
* [Feature] Use t1ha for hashes, allow inlining
* [Feature] Use t1ha instead of metrohash and xxhash32
* [Feature] Various new features in metadata exporter module
* [Feature] rmilter_headers: authentication-results (#78)
* [Fix] Add additional check to mark redis connection inactive
* [Fix] Add packed attribute for protocol structure
* [Fix] Adopt OMOGRAPH_URL rule
* [Fix] Allow static maps
* [Fix] Allow to disable classifiers checks using settings and conditions
* [Fix] Another try to fix 0 length maps
* [Fix] Another try to fix corruption during maps reload
* [Fix] Another try to fix descriptors leak
* [Fix] Another try to fix reload and logger
* [Fix] Antivirus module: register virtual symbols for patterns
* [Fix] Avoid extensive reallocs
* [Fix] Avoid mempool leak in SA plugin on reload
* [Fix] Avoid race condition on saving cache and reload
* [Fix] Avoid reusing g_error (Fixes#1262)
* [Fix] Break pool connection on fatal redis errors
* [Fix] Check for NaN properly
* [Fix] Couple of fixes for date parsing
* [Fix] Date header timezone adjustments (#1279)
* [Fix] Deal with EOF properly
* [Fix] Decode filename in content disposition
* [Fix] Disable fuzzy images by default
* [Fix] Disable zero-copy mode for text parts to avoid crashes
* [Fix] Do not destroy session when not all finish scripts are done
* [Fix] Do not greyscale images
* [Fix] Do not leave parent-less workers processes on fatal errors
* [Fix] Do not lowercase Content-Disposition to perform decoding
* [Fix] Do not penalize characters just after numeric prefix
* [Fix] Do not refork workers that are intended to die
* [Fix] Do not set pre-result and update records for no `Queue-ID` messages
* [Fix] Do not skip post-filters when pre-filters have set some results
* [Fix] Do not stop symbols planning if async events are pending
* [Fix] Do not try to set keys for unencrypted requests in proxy
* [Fix] Encode URLs according to rfc3986
* [Fix] Encode URLs before sending them to the protocol
* [Fix] Filter bad characters from message id
* [Fix] Fix CTE detection heuristic
* [Fix] Fix Content-Type in HTTP requests
* [Fix] Fix IDN eslds phishing checks
* [Fix] Fix adding maps from config in Lua
* [Fix] Fix another reload memory issue
* [Fix] Fix argument returned on redis backend errors
* [Fix] Fix assertion in graph handling
* [Fix] Fix body trie matching
* [Fix] Fix build
* [Fix] Fix byte array expansion during toutf8 conversion
* [Fix] Fix charset normalisation
* [Fix] Fix checking of DKIM bodies that needs just `\n` to be added
* [Fix] Fix couple of cornercases with email addresses
* [Fix] Fix couple of issues
* [Fix] Fix dependencies tracking for callback symbols
* [Fix] Fix detection of jpeg size
* [Fix] Fix errors handling in fuzzy backend initialization
* [Fix] Fix fuzzy hashes count
* [Fix] Fix globbing and convert lists to arrays in fuzzy_check
* [Fix] Fix heuristical CTE detection for QP encoding
* [Fix] Fix ignoring of bad text parts
* [Fix] Fix indexes in array access, interleave loop
* [Fix] Fix int64 -> double conversion
* [Fix] Fix invalid memory access on reload
* [Fix] Fix issues with empty updates
* [Fix] Fix issues with quoted-printable encoding
* [Fix] Fix keys names
* [Fix] Fix lots of issues in mime parser code
* [Fix] Fix lua maps load
* [Fix] Fix macro name
* [Fix] Fix mas group score calculations
* [Fix] Fix matching of the same patterns from different tries
* [Fix] Fix memory corruprtion and leak
* [Fix] Fix memory leak in HTTP maps
* [Fix] Fix memory leak in expression destroying
* [Fix] Fix memory leak in parsing of mime names
* [Fix] Fix memory leak in safe ucl iterators
* [Fix] Fix memory leak on reload in plugins
* [Fix] Fix modules reconfigure on reload
* [Fix] Fix monitored setup fro URLBLs with IP addresses
* [Fix] Fix name of var
* [Fix] Fix new rrd updates
* [Fix] Fix out of bounds access
* [Fix] Fix parsing messages with no body
* [Fix] Fix parsing of '=' character in headers
* [Fix] Fix parsing of messages with no content type
* [Fix] Fix plugins callbacks in webui
* [Fix] Fix possible memory corruption in redis pool
* [Fix] Fix probability calculations for fuzzy redis backend
* [Fix] Fix processing errors in lua_tcp
* [Fix] Fix processing of emails with name only
* [Fix] Fix processing of non-multipart messages
* [Fix] Fix processing of parts with no valid content type
* [Fix] Fix race condition in SIGUSR2 handler
* [Fix] Fix redis options parsing when no redis servers are defined
* [Fix] Fix reload and hyperscan ready event
* [Fix] Fix reload memory issue
* [Fix] Fix rra_ptr conversion
* [Fix] Fix rrd file conversion
* [Fix] Fix setting of content-type attributes
* [Fix] Fix signing headers creation in DKIM
* [Fix] Fix stddev calculations
* [Fix] Fix surbl plugin to work with composite maps
* [Fix] Fix timezones parsing
* [Fix] Fix tokens usage
* [Fix] Fix urls and emails hashes
* [Fix] Fix usage of unsafe ucl iterators
* [Fix] Fix work with broken utf8 tokens
* [Fix] Fix writing of user to roll history
* [Fix] Forgotten worker
* [Fix] Further memory leaks fixes
* [Fix] Ignore lua metatokens in bayes for now
* [Fix] Improve OMOGRAPH_URL rule
* [Fix] Lua IP from string should be invalid if parsing failed
* [Fix] Miltiple fixes to new lua_tcp, add debugging
* [Fix] More fixes for iterators cleanup
* [Fix] More fixes to logger initialization
* [Fix] More heuristic fixes for phishing detection
* [Fix] More leaks eliminated
* [Fix] More leaks...
* [Fix] More random fixes for reload...
* [Fix] Multimap: Fixes for email filters
* [Fix] Multiple fixes for fann module
* [Fix] Multiple memory corruption fixes
* [Fix] Normalize path in HTTP router
* [Fix] Plug memory leak
* [Fix] Plug memory leak in adding radix trees
* [Fix] Plug memory leak in configuration parser
* [Fix] Plug memory leak in expressions parsing during reload
* [Fix] Plug memory leak in learning fuzzy storage
* [Fix] Plug memory leak in lua_tcp
* [Fix] Plug reload leaks
* [Fix] Plug termination memory leaks
* [Fix] Really increase lock lifetime
* [Fix] Replies module: fix symbol weight
* [Fix] Restore content type params related functions
* [Fix] Set task's subject from mime subject
* [Fix] Sigh, one more reload leak
* [Fix] Simplify images shingles
* [Fix] Some more memory issues are fixed
* [Fix] Stop hardcoding of lua in C
* [Fix] Stop processing of bad parts as text parts
* [Fix] Strictly filter bad characters when emittin json
* [Fix] Strings returned from lua are ephemeral
* [Fix] Support unix sockets for lua redis
* [Fix] Try to fix issues with reloading config
* [Fix] Try to fix race condition in redis_pool
* [Fix] Use checksum to avoid intersection between different ANNs
* [Fix] Use rspamd hashes in embedded ucl
* [Fix] Use sane default rewrite subject (*** SPAM *** %s)
* [Fix] Various collection mode fixes
* [Fix] Various fixes to mime parser
* [Fix] Various reload leak fixing
* [Fix] Whitelist certain extensions from archive checks
* [Rework] Add preliminary implementation of the mime parser
* [Rework] Adopt code for the new options
* [Rework] Change logger setup interface
* [Rework] Composite configuration (#1270)
* [Rework] Finally remove gmime dependency from Rspamd
* [Rework] Further fixes to symbols frequencies
* [Rework] Implement content type parser for mime
* [Rework] Kill all InternetAddressList usages
* [Rework] Multiple fixes for symbols cache statistics
* [Rework] Refactor struct names
* [Rework] Rework images fuzzy hashes algorithm
* [Rework] Rework lua_tcp to allow TCP dialog
* [Rework] Start massive rework to get rid of gmime
* [Rework] Start new approach for multiparts parsing
* [Rework] Start rework of mime addresses
* [Rework] Start rework of symbols cache updates
* [Rework] Start switching to libicu
* [Rework] Use a special structure for stats tokens
* [Rework] Use hash tables for symbols options
* [Rework] Use libicu instead of iconv for conversions
* [Rework] Use new scheme to parse mime parts
* [WebUI] Add Access-Control-Allow-Origin for cluster management
* [WebUI] Add Throughput graph autorefreshing (#820)
* [WebUI] Add Visibility.js library
* [WebUI] Add basic cluster support to Throughput tab
* [WebUI] Add graph legend entries for new DSes
* [WebUI] Add graph tab
* [WebUI] Add neighbours RRD data consolidation
* [WebUI] Add preliminary save symbols clustering
* [WebUI] Add server selector to navbar
* [WebUI] Add soft reject to auth stats
* [WebUI] Add summary to the Throughput tab
* [WebUI] Allow to save maps on the cluster
* [WebUI] Avoid extra graph redraw and alerts glitching
* [WebUI] Be more generous with AJAX timeout
* [WebUI] Disable error ring loading in `read only` mode
* [WebUI] Enclose table header cells with `tr`s
* [WebUI] Finish interface rework
* [WebUI] Fix RRD summary pie chart position
* [WebUI] Fix `All SERVERS` graph fot just one available server
* [WebUI] Fix case when no cluster is defined
* [WebUI] Fix compatibility with non-ES6 compliant browsers
* [WebUI] Fix config ID
* [WebUI] Fix configuration page partially
* [WebUI] Fix disabled state
* [WebUI] Fix graph dataset selector initialization
* [WebUI] Fix graph selectors state resetting
* [WebUI] Fix mouse events on throughput summary table area
* [WebUI] Fix multiple JS issues
* [WebUI] Fix pie chart displaying
* [WebUI] Fix read only
* [WebUI] Fix read only2
* [WebUI] Fix retarded datatables
* [WebUI] Fix soft reject in pie chart
* [WebUI] Fix stat widgets timers multiplication on `Refresh` click
* [WebUI] Fix symbols config
* [WebUI] Fix various errors with login form
* [WebUI] Further fixes
* [WebUI] Hide learning tab in read-only mode
* [WebUI] Initial clusters support
* [WebUI] Make legend entry colours more contrast
* [WebUI] Move configuration tab to a separate module
* [WebUI] Move history tab
* [WebUI] Move symbols config as well
* [WebUI] New sec to time function
* [WebUI] Prevent multiple clicks on `Refresh`
* [WebUI] RRD summary: Hide inner labels of tiny pie sectors
* [WebUI] RRD summary: Respect undefined values
* [WebUI] Reduce font size of graph's legend
* [WebUI] Remove orphaned font duplicates
* [WebUI] Remove unused code
* [WebUI] Replace spinner with animated glyphicon
* [WebUI] Reset refresh timer on server switching
* [WebUI] Rework interface to use requirejs
* [WebUI] Rework neighbours query function
* [WebUI] Separate attributes by space
* [WebUI] Set focus to password field (#1230)
* [WebUI] Simplify neighbours table populating
* [WebUI] Start rework of modules
* [WebUI] Stop stats refreshing if the page is hidden
* [WebUI] Turn d3pie's stuff into a reusable function,
* [WebUI] Unify send data functions
* [WebUI] Update D3Evolution to 0.0.1
* [WebUI] Update d3.js
* [WebUI] Update datatables to work with the requirejs
* [WebUI] Use unified tab click event handler,
* [WebUI] clusters for the chart
* [WebUI] fix uptime
Notmuch 0.24 (2017-03-12)
=========================
General
-------
Regular expression searches supported for `from:` and `subject:`.
This requires recent Xapian (1.4+) See notmuch-search-terms(7) for
details.
Command Line Interface
----------------------
Run external `notmuch-` prefixed commands as subcommands
You can now add your own `notmuch-` prefixed commands in PATH, and
have notmuch run them as if they were notmuch commands. See the
`notmuch(1)` man page for details
Emacs
-----
Postpone and resume messages in `notmuch-message-mode` (composition)
Notmuch now has built in support for postponing, saving and resuming
messages. The default bindings are C-x C-s to save a draft, C-c C-p
to postpone a draft (save and exit compose buffer), and "e" in show
or tree view to resume.
Draft messages are tagged with `notmuch-draft-tags` (draft by
default) so you may wish to add that to the excluded tags list. When
saving a previously saved draft message the earlier draft gets
tagged deleted.
Note that attachments added before postponing will be included as
they were when you postponed in the final message.
Address Completion
It is now possible to save the list of address completions for
notmuch's internal completion between runs of emacs. This makes the
first calls to address completion much better and faster. For
privacy reasons it is disabled by default, to enable set or
customize `notmuch-address-save-filename`.
Tag jump menu
It is now possible to configure tagging shortcuts (with an interface
like notmuch jump). For example (by default) k u will remove the
unread tag, and k s will add a tag "spam" and remove the inbox
tag. Pressing k twice will do the reverse operation so, for example,
k k s removes the spam tag and adds the inbox tag. See the customize
variable `notmuch-tagging-keys` for more information.
Refresh all buffers
It is now possible to refresh all notmuch buffers to reflect the
current state of the database with a single command, `M-=`.
Stop display of application/* parts
By default gnus displays all application/* parts such as
application/zip in the message buffer. This has several undesirable
effects for notmuch (security, triggering errors etc). Notmuch now
overrides this and does not display them by default. If you have
customized `mm-inline-override-types` then we assume you know what
you want and do not interfere; if you do want to stop the display of
application/* add application/* to your customization. If you want
to allow application/* then set `mm-inline-override-types` to
"non/existent".
Small change in the api for notmuch-search-tag
When `notmuch-search-tag` is called non-interactively and the region
is set, then it only tags the threads in the region. (Previously it
only tagged the current thread.)
Bugfix for sending messages with very long headers.
Previously emacs didn't fold very long headers when sending which
could cause the MTA to refuse to send the message. This makes sure
it does fold any long headers so the message is RFC compliant.
`notmuch emacs-mua` command installed with the Emacs interface
We've carried a `notmuch-emacs-mua` script in the source tree for
quite some time. It can be used to launch the Notmuch Emacs
interface from the command line in many different ways. Starting
with this release, it will be installed with the Emacs
interface. With the new external subcommand support, the script
transparently becomes a new notmuch command. See the
`notmuch-emacs-mua(1)` man page for details.
Notmuch Emacs desktop integration
The desktop integration file will now be installed with the Notmuch
Emacs interface, adding a Notmuch menu item and configuration to
allow the user to set up Notmuch Emacs as the `mailto:` URL handler.
Library changes
---------------
`notmuch_query_count_messages` is now non-destructive.
Internally the implementation of excludes has changed to make this
possible.
Improved handling of DatabaseModifiedError
Previously uncaught exceptions reading message metadata are now
handled.
This version finally fixes the old problem for primo-installation when the
sympa wizard would not start to generate the sympa.conf... because the
sympa.conf file was empty.
In addition, Soji fixed a timeout problem when Sympa closed a list, because
Sympa spent ages checking whether the list was included or not in another one.
He simply added a table registering the lists inclusions to speed up the
checking process. And because fixing the problem was not enough to him, he
also added a new page in the Sympa web interface to visualize lists inclusions.
In summary, what you have now is:
"including_lists" page to get lists including particular lists. This page
is accessible only by list owners and listmasters.
Now looping by include_list settings can be detected. Inclusion is skipped
if a setting will cause looping.
the new 'include_sympa_list' parameter obsoletes 'include_list' in list
config and named data sources. Older one may still be used as it is
mapped to newer one internally.
The subindex page did not allow to actually accept/reject subscriptions. This
was because of a badly named parameter being passed to the templates.
WWSympa does no longer respect HTTP request header fields noticing the request
was forwarded ("X-Forwarded-Host:" etc.). In particular cases, you may require
adjusting configuration.
Now wwsympa_url parameter defines the URL publicly accessed by users.
Contrarily "http_host" and "cookie_domain" parameters indicate the URI and/or
domain which are locally recognized by wwsympa, i.e taken form "http_host"
("Host:" field) and "request_uri" CGI environments.
"Location:" response field sent by wwsympa to cause redirection also gives
local URL.
If requests sent from users to wwsympa are rewritten by intermediate
server(s), you should make sure that wwsympa server and rewriting server(s)
are appropriately configured.
a new parameter, use_tls, appears to replace obsoleted "use_ssl" and
"use_start_tls" parameters; note that these obsoleted parameters can stil be
used. But the new one is way more convenient: "use_tls" takes one of following
values corresponding to old ones:
"starttls" : use_ssl=0, use_start_tls=1.
"ldaps" : use_ssl=1, use_start_tls=0.
"none" : TLS/SSL is disabled.
Now STARTTLS may be enabled in LDAP datasource configuration of lists
along with LDAPS.
The "Feedback" link will now be visible by listmasters only! We received
enough mails from end users mis-interpreting this link with their local
helpdesk. :-|
Now [% path_cgi %] template variable respects "wwsympa_url" configuration
parameter. Previously it was taken from CGI environment variable.
Soji also improved Sympa daemons to capture the SIGCHLD signal, so that
defunct children will be closed quicker.
As we tend to change the CSS regularly according to the different feedback you
send us, we added the Sympa version number in the CSS file URL, so that it will
be automatically reloaded, ignoring cache, when your users arrive on the web
interface after an upgrade.
Changing web_archive_spam_protection did not update spam protection mode on
past archives. Fixed by applying spam protection at the time of display, not
when archives were created / rebuilt.
base element in web output should be eliminated, because it will mess reverse
proxy and so on. Fixed by making partial URIs to be redirected to base URI.
WWSympa: Cannot view attachments in bounce messages and moderated messages.
Fixed by correcting inappropriate relative URL paths.
- LDA Sieve plugin: Fixed handling of an early explicit keep during
multiscript execution. Action side-effects and the message snapshot would be
lost at the final stage where the implicit keep is evaluated. This could
result in the IMAP flags assigned to the message to be forgotten or that
headers modified by the "editheader" extension would revert to their
original state.
- file script storage: Amended the up-to-date time stamp comparison for
on-disk binaries to include nanoseconds. This will fix problems occurring
when both binary and script are saved within the same second. This fix is
ineffective on older systems that have no support for nanoseconds in stat()
timestamps, which should be pretty rare nowadays.
- file script storage: Improve saving and listing permission error to include
more details.
- imapsieve plugin: Make sure "INBOX" is upper case in static mailbox rules.
Otherwise, the mailbox name would never match, since matching is performed
case-sensitively and Dovecot only returns the upper-cased "INBOX".
- imapsieve plugin: Fixed assert failure occurring when used with virtual
mailboxes.
- doveadm sieve plugin: Fixed crash when setting Sieve script via attribute's
string value.
* director: "doveadm director move" to same host now refreshes user's
timeout. This allows keeping user constantly in the same backend by
just periodically moving the user there.
* When new mailbox is created, use initially INBOX's
dovecot.index.cache caching decisions.
* Expunging mails writes GUID to dovecot.index.log now only if the
GUID is quickly available from index/cache.
* pop3c: Increase timeout for PASS command to 5 minutes.
* Mail access errors are no longer ignored when searching or sorting.
With IMAP the untagged SEARCH/SORT reply is still sent the same as
before, but NO reply is returned instead of OK.
+ Make dovecot.list.index's filename configurable. This is needed when
there are multiple namespaces pointing to the same mail root
(e.g. lazy_expunge namespace for mdbox).
+ Add size.virtual to dovecot.index when folder vsizes are accessed
(e.g. quota=count). This is mainly a workaround to avoid slow quota
recalculation performance when message sizes get lost from
dovecot.index.cache due to corruption or some other reason.
+ auth: Support OAUTHBEARER and XOAUTH2 mechanisms. Also support them
in lib-dsasl for client side.
+ auth: Support filtering by SASL mechanism: passdb { mechanisms }
+ Shrink the mail processes' memory usage by not storing settings
duplicated unnecessarily many times.
+ imap: Add imap_fetch_failure setting to control what happens when
FETCH fails for some mails (see example-config).
+ imap: Include info about last command in disconnection log line.
+ imap: Created new SEARCH=X-MIMEPART extension. It's currently not
advertised by default, since it's not fully implemented.
+ fts-solr: Add support for basic authentication.
+ Cassandra: Support automatically retrying failed queries if
execution_retry_interval and execution_retry_times are set.
+ doveadm: Added "mailbox path" command.
+ mail_log plugin: If plugin { mail_log_cached_only=yes }, log the
wanted fields only if it doesn't require opening the email.
+ mail_vsize_bg_after_count setting added (see example-config).
+ mail_sort_max_read_count setting added (see example-config).
+ pop3c: Added pop3c_features=no-pipelining setting to prevent using
PIPELINING extension even though it's advertised.
- Index files: day_first_uid wasn't updated correctly since v2.2.26.
This caused dovecot.index.cache to be non-optimal.
- imap: SEARCH/SORT may have assert-crashed in
client_check_command_hangs
- imap: FETCH X-MAILBOX may have assert-crashed in virtual mailboxes.
- imap: Running time in tagged command reply was often wrongly 0.
- search: Using NOT n:* or NOT UID n:* wasn't handled correctly
- director: doveadm director kick was broken
- director: Fix crash when using director_flush_socket
- director: Fix some bugs when moving users between backends
- imapc: Various error handling fixes and improvements
- master: doveadm process status output had a lot of duplicates.
- autoexpunge: If mailbox's rename timestamp is newer than mail's
save-timestamp, use it instead. This is useful when autoexpunging
e.g. Trash/* and an entire mailbox is deleted by renaming it under
Trash to prevent it from being autoexpunged too early.
- autoexpunge: Multiple processes may have been trying to expunge the
same mails simultaneously. This was problematic especially with
lazy_expunge plugin.
- auth: %{passdb:*} was empty in auth-worker processes
- auth-policy: hashed_password was always sent empty.
- dict-sql: Merge multiple UPDATEs to a single statement if possible.
- fts-solr: Escape {} chars when sending queries
- fts: fts_autoindex_exclude = \Special-use caused crashes
- doveadm-server: Fix leaks and other problems when process is reused
for multiple requests (service_count != 1)
- sdbox: Fix assert-crash on mailbox create race
- lda/lmtp: deliver_log_format values weren't entirely correct if Sieve
was used. especially %{storage_id} was broken.
- lmtp_user_concurrency_limit didn't work if userdb changed username
------------
1. Allow relative config file names for ".include"
2. A main-section config option "debug_store" to control the checks on
variable locations during store-reset. Normally false but can be enabled
when a memory corrution issue is suspected on a production system.
Release date: 2017-03-07 09:43 UTC
Changelog:
* Set minimum PHP version to 5.4.0
* Set minimum PEAR version to 1.10.1
* Request #21033: PHP warning depreciated
While arguably the real bug is that gmime's pkg-config file libs
includes gpgme's libs, this makes libraries visible to depending
builds that end up on link lines. Resolves build failure for
totem-pl-parser.
ok wiz@
CHANGELOG Roundcube Webmail
===========================
RELEASE 1.2.4
-------------
- Managesieve: Fix handling of scripts with nested rules (#5540)
- Managesieve: Fix parser issue with empty lines between comments (#5657)
- Managesieve: Fix possible defect in handling \r\n in scripts (#5685)
- Fix variable substitution in ldap host for some use-cases,
e.g. new_user_identity (#5544)
- Fix adding images to new identity signatures
- Fix rsync error handling in installto.sh script (#5562)
- Fix some advanced search issues with multiple addressbooks (#5572)
- Fix so group/addressbook selection is retained on page refresh
- Fix bug where image data URIs in css style were treated as evil/remote in
mail preview (#5580)
- Fix bug where external content in src attribute of input/video tags was not
secured (#5583)
- Fix PHP error on update of a contact with multiple email addresses when
using PHP 7.1 (#5587)
- Fix bug where mail content frame couldn't be reset in some corner cases
(#5608)
- Fix bug where some classic skin images were not displayed in IE/Edge (#5614)
- Fix bug where signature couldn't be added above the quote in Firefox 51
(#5628)
- Fix regression where groups with email address were resolved to its members'
addresses
- Fix update of group name in the contacts list header on group rename (#5648)
- Add rewrite rule to disable access to /vendor/bin folder in .htaccess (#5630)
- Fix bug where it was too easy accidentally move a folder when using the
subscription checkbox (#5655)
- Fix XSS issue in handling of a style tag inside of an svg element
This lets us defer USERGROUP_PHASE to "pre-install", and is a step
closer to having the qmail users and groups be created at pkg_add time
(as with binary packages of typical software needing users and groups).
Based on Paul Fox's getpwnam.patch for qmail 0.96.
2017-03-06 Richard Russon <rich@flatcap.org>
* Bug Fixes
- Get the correct buffer size under fmemopen/torify (#441)
- Use static inlines to make gcc 4.2.1 happy
- getdnsdomainname: cancel getaddrinfo_a if needed
- imap: remove useless code (#434) (origin/master)
- Fixes missing semi-colon compilation issue (#433)
* Docs
- github: added template for Pull Requests, issues and a CONTRIBUTION.md (#339)
- editorconfig: support for new files, fix whitespace (#439)
- add blocking fmemopen bug on debian to manual (#422)
* Upstream
- Increase ACCOUNT.pass field size. (closes#3921)
- SSL: Fix memory leak in subject alternative name code. (closes#3920)
- Prevent segv if open-appending to an mbox fails. (closes#3918)
- Clear out extraneous errors before SSL_connect() (see #3916)
2017-02-25 Richard Russon <rich@flatcap.org>
* Features
- Add option $show_multipart_alternative
- notmuch: Allow to use untransformed tag for color
- Use getaddrinfo_a if possible (#420)
* Bug Fixes
- handle sigint within socket operations (#411)
- Avoid browsing the remote spoolfile by setting MUTT_SELECT_MULTI attach
- notmuch: fix crash when completing tags (#395)
- Fixes missing failure return of notmuch msg open (#401)
- Fix latest Coverity issues (#387)
- Advance by the correct number of position even for unknown characters (#368)
- Release KyotoCabinet data with kcfree() (#384)
- 22 resource leaks
* Translations
- Update translations
- Update the german translation (#397)
* Docs
- fix typo in notmuch example
- remove duplicate "default" in the sidebar intro
- fix confusing description of notmuch operators (#371)
- correct spelling mistakes (#412)
* Website
- link to clang-format config in main repo (#28)
- updated list of useful programs
- update/improve list of useful programs
- sidebar_format has a single default value
- fix name of GNU Guix
- added guix distro
- added link to new afew maintainers
- add code of conduct
- add mutt-addressbook to useful
- remove unnecessary unicode non-breaking spaces
- github merging
* Build
- Enable and run unit-tests on the feature/unit-test branch
- add notmuch to default, feature
- new dbs for mutt
- master is now the main branch
- streamline builds
- fix doc generator
- add a few includes (prelude to clang-format)
- slcurses.h defines its own bool type
- travis: use container build
- add clang-format file
- Remove ugly macros and casts from crypt-gpgme.c
- fix minor reflow issues in some comments
- editorconfig: use spaces to indent in *.[ch] files
- added comment-blocks for clang-format to ignore
- fix 80 column limit, align statements
- Remove snprintf.c from EXTRA_DIST (#406)
- Kill homebrew (v)snprintf implementations, as they are C99 (#402)
- Display charset + small refactoring
- Do not cast or check returns from safe_calloc (#396)
- refactor: create a generic base64 encode/decode
- debug: remove dprint in favor of mutt_debug (#375)
- Fix dubious use macro for _() / gettext() (#376)
- Use mutt_buffer_init instead of memset
- Make the heap method and datatype a plain list
- Reverts making AliasFile into a list_t (#379)
- Turn mutt_new_* macros into inline functions
- Do not cast return values from malloc (et similia)
* Upstream
- Simplify mutt_label_complete().
- Permit tab completion of pattern expressions with ~y (labels).
- Fix the mutt_label_complete() pos parameter.
- Fix the x-label update code check location.
- Improve the label completion hash table usage.
- Adds label completion.
- Add hash_find_elem to get the hash element.
- Minor fixes to the x-label patch from David.
- Adds capability to edit x-labels inside mutt, and to sort by label.
- Allow "unsubjectrc *" to remove all patterns.
- Add subjectrx command to replace matching subjects with something else.
- Abstract the SPAM_LIST as a generic REPLACE_LIST
- Improve Reply-to vs From comparison when replying. (closes#3909)
- Fix sidebar references to the "new count" to be "unread". (closes#3908)
- Fix several alias hashtable issues.
- Add casecmp and strdup_key flags to hash_create()
- Improve error handling in mbox magic detection.
- Allow initial blank lines in local mailboxes.
- Fix minor documentation issues.
- Convert cmd_parse_search to use the uid hash. (closes#3905)
- Create a uid hash for imap. (see #3905)
- Convert HASH to be indexable by unsigned int. (see #3905)
- Fix imap server-side search to call uid2msgno() only once. (see #3905)
- Add a pattern_cache_t to speed up a few repeated matches.
- Canonicalize line endings for GPGME S/MIME encryption. (closes#3904)
- Fix build for bdb.
- Create function to free header cache data.
- Add Kyoto Cabinet support to the header cache.
- Prevent null pointer exception for h->ai_canonname
- Show SHA1 fp in interactive cert check menu.
- Fix potential cert memory leak in check_certificate_by_digest().
- Plug memory leak in weed-expired-certs code.
- Filter expired local certs for OpenSSL verification.
- Change "allow_dups" into a flag at hash creation.
Notmuch 0.23.7 (2017-02-28)
===========================
Test Suite
----------
Drop use of gpgconf --create-socketdir. Move $GNUPGHOME to /tmp.
It turns out the hardcoded use of /run/user in gpg doesn't work out
that well in some environments. The more low tech fix is to move all
of $GNUPGHOME to somewhere where we can control the length of the
paths.
Notmuch 0.23.6 (2017-02-27)
===========================
Command Line Interface
----------------------
Fix read-after-free bug in `notmuch new`.
Test Suite
----------
Use gpgconf --create-socketdir if available.
GnuPG has a facility to use sockets in /run or /var/run to avoid
problems with long socket paths, but this is not enabled by default
for GNUPGHOME other than $HOME/.gnupg. Enable it, if possible.
Postfix stable release 3.1.4 is available, as well as legacy releases
3.0.8 and 2.11.9. There will be no further updates for Postfix 2.10.
Fixed with Postfix 3.1.4, 3.0.8, and 2.11.9:
* The postscreen daemon did not merge the client test status
information for concurrent sessions from the same IP address.
Thus, after one session recorded its successful tests in the
postscreen cache, a concurrent session from that same IP address
that passed fewer tests could later "wipe out" some of that
progress in the postscreen cache. The fix has proven itself for
five months in the development release, and should be safe to
use in the stable releases.
* The Postfix SMTP server falsely rejected a sender address when
validating a sender address with "smtpd_reject_unlisted_recipient
= yes" or with "reject_unlisted_sender". Cause: the address
validation code did not query sender_canonical_maps.
* The virtual delivery agent did not detect failure to skip to
the end of a mailbox file, so that mail would be delivered to
the beginning of the file. This could happen when a mailbox
file was already larger than the virtual mailbox size limit.
* The postsuper command logged an incorrect rename operation count
after creating a missing directory.
Fixed with Postfix 3.1.4 and 3.0.8:
* The Postfix SMTP server falsely rejected mail when a sender-dependent
"error" transport was configured. Cause: the SMTP server address
validation code was not updated when the
sender_dependent_default_transport_maps feature was introduced.
The fix has proven itself for six months in the development
release, and should be safe to use in the stable releases.
Unfortunately, Postfix 2.11 is too different to benefit from
the same fix.
* The Postfix SMTP server falsely rejected an SMTPUTF8 sender
address, when "smtpd_delay_reject = no".
Fixed with Postfix 3.1.4:
* The "postfix tls deploy-server-cert" command used the wrong
certificate and key file. This was caused by a cut-and-paste
error in the postfix-tls-script file.
----------------------------------
6th November 2016 Claws Mail 3.14.1
New in this release:
~~~~~~~~~~~~~~~~~~~~
* 'hide_timezone', a new hidden preference that sets the timezone of
date fields sent over the network to the unknown timezone value as
specified in RFC 5322 §3.3. Default value is false (i.e., send
available timezone information).
* 'rewrite_first_from', a new hidden preference which works around a
limitation of some servers with 'overly-liberal parsers'. When this
is turned on and the Content-Transfer-Encoding is set to 8bit or
7bit, in a message body starting with 'From ' the 'From ' will
become '=46rom ' (i,e, encoded form of 'F') and the Content-
Transfer-Encoding will be changed to Quoted-Printable. When it is
turned off no such modification will be made but it is very likely
that an MTA will convert the 'From ' to '>From '. See RFC 4155 for
further details. Default value is '1', turned on.
* Templates: it is now possible to attach a file, using
'|attach_output{sub_expr}' or '|A{sub_expr}', 'sub_expr' is
evaluated as a command-line to get the filename name from, using an
absolute /path/to/filename.
* IMAP mailboxes which show subscribed folders only are now indicated
by a green folder icon.
* The Icon Legend has had the missing folder icons added and also has
an improved layout.
* Drafted messages: Do not add Message-ID for draft, unless the
message already has one. A Message-ID header is now only added when
queuing a message, and any existing Message-ID and References
headers in drafts, if there are any, are kept.
* Disable hiding threads and messages in draft folders.
* The /View/Go to/... actions now respect the 'Open message when
selected' option.
* In the UI 'POP' is used instead of 'POP3', 'IMAP' instead of
'IMAP4', 'SSL/TLS' instead of 'SSL'.
* GnuTLS: Enforce "strong enough" Diffie-Hellman prime even when
using older versions of GnuTLS library.
Since GnuTLS 3.1.7, this minimum size is dictated by the priority
string, and currently (GnuTLS 3.3.0) the "safe-enough" value is
1008 bits. We set this minimum size explicitly for older GnuTLS
versions.
Users who are affected by this (their servers use DH prime smaller
than 1008 bits) can override this by using a priority string
starting with the keyword "LEGACY". However, this keyword only
works with GnuTLS 3.3.0 or newer.
* RSSyl plugin: Enable keeping old items by default.
* vCalendar plugin: The ics file name is now used for the WebCal
subscription folder name.
* vCalendar plugin: Use hours/minutes for vcalendar alert time.
* Notification plugin: Add support for unity/messaging menu.
* PDF Viewer plugin: The icons are now themeable.
* Updated manual in English and Spanish.
* Updated translations: Brazilian Portuguese, Catalan, Czech, Danish,
Dutch, Finnish, French, Hebrew, Indonesian, Italian, Norwegian
Bokmål, Russian, Slovak, Spanish, Swedish, Traditional Chinese,
and Turkish.
* Bug fixes:
o bug 2918, 'Notification Popup icon is hardcoded'
o bug 3207, 'Claws segfaults when closing LDAP-enabled
address book'
o bug 3515, 'Ctrl-Shift-X opens multiple external editors'
o bug 3638, 'GData Plugin fails after initial Google
handshake'
o bug 3665, 'Fix config script for macOS'
o bug 3666, 'Typos in Turkish translation'
o bug 3667, 'segfault in imap_session_authenticate'
o bug 3675, 'RSSyl crash when opening Atom feed'
o bug 3676, 'RSSyl crash when opening Atom feed with XML
depth >= 3'
o bug 3678, 'Segfault when trying to add new account'
o bug 3684, 'Socket error with POP3 using TLS client
certificate'
o bug 3697, 'Export to mbox' causes crash'
o bug 3705, 'active account Mail Address corrupted when
address in Message-ID is used'
o bug 3711, 'Usage of (s)'
o bug 3712, 'Name of the example domain in the translation'
o fix non-resizeable Icon Legend dialogue
o Fix a potential bug in vcalendar's libical
o Fix potential crash in vcalendar's icalcomponent_vanew() on
64-bit archs.
o Fix regression: show simple text/calendar with plugin.
o Fix crash in vcalendar passwords handling on prefs save.
o Few miscellaneous fixes for RSSyl.
o several memory leaks.
o Don't check for encrypt() on FreeBSD.
o Add OpenBSD CA cert path.
o Do not process folder marks when just refreshing
summaryview
For further details of the numbered bugs and RFEs listed above
see http://claws-mail.org/bug/[BUG NUMBER]
---------------------------------------------------------------------
See ChangeLog for full information regarding changes in this release.
Mark as not supportin python-2.x per the 2.0.0 release notes (see below).
--- 2.0.1 (2016-12-08)
* Man page formatting and spelling corrections
* Corrected default debug level (LP: #1647089)
* Amplified loging level '-1' description
* Forward port version 1.3.2 fixes for detection of missing Authserv_Id that
were inadvertently not brought back to trunk
--- 2.0.0 (2016-12-02)
! No longer python2 compatible, minimum python3 version is 3.3 for ipaddress
! Removed support for use of ipaddr
! Changed default for HELO checking from SPF_Not_Pass to Fail (same as
MailFrom) even though I think Not Pass makes more sense in order to
still the complaints (Fedora, you can drop your sed call in the spec file
now). (LP: #1571144)
! Changed default for Authserv-ID to use local hostname to provide a
reasonable default Authserv-ID. (LP: #1575608)
! Increased minimum pyspf (python-spf) version to 2.0.9 so that Void_Limit
is always available and used.
! Added new Hide_Receiver option to prevent accidental disclosure of BCC
receivers and enabled it by default to maximize privacy. (LP: #1394294)
! Changed the name of the defaultSeedOnly option to TestOnly. The previous
name is still accepted, but an error is logged. The old name is a legacy
from the greylising functionaliy in tumgreyspf (from which this was forked
in 2007). The new name better reflects what the option does.
+ Added new Reason_Message option to allow for custom reject/defer message
(LP: #1422324) - Thanks to Bastian Blank for the significant patch
+ Added support for RFC 7372 email authentication specific enhanced status
codes as well as an option to use standard Postfix codes instead
+ Added new HELO_Whitelist option to allow for whitelisting from SPF checks
based on specific HELO/EHLO names (LP: #1602761)
+ Added new Whitelist_Lookup_Time to allow for adjustments on the maximum
time allowed for whitelist related DNS lookups to complete - This should
also help with LP: #1622137
+ Refactored and extended per user configuration to work for more
configuration options
+ Added new 'None' option for Header_Type. When set, no header field of any
kind is added to the message (LP: #1531724)
+ Added new Mock option for enhanced interoperability with downstream
milters - See policyd-spf.conf.5 for details
* Fix additional cases of choking on invalid email addresses (LP: #1342105)
* Reviewed and refactored logging to provide logging details at various
detail levels more consistent with the documentation. Also added a new
log level, '-1' for completely silent running.
* Added a new PERFORMANCE CONSIDERATIONS section to policyd-spf.1.
* Fix python3 incompatibility in cases where HELO name is somehow missing
(LP: #1184102)
* Improved per-user settings processing to avoid issues with multiple or
incorrect header fields being appended to multi-recipient messages
* Refactored processing for the No_Mail option to use the pyspf cache from
the previous SPF query rather than a new DNS lookup - should help with
LP: #1622137
* Fixed an issue that may have caused issues with multi-recipient use of
restriction classes
* Fixed a typo in policyd-spf-peruser.5 that made the example configuration
file invalid
------------------------------
Cyrus IMAP 2.4.18 Release Notes
- Security fix: handle urlfetch range starting outside message range
- A bunch of cleanups and fixes to compiling
- A bunch of sieve cleanups
- Enhanced SSL/TLS configuration options
- Disable use of SSLv2/SSLv3
- Allow SQL backend for mboxlist and statuscache (thanks Julien Coloos)
- Fixed Task #116: correct LIST response for domains starting with ¡Æinbox.¡Ç
- Fixed Task #76: fixed lmtpd userdeny db checks (thanks Leena Heino)
- Fixed bug #3856: lmtpd now performs userdeny checks
- Fixed bug #3848: support charset aliases in encoded headers
- Fixed bug #3853: disconnect_on_vanished_mailbox: release mailbox lock
before exiting (thanks Wolfgang Breyha)
- Fixed bug #3415: fixed nntpd LIST/GROUP bug
- Fixed bug #3784: no longer crash in THREAD REFERENCES when messages
reference themselves
- Fixed bug #3757: don¡Çt segfault on mailbox close with no user
New ssl/tls configuration options
tls_compression: 0
Enable TLS compression. Disabled by default.
tls_eccurve: prime256v1
Select the elliptic curve used for ECDHE.
tls_prefer_server_ciphers: 0
Prefer the cipher order configured on the server-side.
tls_versions: tls1_0 tls1_1 tls1_2
Disable SSL/TLS protocols not in this list.
---------------------------------------
IMAPFilter 2.6.10 - 16 Dec 2016
- Bug fix; segmentation fault on some OpenSSL builds.
IMAPFilter 2.6.9 - 6 Dec 2016
- Bug fix; possible problem during STARTTLS negotiation.
IMAPFilter 2.6.8 - 26 Nov 2016
- Support building with OpenSSL 1.1.0.
IMAPFilter 2.6.7 - 7 Jun 2016
- A dry-run mode that disables all actions that modify data.
- Bug fix; handle IDLE untagged responses that are received in pieces.
IMAPFilter 2.6.6 - 23 Jan 2016
- Bug fix; print an error message if "ssl" has been set to "ssl3".
IMAPFilter 2.6.5 - 18 Jan 2016
- Possible to build again with OpenSSL when support for SSL 3.0 is disabled.
IMAPFilter 2.6.4 - 8 Dec 2015
- Support for OAuth 2.0 and the XOAUTH2 authentication mechanism.
IMAPFilter 2.6.3 - 30 Sep 2015
- Support for loading a default CA certificates file.
- A new has_unkeyword() method to search messages without a keyword flag set.
- Bug fix; double quotation around keyword sent by the has_flag() method.
----------------------------
2017-01-21 Jeffrey Stedfast <fejj@gnome.org>
* README: Bumped version
* configure.ac: Bumped version to 2.6.23
2017-01-17 Jeffrey Stedfast <fejj@gnome.org>
* gmime/gmime-crypto-context.c (g_mime_decryption_*): Fixed naming.
2016-12-17 Jeffrey Stedfast <fejj@gnome.org>
* README: Bumped version
* configure.ac: Bumped version to 2.6.22
2016-12-12 Jeffrey Stedfast <fejj@gnome.org>
* mono/gmime-api.raw: Updated Mono bindings.
2016-12-11 Jeffrey Stedfast <fejj@gnome.org>
* README: Bumped version
* configure.ac: Bumped version to 2.6.21
2016-12-10 Jeffrey Stedfast <fejj@gnome.org>
* gmime/gmime-gpg-context.c (gpg_ctx_get_argv): Don't pass --yes, ever.
2016-12-10 Jeffrey Stedfast <fejj@gnome.org>
* gmime/gmime-gpg-context.c (gpg_ctx_get_argv): Add back --batch
and --yes to fix the unit tests for GnuPG 1.4.x.
(gpg_ctx_get_argv): Now also takes a path argument to gpg to use
as the first argument instead of hard-coding "gpg".
(g_mime_gpg_context_new): Updated to query the GnuPG version in
case we need that information (turns out we don't at the moment).
2016-12-09 Jeffrey Stedfast <fejj@gnome.org>
* gmime/gmime-crypto-context.c (g_mime_crypto_context_set_retrieve_session_key):
Moved here from GMimeGpgContext.
(g_mime_crypto_context_get_retrieve_session_key): Same.
Thanks to Daniel Kahn Gillmor for this patch.
2016-12-05 Jeffrey Stedfast <fejj@gnome.org>
* gmime/gmime-multipart-encrypted.c
(g_mime_multipart_encrypted_decrypt_session): New function to
decrypt a multipart/encrypted using a session_key.
* gmime/gmime-crypto-context.c (g_mime_crypto_context_decrypt_session): New
function to decrypt a MIME part using a session_key.
* gmime/gmime-gpg-context.c (gpg_ctx_get_argv): Added support for
--override-session-key-id for the new decrypt_session() method.
(gpg_ctx_op_start): Updated to create the secret_fd when passing a session_key
as well.
(gpg_ctx_write_session_key): New function to write the session_key to gpg.
(gpg_decrypt_session): New function to decrypt a MIME part using a session_key.
Thanks to Daniel Kahn Gillmor for this patch.
2016-12-05 Jeffrey Stedfast <fejj@gnome.org>
* gmime/gmime-gpg-context.c (gpg_ctx_parse_status): Advance over the SESSION_KEY
identifier before calling next_token() so that next_token() actually gets the
sesstion key token that we want. Also fixed to free any existing session_key
if gpg somehow sends us multiple SESSION_KEY responses.
Thanks to Daniel Kahn Gillmor for this patch.
2016-12-03 Jeffrey Stedfast <fejj@gnome.org>
* gmime/gmime-gpg-context.c (next_token): Now takes a 'secret' argument to
determine if it will overwrite the token within the buffer with '*' to
prevent leaking of the secret token.
(gpg_ctx_parse_status): Pass TRUE to next_token() when reading the
SESSION_KEY token.
2016-12-02 Jeffrey Stedfast <fejj@gnome.org>
* gmime/gmime-gpg-context.c (gpg_ctx_free): Free the session_key.
(gpg_ctx_get_argv): Pass --show-session-key to gpg if requested.
(gpg_ctx_parse_status): Decode the session-key sent by gpg.
(gpg_decrypt): Set the session_key on the decrypt result.
(g_mime_gpg_context_get_retrieve_session_key): Added.
(g_mime_gpg_context_set_retrieve_session_key): Added.
* gmime/gmime-crypto-context.c (g_mime_decrypt_result_set_session_key): Added.
(g_mime_decryption_result_get_session_key): Added.
Thanks to Daniel Kahn Gillmor for this patch.
2016-12-02 Jeffrey Stedfast <fejj@gnome.org>
* gmime/gmime-gpg-context.c (g_mime_gpg_context_new): Allow NULL for the gpg path
in order to use the default gpg path (i.e. "gpg").
* tests/test-pgp*.c: Updated unit tests to pass NULL for the gpg path so that
running the unit tests don't depend on a specific location of gpg.
Thanks to Daniel Kahn Gillmor for this patch.
2016-08-30 Jeffrey Stedfast <fejj@gnome.org>
* gmime/gmime-multipart.c (read_random_pool): Only initialized srand() once.
2016-07-19 Jeffrey Stedfast <jeff@xamarin.com>
* gmime/gmime-gpg-context.c (gpg_ctx_get_argv): Always use --batch mode and
don't pass --yes.
2016-07-14 Jeffrey Stedfast <fejj@gnome.org>
* gmime/gmime-parser.c (parser_construct_part): When parsing individual
mime parts, do not treat them as top-level mime parts of a message.
When decrypting mime parts, for example, we need all headers of the
decrypted mime part to be included in the GMimeObject returned,
otherwise we end up losing data.
2016-03-03 Jeffrey Stedfast <fejj@gnome.org>
* gmime/gmime-utils.c (header_fold_tokens): Fixed folding logic to add a
space between two consecutive encoded-word tokens when they will fit on
a single line. Thanks to Jaroslav Gratz for discovering this bug.
Fixes bug #761263
2016-03-03 Jeffrey Stedfast <fejj@gnome.org>
* gmime/gmime-multipart-signed.c (g_mime_multipart_signed_verify): Fixed
a memory leak when verifying S/MIME signatures. Thanks to Minaev Mike for
discovering this bug.
Fixes bug #760681
2016-01-13 Jeffrey STedfast <fejj@gnome.org>
* gmime/gmime-pkcs7-context.c (key_list_free): Fixed the logic for freeing
a list of keys. Thanks to foudfou for this patch.
Fixes bug #760573
2015-10-08 Jeffrey Stedfast <fejj@gnome.org>
* gmime/internet-address.c (decode_route): Make sure to free the route
in error cases to avoid a memory leak.
Fixes bug #756270
2015-04-11 Jeffrey Stedfast <fejj@gnome.org>
* util/url-scanner.c (url_scanner_table_init): Treat all character
values >= 128 as url-safe. Fixes bug #738583.
2014-07-18 Jeffrey Stedfast <fejj@gnome.org>
* gmime/gmime-header.c (g_mime_header_list_register_writer):
g_hash_table_remove() will g_free() the key for us, so don't do it
ourselves (will result in a double-free).
2014-07-17 Jeffrey Stedfast <fejj@gnome.org>
* gmime/gmime-table-private.h: Increased GMIME_FOLD_LEN to 78.
2014-05-24 Jeffrey Stedfast <fejj@gnome.org>
* gmime/gmime-part.c (g_mime_part_is_attachment): New function to
determine if a MIME part is an attachment or not.
* gmime/gmime-disposition.c (g_mime_content_disposition_is_attachment):
New function to determine if the Content-Disposition value matches
"attachment".
----------------------
153 (2016/10/10)
* Fix redeclaring my in my for Perl 5.24
* Update config.guess and config.sub with autotools-dev 20160430.1
* Support SMTP Authentication (experimental)
- To specify a submission server, add "/587" to Smtpservers
- To use AUTH LOGIN, set SmtpAccount=/PLAIN:user@host (PLAIN only)
- With a bug fix for "SIZE="
Murata Takashi <tmurata>
* Update gitlog2imchanges to fix version tags
1.8.0 (2017-02-24):
- $locale has been removed. Mutt now respects the LC_TIME setting
instead. See also $attribution_locale.
+ $attribution_locale can be used to override the date formatting in
attribution strings. When unset, Mutt will use the locale
environment, but note the default value of $date_format has a
leading '!' which says to use the C-locale.
! Message-id and mail-followup-to headers are now preserved for recalled
messages.
+ <unsidebar_whitelist> added to complement <sidebar_whitelist>.
! The pager position is reset to the top when toggling header-weed.
! IMAP messages moved to $trash via server-side copy are marked as read.
+ <root-message> jumps to the root message of a thread.
! Piped text attachments are charset converted.
+ Added %F to $attach_format, to show the content-disposition filename.
%d will fall back to %F which will fall back to %f.
+ <rename-attachment> allows an attachment name to be changed, without
modifying the underlying file's name.
! Mutt will look for the user's muttrc additionally in
$XDG_CONFIG_HOME/mutt/.
+ Compressed mbox and mmdf files are now supported via open-hook,
close-hook, and append-hook. See contrib/sample.muttrc-compress
for suggested settings. Note this is a compile-time option:
--enable-compressed.
+ When $flag_safe is set, flagged messages cannot be deleted.
+ The '@' pattern modifier can be used to limit matches to known aliases.
+ <mark-message> creates a hotkey binding to a specific message. The hotkey
prefix is specified via $mark_macro_prefix.
+ <setenv> and <unsetenv> can be used to add/remove environment variables
passed to children.
! Mutt will now use the built-in OpenSSL SSL_set_verify() callback
to verify certificates. This allows better support for verifying
chains, including alternative chain support.
+ $uncollapse_new controls whether a thread will be uncollapsed when a new
message arrives.
! $to_chars and $status_chars now accept multibyte characters.
+ <subjectrx> allows replacing matching subjects with something else.
This can be used to declutter subject lines in the index.
+ <edit-label> can be used to add, change, or delete a message's X-Label.
! Pattern expressions with ~y support label tab completion.
+ The header cache now also supports Kyoto Cabinet and LMDB as
backend databases.
[not yet supported in pkgsrc]
1.4.4:
* [CritFix] Fix bad memory leak in TLS certificates validation
* [Fix] Fix memory leak in HTTP maps
* [Fix] Replies module: fix symbol weight
* [Minor] Add missing macro
* [Minor] Do not treat IDN urls as bad URLs
* [Minor] Fix build with gcc 4.2
* [Minor] Fix cast
* [Minor] One more definition missed on Linux
1.4.3:
* [CritFix] Backport PTR_ARRAY_FOREACH fix
* [CritFix] Fix descriptors leak on reload
* [Feature] Add `caseless_hash` method to `lua_util`
* [Feature] Use t1ha for hashes, allow inlining
* [Feature] Use t1ha instead of metrohash and xxhash32
* [Fix] Another try to fix descriptors leak
* [Fix] Another try to fix reload and logger
* [Fix] Avoid extensive reallocs
* [Fix] Avoid race condition on saving cache and reload
* [Fix] Backport redis pool fixes from master
* [Fix] Break pool connection on fatal redis errors
* [Fix] Fix argument returned on redis backend errors
* [Fix] Fix errors handling in fuzzy backend initialization
* [Fix] Fix race condition in SIGUSR2 handler
* [Fix] Fix reload and hyperscan ready event
* [Fix] More fixes to logger initialization
* [Fix] Plug memory leak in learning fuzzy storage
1.4.2:
* [CritFix] Deal with absent headers in DKIM
* [CritFix] Do not trust remote shingles count
* [CritFix] Fix headers selection in DKIM verification
* [Feature] Add EXT_CSS rule
* [Feature] Add toggle for disabling SURBLs
* [Feature] Extend redis lock when learning spawned
* [Feature] Parse <link> HTML tags
* [Fix] Avoid reusing g_error (Fixes#1262)
* [Fix] Do not reset loaded ANN when learning is requested
* [Fix] Fix another issue with external deps in SA
* [Fix] Fix body trie matching
* [Fix] Fix checking of DKIM bodies that needs just `\n` to be added
* [Fix] Fix fuzzy hashes count
* [Fix] Fix keys names
* [Fix] Fix length calculations for url encoded urls
* [Fix] Fix matching of the same patterns from different tries
* [Fix] Fix name of var
* [Fix] Fix parsing of URLs with spaces and other bad chars
* [Fix] Fix probability calculations for fuzzy redis backend
* [Fix] Fix signing headers creation in DKIM
* [Fix] Plug memory leak
* [Fix] Really fix chained SA dependencies
* [Fix] Really increase lock lifetime
* [Fix] Use checksum to avoid intersection between different ANNs
* [Fix] Use rspamd hashes in embedded ucl
* [Fix] Yet another change for testing external deps
1.4.1:
* [Feature] ASN support in Clickhouse module
* [Feature] Add clickhouse plugin
* [Feature] Add generic tool to add universal maps for lua modules
* [Feature] Add logger.debugm to debug lua modules
* [Feature] Allow to register metrics symbols using register_symbol
* [Feature] Allow to specify prefix for fann_redis
* [Feature] Clickhouse: support different masks for IPv4/IPv6
* [Feature] Support forcing action in antivirus plugin
* [Fix] Add handling of regexp maps
* [Fix] Allow backslashes in http urls
* [Fix] Avoid mapping of empty files
* [Fix] Do not load tld file to speed up rspamadm
* [Fix] Do not resolve numeric IP addresses due to ipv6 insanity
* [Fix] Filter incorrect training data
* [Fix] Fix Fuzzyconvert tool when password or DB is given
* [Fix] Fix build with custom glib/gmime
* [Fix] Fix converting of learn count from sqlite to redis
* [Fix] Fix crashes with invalid received and task:set_from_ip
* [Fix] Fix external dependencies for SA module
* [Fix] Fix fann_redis when number of scores has been changed
* [Fix] Fix hyperscan usage for non compatible platforms
* [Fix] Fix loading of maps from UCL objects
* [Fix] Fix memory leak for task-less redis requests
* [Fix] Fix mid module with new maps syntax
* [Fix] Fix parsing of URLs with username
* [Fix] Fix re cache initialisation
* [Fix] Fix replacements to sanitize '%' character
* [Fix] Fix set and regexp like static maps
* [Fix] Fix some issues in redis settings
* [Fix] Fix static IP maps
* [Fix] Fix total learns counter for redis stats
* [Fix] Fix usage of config during reload
* [Fix] Fix various warnings and issues
* [Fix] Invalidate ANN if training data is incorrect
* [Fix] Miltiple fixes to fann_redis module
* [Fix] More fixes for URLs with backslashes
* [Fix] Properly get options for ip_score module
* [Fix] Relax requirements for Received as gmail cannot RFC
* [Fix] Remove or fix hyperscan incompatible regexps
* [Fix] Settings: correctly read redis config
* [Rework] Rework lua logger interface slightly
* [Rework] Use new maps add function
1.4.0:
* [CritFix] Add guards for inactive redis connections
* [CritFix] Another fix for proxying files using rspamd_proxy
* [CritFix] Cleanup inactive redis connections
* [CritFix] Do not sometimes try to exec posfilters before classification
* [CritFix] Fix application of IPv6 mask
* [CritFix] Fix chunked encoding when reading messages
* [CritFix] Fix file mode for rspamd_proxy
* [CritFix] Fix hyperscan compilation on regexp change
* [CritFix] Fix issue with finding of end of lines pointers
* [CritFix] Fix iteration over headers array (introduced in 1.4)
* [CritFix] Fix processing of learned tokens count for redis backend
* [CritFix] Fix race condition in checking of cached maps
* [CritFix] Fix workers scripts by sharing workers configs
* [CritFix] Introduce raw content to text parts
* [CritFix] Plug memory leak and potential memory corruption
* [Feature] Adaptive ratelimits
* [Feature] Add ASN -> rbldnsd script for asn.rspamd.com
* [Feature] Add DMARC_NA symbol
* [Feature] Add F-Prot support to antivirus module
* [Feature] Add HTTP backend to metadata exporter
* [Feature] Add Lua API module for monitored objects
* [Feature] Add R_DKIM_NA / R_SPF_NA / AUTH_NA symbols
* [Feature] Add R_DKIM_PERMFAIL symbol
* [Feature] Add R_SPF_PERMFAIL symbol
* [Feature] Add Sophos antivirus support
* [Feature] Add ZSTD compression to Lua API
* [Feature] Add `mid` Lua module
* [Feature] Add `one_param` flag for metric symbols
* [Feature] Add a generic lua classifier
* [Feature] Add a very basic interface to access workers data from on_load
* [Feature] Add ability to delete a hash by its data to fuzzy_check plugin
* [Feature] Add ability to enable/disable symbols via dynamic_conf
* [Feature] Add ability to lookup settings by key
* [Feature] Add common way to disable Lua modules
* [Feature] Add compression support to rspamd client
* [Feature] Add condition to do antiviral check
* [Feature] Add configuration for lua classifiers
* [Feature] Add configuration knobs for the errors circular buffer
* [Feature] Add decompression support in rspamd client
* [Feature] Add errors exporter to the controller
* [Feature] Add expected value for monitored DNS resources
* [Feature] Add exporter from error ringbuf to ucl
* [Feature] Add extended version for fann creation function
* [Feature] Add ffi friendly version of process_regexp function
* [Feature] Add frequency and time display to webui
* [Feature] Add fuzzy_delhash command to rspamc client
* [Feature] Add implementation of redis connections pool
* [Feature] Add latency and offline time monitoring
* [Feature] Add learning support for lua classifiers
* [Feature] Add max-size and timeout options to CGP helper
* [Feature] Add method to enable/disable symbols in config
* [Feature] Add methods to get metric's actions and symbols from Lua
* [Feature] Add mmap support to lua_text
* [Feature] Add monitored object for surbl plugin
* [Feature] Add more exceptions to surbl whitelist
* [Feature] Add more meta-tokens to bayes
* [Feature] Add neural net classifier to fann_scores module
* [Feature] Add neural net serialization/deserialization
* [Feature] Add new dynamic conf module
* [Feature] Add periodic events support for lua_config
* [Feature] Add plugin to check MX'es for the sender's domain
* [Feature] Add preliminary monitored module
* [Feature] Add preliminary support of dynamic conf updates in Redis
* [Feature] Add preliminary version of clamav plugin
* [Feature] Add redis cache to asn module
* [Feature] Add replies compression
* [Feature] Add spamhaus DROP dnsbl
* [Feature] Add support for dictionary in client compression
* [Feature] Add support for fuzzy learn and unlearn from lua
* [Feature] Add support for input encryption
* [Feature] Add support of min_learns to neural net classifier
* [Feature] Add termination callbacks for workers
* [Feature] Add user-agent for rspamc
* [Feature] Add utility to perform classifier tests
* [Feature] Add zstd compression library
* [Feature] Allow HTTPS requests in lua_http
* [Feature] Allow conditions for pre and postfilters
* [Feature] Allow custom functions for ratelimits
* [Feature] Allow for excluding messages from AV scanning based on size
* [Feature] Allow for getting worker stats from Lua
* [Feature] Allow getting task UID from Lua
* [Feature] Allow parsing of mailbox messages from the commandline
* [Feature] Allow plugins to publish their lua API via rspamd_plugins
* [Feature] Allow to compare other systems with Rspamd
* [Feature] Allow to execute Lua scripts by controller
* [Feature] Allow to have a function to set custom greylist message
* [Feature] Allow to iterate over multiple tags
* [Feature] Allow to pass extra data from plugins to log helper
* [Feature] Allow to plan new periodics at different time
* [Feature] Allow to reset hashes
* [Feature] Allow to run rspamadm lua just as a lua interpreter
* [Feature] Allow to store settings in redis
* [Feature] Allow to update dynamic conf in Redis
* [Feature] Allow to use dictionaries for compression
* [Feature] Allow to use md5, sha1, sha256, sha384 and sha512 hashes in Lua
* [Feature] Allow whitelisting by IP for greylisting plugin
* [Feature] Antivirus: Support whitelists & pattern-matching sig names
* [Feature] Backport pack/unpack routines from Lua 5.3
* [Feature] Check settings with equal priopities in alphabetical order
* [Feature] Compress neural net in redis
* [Feature] Consider more tags when doing WHITE_ON_WHITE rule
* [Feature] Descriptive options for DMARC failure symbols
* [Feature] Descriptive options for RBL symbols
* [Feature] Enable configuration for monitored objects
* [Feature] Execute on_load scripts with ev_base ready
* [Feature] Fann scores now uses metadata from a message
* [Feature] Implement FANN threaded learning
* [Feature] Implement classifying for lua classifiers
* [Feature] Implement finish scripts for worker processes
* [Feature] Implement monitoring for DNS resources
* [Feature] Implement real priorities for pre and post filters
* [Feature] Insert two symbols: FANN_HAM and FANN_SPAM instead of one
* [Feature] Module to push metadata/messages to redis pubsub
* [Feature] Monitor RBL records
* [Feature] Move fann_classifier to a separate plugin
* [Feature] Normalize all ANN inputs
* [Feature] Preliminary version of metric exporter module
* [Feature] Preserve decompression context between tasks
* [Feature] Ratelimit: Support dynamic bucket size/leak rate
* [Feature] Relax FORGED_RECIPIENTS: allow senders to BCC themselves
* [Feature] Remove symbols weights on composites processing
* [Feature] Return symbol scores when getting resulting symbols
* [Feature] Rework lua tcp module
* [Feature] Rule to detect some obvious X-PHP-Originating-Script forgeries
* [Feature] Rule to identify some X-PHP-Script forgeries
* [Feature] Rules for scoring Google Message-ID fixes
* [Feature] Send hashes values to reply
* [Feature] Set expire for dmarc reports
* [Feature] Stop using cymru zone as it is unstable
* [Feature] Stop using of GLists for headers, improve performance
* [Feature] Store `for` in task:get_received_headers
* [Feature] Store `for` part in received headers
* [Feature] Store enabled flag for webui session
* [Feature] Store error messages in ring buffer
* [Feature] Support compressed maps
* [Feature] Support excluding selected users from ratelimits
* [Feature] Support looking up NS records in lua_dns
* [Feature] Support modern style SURBL configuration
* [Feature] Support multiple hashes in delhash path
* [Feature] Support new messages in rspamc
* [Feature] Support requests without reads in lua_tcp
* [Feature] Support setting task message from Lua
* [Feature] Track visibility of HTML elements
* [Feature] Try to add CRLF when checking DKIM
* [Feature] Try to guess line endings when folding headers
* [Feature] Try to improve normalization function for bayes
* [Feature] Use FFI to optimize SA module
* [Feature] Use length based arguments for redis, allow lua_text as arg
* [Feature] Use more layers for fann and another normalization
* [Feature] User-defined ratelimits
* [Feature] Utility to convert fuzzy storage from sqlite to redis
* [Feature] Yield DMARC_DNSFAIL on lookup failure
* [Fix] Adopt fuzzy storage for flexible backends
* [Fix] Allow plain IP addresses in Rspamd maps
* [Fix] Another fix for brain-damaged hiredis
* [Fix] Another fix for rdns write errors
* [Fix] Another fix for rdns_make_request_full invocation
* [Fix] Another fix in DKIM canonicalization
* [Fix] Another memory leak plugged
* [Fix] Another try to deal with posix idiotizm
* [Fix] Another try to fix RDNS events processing logic
* [Fix] Avoid double frees in HEAD requests
* [Fix] Avoid extra symbols for RBLs
* [Fix] Banish table.maxn from Lua parts
* [Fix] Check for socket error before connection in lua_tcp
* [Fix] Correctly propagate redis timeouts to Lua
* [Fix] Do not add extra newline in MIME mode
* [Fix] Do not be cheated by system hiredis
* [Fix] Do not classify when a message has not enough tokens
* [Fix] Do not crash on redis errors
* [Fix] Do not distinguish NXDOMAIN and NOREC for monitored
* [Fix] Do not replan retransmits if merely one server is defined
* [Fix] Do not use headers to calculate messages digests
* [Fix] Don't force action in replies module for authenticated users/local networks
* [Fix] Explicitly ban default passwords in webui
* [Fix] Finally fix ambiguity between parsed and resolved spf elts
* [Fix] Fix 'decoded' value in task:get_header_full()
* [Fix] Fix DKIM calculations
* [Fix] Fix DKIM signing for messages with no newline at the end
* [Fix] Fix DNS request in monitored
* [Fix] Fix DNS write errors processing
* [Fix] Fix HTTP methods other than GET and POST
* [Fix] Fix PERMFAIL for v6/v4 ambiguities
* [Fix] Fix absurdic scores for HFILTER_URL_ONLY
* [Fix] Fix actions in rolling history
* [Fix] Fix actrie patterns
* [Fix] Fix applying of lua dynamic confg
* [Fix] Fix autolearning errors and redis cache
* [Fix] Fix bayes learn_condition
* [Fix] Fix build with the recent OpenSSL
* [Fix] Fix caching and compressed maps
* [Fix] Fix check plain text part
* [Fix] Fix crash on OpenBSD in `url_email_start`
* [Fix] Fix double free in SPF
* [Fix] Fix extraction of shingles from redis fuzzy storage
* [Fix] Fix false sharing for symbols in the cache
* [Fix] Fix float usage in util:get_time
* [Fix] Fix folding algorithm to deal with empty tokens
* [Fix] Fix format string
* [Fix] Fix format string usage in controller errors handling
* [Fix] Fix handling of '\0' in lua_tcp
* [Fix] Fix handling of HTTP HEAD methods
* [Fix] Fix hash creation
* [Fix] Fix hiredis stupidity
* [Fix] Fix implicit settings module settingsup
* [Fix] Fix interaction with lua GC to avoid craches
* [Fix] Fix ip_score module registration
* [Fix] Fix issue with empty messages and dkim
* [Fix] Fix issues with CGP helper
* [Fix] Fix issues with the recent SPF changes
* [Fix] Fix key name to load ANN correctly
* [Fix] Fix lua tcp module by saving `do_read` in callback data
* [Fix] Fix memory leak in client when using compression
* [Fix] Fix min_learns option
* [Fix] Fix on_finish scripts and async handlers
* [Fix] Fix options for SPF dnsfail symbol
* [Fix] Fix parsing includes and redirects in SPF
* [Fix] Fix parsing of lua comments with empty lines
* [Fix] Fix parsing of unquoted HTML attributes
* [Fix] Fix periodic events and redis
* [Fix] Fix processing of fuzzy learns from Lua
* [Fix] Fix processing of redirect in SPF includes
* [Fix] Fix processing of symbols when reject limit is reached
* [Fix] Fix refcounts when map is specified by IP
* [Fix] Fix rspamd{session} class in Lua API
* [Fix] Fix setting ratelimit key for 'ip' bucket
* [Fix] Fix some cases of TLD urls detector
* [Fix] Fix statconvert tool
* [Fix] Fix stats for backend-less classifiers
* [Fix] Fix training script for fann_redis
* [Fix] Fix variable in ann module
* [Fix] Fix various errors in lua dynamic conf plugin
* [Fix] Forget old ANN when max_usages is reached to avoid overtrain
* [Fix] Further canonicalization fixes
* [Fix] Further fixes for fann_redis prefixes
* [Fix] Handle failures for inactive pooled connections
* [Fix] Improve multimap info message
* [Fix] More fixes in ANN loading
* [Fix] More fixes to fann_redis
* [Fix] More issues in fann_redis
* [Fix] More spaces fix in DKIM signature
* [Fix] Multiple fixes to asn script, add IPv6 support
* [Fix] Multiple issues in fann_redis
* [Fix] No greylist rejected messages
* [Fix] One more attempt to fix lua_redis
* [Fix] One more check for readdir...
* [Fix] Params should be treated as a hash
* [Fix] Plug memory leak in regexp desctructor
* [Fix] Process headers only once
* [Fix] Properly handle nil values in ratelimit plugin
* [Fix] Really fix redis shingles check
* [Fix] Remove fann with incorrect layers count
* [Fix] Remove mentions of deleted include
* [Fix] Remove some incompatible functions
* [Fix] Settings: fix `authenticated` parameter (#886)
* [Fix] Skip MX check for authenticated users and local networks
* [Fix] Slightly fix ANN routines
* [Fix] Stop caching records with DNS failures
* [Fix] Treat all errors in redis_pool as fatal errors for a connection
* [Fix] Try avoid false-positives in HEADER_FORGED_MDN rule
* [Fix] Try to avoid race condition when using rrd
* [Fix] Try to reload redis scripts if they are missing
* [Fix] Unbreak once_received skipping for local networks
* [Fix] Unlock ANN on error
* [Fix] Use memmove for overlapping regions
* [Fix] Use real size instead of displayed for core limits
* [Fix] Use the correct macro to get the size of control
* [Fix] Various fixes for errors ringbuffer
* [Fix] Yield R_SPF_DNSFAIL if lookup of included record fails
* [Fix] mid: fix map initialization
* [Fix] mid: handle incorrect rgexps in the map
* [Rework] Add extract training data function to fann_redis
* [Rework] Add preliminary train tests
* [Rework] Add redis storage feature to fann_redis
* [Rework] Adopt fuzzy storage for abstract backend
* [Rework] Adopt plugins
* [Rework] First reiteration on fann scores
* [Rework] Implement loading/invalidating
* [Rework] Make lua_redis task agnostic
* [Rework] Make rspamd protocol messages useful
* [Rework] Massive removal of legacy code
* [Rework] More cleanup actions
* [Rework] Remove legacy code never used for classifiers
* [Rework] Remove outdated and unused lua_session module
* [Rework] Reorganize fuzzy backend structure
* [Rework] Reorganize the internal backend structure
* [Rework] Restore old fann_scores, move common parts
* [Rework] Rework and simplify rbl plugin
* [Rework] Rework parsing of DMARC records
2017-02-06 Richard Russon <rich@flatcap.org>
* Bug Fixes
- Unicode 0x202F is a non-break space too (#358) (@gahr)
- improve readability of find_subject() (@toogley)
- Import hcache-lmdb fixes from upstream (#363) (@gahr)
- Rework the "inbox-first" implementation to make code self-explanatory (#356) (@gahr)
- If possible, only redraw after gpgme has invoked pinentry (#352) (@gahr)
- Remove two use-after free in global hooks (#353) (@guiniol)
- Handle BAD as IMAP_AUTH_UNAVAIL (#351) (@gahr)
- Do not crash when closing a non-opened mailbox (origin/requests/github/343) (@gahr)
- Import hcache benchmark (@gahr)
- fix: bug introduced by mkdir changes (#350)
- change pager to allow timehook-hook to fire
* Docs
- Update documentation about modify-labels-then-hide (@bbenne10)
2017-01-28 Richard Russon <rich@flatcap.org>
* Features
- Add option for missing subject replacement
- notmuch: Allow <modify-labels> to toggle labels
- Support for aborting mailbox loading
- Do a buffy check after shell escape
- Support of relative paths sourcing and cyclic source detection
- Support of multiple config files as CLI arguments
- Extend the ~m pattern to allow relative ranges
- Implement SASL's PLAIN mechanism as a standalone authenticator
- Add support for sensitive config options
- Searching with a window over notmuch vfolders
* Contrib
- fix vim syntax file for index-color commands
- add .editorconfig
* Bug Fixes
- fix global hooks to not take a pattern
- Avoid breaking relative paths when avoiding cyclic checks on
- Fix sorting when using '/' as a namespace separator
* Docs
- Added waffle badges to readme
- Describe the new message ranges
- add documentation for -DS command line switch
- fix typos in section on config locations
- remove reference to missing keybinding
- fix docbook validation
* Build
- Start migrating to stdbool logic
- add recursive mkdir()
- reformat the source to mutt standards
- appease check_sec.sh
Upstream changes:
1.940 2017-01-29 10:33:45-05:00 America/New_York
- no code changes since 1.939 trial release
1.939 2017-01-14 14:58:44-05:00 America/New_York (TRIAL RELEASE)
- do not decode MIME headers known to be never encoded (Pali Roh獺r)
- ...and that includes the Downgraded-* headers (Pali Roh獺r)
1.938 2017-01-01 20:03:38-05:00 America/New_York (TRIAL RELEASE)
- numerous small fixes to header encoding (thanks, Pali Roh獺r)
for more details see https://github.com/rjbs/Email-MIME/pull/32
- When a single-part content type has been provided with multiple
parts, the user is now warned that the type has been changed to
multipart/mixed. This helps catch typos like
"mutlipart/alternative".
This library implements several algorithms related to the Unicode Standard:
- Look up uppercase, lowercase, and titlecase equivalents of a unicode
character
- Implementation of grapheme and work breaking rules
- Implementation of line breaking rules
- Several ancillary functions, like looking up the unicode character
that corresponds to some HTML 4.0 entity (such as "&", for example),
and determining the normal width or a double-width status of a unicode
character. Also, an adaptation of the iconv(3) API for this unicode
library
- Look up the Unicode script property
- Look up the category property
This library also implements C++ bindings for these algorithms.
Changelog:
Fixed Message preview pane non-functional after IMAP folder was renamed or moved
Fixed "Move To" button on "Search Messages" panel not working
Fixed Message sent to "undisclosed recipients" shows no recipient (non-functional since Thunderbird version 38)
Fixed Calendar: No way to accept/decline email invitations when sent and received messages are stored in the same folder
Fixed Various security fixes
Security fixes:
#CVE-2017-5375: Excessive JIT code allocation allows bypass of ASLR and DEP
#CVE-2017-5376: Use-after-free in XSL
#CVE-2017-5378: Pointer and frame data leakage of Javascript objects
#CVE-2017-5380: Potential use-after-free during DOM manipulations
#CVE-2017-5390: Insecure communication methods in Developer Tools JSON viewer
#CVE-2017-5396: Use-after-free with Media Decoder
#CVE-2017-5383: Location bar spoofing with unicode characters
#CVE-2017-5373: Memory safety bugs fixed in Thunderbird 45.7
MASTER_SITES= site1 \
site2
style continuation lines to be simple repeated
MASTER_SITES+= site1
MASTER_SITES+= site2
lines. As previewed on tech-pkg. With thanks to rillig for fixing pkglint
accordingly.
Upstream changes:
2.213 2017-01-11 09:21:54-05:00 America/New_York
- no changes since v2.212
2.212 2016-12-18 20:05:09-05:00 America/New_York (TRIAL RELEASE)
- add an $index arg to ->header to get the nth header (thanks, Pali
Roh獺r)
2017-01-13 Richard Russon <rich@flatcap.org>
* Features
- Allow custom status flags in index_format
- $from_chars highlights differences in authorship
- notmuch: make 'Folder' and 'Tags' respect (un)ignore
- notmuch: add "virtual-unmailboxes" command
* Bug Fixes
- pick smarter default for $sidebar_divider_char
- status color breaks "mutt -D"
- Enable reconstruct-thread in the pager
- manually touch 'atime' when reading a mbox file
- allow $to_chars to contain Unicode characters
- increase the max lmdb database size
- restore limit current thread
- don't reset the alarm unless we set it
- some more places that may get NULL pointers
- rework initials to allow unicode characters
* Translations
- Spanish translation
- German translation
* Docs
- Improve whitespace and grammar on the NNTP feature page
- make $to_chars docs more legible
- de-tab the DocBook
- fix 301 redirects
* Build
- New configure option --enable-everything
- add a constant for an aborted question
- enhance mutt_to_base64() (and callers)
- Fix configure.ac to require md5 if hcache is enabled
- Bail if a selected hcache backend cannot be found
- refactor mutt_matches_ignore
- fix hcache + make dist
- add unicode string helper function
- Re-indent configure.ac
- generate devel version suffix
- fix check_sec.sh warnings
- remove unnecessary #ifdef's
- add missing #ifdef for nntp
- ignore some configure temp files
- fix "make dist" target
- fix function prototypes
- fix coverity warnings
- notmuch: drop strndup, replace with mutt_substrdup
* Upstream
- Fix failure with GPGME 1.8: do not steal the gpgme_ prefix.
- search muttrc file according to XDG Base Specification (closes#3207)
- Improve openssl interactive_check_cert. (closes#3899)
- Add mutt_array_size macro, change interactive_check_cert() to use it. (see #3899)
- Return to pager upon aborting a jump operation. (closes#3901)
- Change sidebar_spoolfile coloring to be lower precedence.
- Move '@' pattern modifier documentation to the right section.
- Add setenv/unsetenv commands.
- Rework OpenSSL certificate verification to support alternative chains. (closes#3903)
- Add option to control whether threads uncollapse when new mail arrives.
- In the manual, replaced 2 para by example (similar to the first example).
- Create mbchar_table type for multibyte character arrays. (see #3024)
- Make to_chars and status_chars accept mulitibyte characters. (closes#3024)
Notmuch 0.23.5 (2017-01-09)
===========================
Build system
------------
Fix quoting bug in configure. This had introduced a RUNPATH into the
notmuch binary in cases where it was not not needed.
- fix plaintext version of docs not generated correctly. Thanks: Elijah.
- fix `getmail --fingerprint` not logging server TLS fingerprint
correctly with SimplePOP3SSLRetriever. Thanks: Gabriel Kihlman.
https://github.com/pjz/TMDAng is ported to Python 3.4, named "TMDAng"
with the original upstream author's permission, and packaged for pypi.
Anyone interested in maintaining the package would do well to take a look.
- Add qmailofmipd service for outgoing submissions.
- Add dependencies on mess822, spamdyke, and stunnel.
- Add sample spamdyke and stunnel configs for SMTP AUTH over TLS.
- Control ofmipd from the main qmail script.
- Fix broken link to "12 Steps to qmail List Bliss".
swaks' primary design goal is to be a flexible, scriptable, transaction-
oriented SMTP test tool. It handles SMTP features and extensions such as
TLS, authentication, and pipelining; multiple version of the SMTP
protocol including SMTP, ESMTP, and LMTP; and multiple transport methods
including unix-domain sockets, internet-domain sockets, and pipes to
spawned processes. Options can be specified in environment variables,
configuration files, and the command line allowing maximum
configurability and ease of use for operators and scripters.
Changelog:
Fixed The system integration dialog was shown every time when starting Thunderbird
Fixed Various security fixes
Security vulnerabilities fixed in Thunderbird 45.6
#CVE-2016-9899: Use-after-free while manipulating DOM events and audio elements
#CVE-2016-9895: CSP bypass using marquee tag
#CVE-2016-9897: Memory corruption in libGLES
#CVE-2016-9898: Use-after-free in Editor while manipulating DOM subtrees
#CVE-2016-9900: Restricted external resources can be loaded by SVG images through data URLs
#CVE-2016-9904: Cross-origin information leak in shared atoms
#CVE-2016-9905: Crash in EnumerateSubDocuments
#CVE-2016-9893: Memory safety bugs fixed in Thunderbird 45.6
Upstream changes:
0.903 2016-11-17
- PLEASE CONSIDER USING EMAIL-SENDER INSTEAD
- Fixed an errant extra test requirement, GH #3. Thanks, Paul.
- Marked the entire dist as DEPRECATED as it should no longer be used.
- Added ability for rbl plugin to capture messages before rejecting them.
- Fixed broken use of -lbg-sysdeps in modules.
- Fixed missing plugin-rbl in installed image.
- Updated for bglibs v2
- Added new "rbl" plugin, to block messages from IPs in an RBL.
- Added new "queuedir" backend, to save messages to simple files.
- Make sure plugin reset functions get called before exiting.
- Added missing plugin-starttls-ucspi to installed files.
- Added support for limiting the number of messages to plugin-counters.
- This version updates the plugin API to add new features:
- Capabilities reported by the SMTP EHLO response can be added by
plugins.
- Plugins are passed any SMTP parameters given with the sender and
recipient commands.
- Plugins can add new commands to the SMTP protocol.
Plugins compiled for previous versions of mailfront will not work
without recompiling. The short-circuit on accept logic has also been
eliminated to fix a semantic issue.
- SMTP AUTH support has been moved into a new plugin, cvm-authenticate.
Existing installations relying on SMTP AUTH support will need to make
sure they are using this new plugin. The smtpfront-qmail wrapper
has been modified to provide this additional plugin.
- Fixed plugin-add-received to add the "IPv6:" prefix in the Received:
header when the protocol is TCP6.
- Added plugin starttls-ucspi to implement STARTTLS using ucspi-tls.
- SMTP AUTH can now be restricted to TLS-enabled sessions.
- Added controls for pop3front-auth to limit the number of USER commands
and authentication failures allowed per session.
- Added control to imapfront-auth to limit the number of authentication
failures allowed per session.
- Modified the clamav plugin to use the newer INSTREAM protocol.
- imapfront-auth now sets $DOVECONF_ENV in Dovecot mode in order to
avoid having Dovecot imapd reset it through doveconf.
- Added Lua scripting plugin (optional, build with 'make lua').
- Modified the qmail backend to evaluate $QMAILQUEUE as late as possible.
This allows more options for changing $QMAILQUEUE in plugins.
- Added support for running Dovecot IMAP from imapfront-auth.
See imapfront.html for details on how to set this up.
- Added support for rejecting whole messages when the recipient count is
exceeded in plugin-counters.
- Made the check-fqdn plugin explicitly reject empty recipients.
- Added a sender domain restriction to the check-fqdn plugin.
- Added missing plugin-spamassassin.so to installation.
- Fix bug in handling invalid message numbers in retrieving messages in
pop3front-maildir.
- Added a SpamAssassin scanning plugin.
- Optimized pop3front-maildir to avoid stat'ing each message twice, and
to use sizes recorded in the filename to avoid stat'ing entirely.
See pop3front.html for details on the filenames.
pkgsrc changes:
- Libtoolize to fix build on OS X.
- Updated for bglibs v2.
- Fixed the authenticated test when used with Courier IMAP.
- Tweaked relay-ctrl-allow to only try to save a handle to the current
working directory if it's going to execute another command later.
- Added support for logging environment settings in relay-ctrl-check.
Notmuch 0.23.4 (2016-12-24)
===========================
Command Line Interface
----------------------
Improve error handling in notmuch insert
Database lock errors no longer prevent message file delivery to the
filesystem. Certain errors during `notmuch insert` most likely to
be temporary return EX_TEMPFAIL.
Emacs
-----
Restore autoload cookie for notmuch-search.
Security update to address CVE-2016-9963
Exim version 4.88
-----------------
JH/01 Use SIZE on MAIL FROM in a cutthrough connection, if the destination
supports it and a size is available (ie. the sending peer gave us one).
JH/02 The obsolete acl condition "demime" is removed (finally, after ten
years of being deprecated). The replacements are the ACLs
acl_smtp_mime and acl_not_smtp_mime.
JH/03 Upgrade security requirements imposed for hosts_try_dane: previously
a downgraded non-dane trust-anchor for the TLS connection (CA-style)
or even an in-clear connection were permitted. Now, if the host lookup
was dnssec and dane was requested then the host is only used if the
TLSA lookup succeeds and is dnssec. Further hosts (eg. lower priority
MXs) will be tried (for hosts_try_dane though not for hosts_require_dane)
if one fails this test.
This means that a poorly-configured remote DNS will make it incommunicado;
but it protects against a DNS-interception attack on it.
JH/04 Bug 1810: make continued-use of an open smtp transport connection
non-noisy when a race steals the message being considered.
JH/05 If main configuration option tls_certificate is unset, generate a
self-signed certificate for inbound TLS connections.
JH/06 Bug 165: hide more cases of password exposure - this time in expansions
in rewrites and routers.
JH/07 Retire gnutls_require_mac et.al. These were nonfunctional since 4.80
and logged a warning sing 4.83; now they are a configuration file error.
JH/08 Bug 1836: Fix crash in VRFY handling when handed an unqualified name
(lacking @domain). Apply the same qualification processing as RCPT.
JH/09 Bug 1804: Avoid writing msglog files when in -bh or -bhc mode.
JH/10 Support ${sha256:} applied to a string (as well as the previous
certificate).
JH/11 Cutthrough: avoid using the callout hints db on a verify callout when
a cutthrough deliver is pending, as we always want to make a connection.
This also avoids re-routing the message when later placing the cutthrough
connection after a verify cache hit.
Do not update it with the verify result either.
JH/12 Cutthrough: disable when verify option success_on_redirect is used, and
when routing results in more than one destination address.
JH/13 Cutthrough: expand transport dkim_domain option when testing for dkim
signing (which inhibits the cutthrough capability). Previously only
the presence of an option was tested; now an expansion evaluating as
empty is permissible (obviously it should depend only on data available
when the cutthrough connection is made).
JH/14 Fix logging of errors under PIPELINING. Previously the log line giving
the relevant preceding SMTP command did not note the pipelining mode.
JH/15 Fix counting of empty lines in $body_linecount and $message_linecount.
Previously they were not counted.
JH/16 DANE: treat a TLSA lookup response having all non-TLSA RRs, the same
as one having no matching records. Previously we deferred the message
that needed the lookup.
JH/17 Fakereject: previously logged as a norml message arrival "<="; now
distinguished as "(=".
JH/18 Bug 1867: make the fail_defer_domains option on a dnslookup router work
for missing MX records. Previously it only worked for missing A records.
JH/19 Bug 1850: support Radius libraries that return REJECT_RC.
JH/20 Bug 1872: Ensure that acl_smtp_notquit is run when the connection drops
after the data-go-ahead and data-ack. Patch from Jason Betts.
JH/21 Bug 1846: Send DMARC forensic reports for reject and quaratine results,
even for a "none" policy. Patch from Tony Meyer.
JH/22 Fix continued use of a connection for further deliveries. If a port was
specified by a router, it must also match for the delivery to be
compatible.
JH/23 Bug 1874: fix continued use of a connection for further deliveries.
When one of the recipients of a message was unsuitable for the connection
(has no matching addresses), we lost track of needing to mark it
deferred. As a result mail would be lost.
JH/24 Bug 1832: Log EHLO response on getting conn-close response for HELO.
JH/25 Decoding ACL controls is now done using a binary search; the source code
takes up less space and should be simpler to maintain. Merge the ACL
condition decode tables also, with similar effect.
JH/26 Fix problem with one_time used on a redirect router which returned the
parent address unchanged. A retry would see the parent address marked as
delivered, so not attempt the (identical) child. As a result mail would
be lost.
JH/27 Fix a possible security hole, wherein a process operating with the Exim
UID can gain a root shell. Credit to http://www.halfdog.net/ for
discovery and writeup. Ubuntu bug 1580454; no bug raised against Exim
itself :(
JH/28 Enable {spool,log} filesystem space and inode checks as default.
Main config options check_{log,spool}_{inodes,space} are now
100 inodes, 10MB unless set otherwise in the configuration.
JH/29 Fix the connection_reject log selector to apply to the connect ACL.
Previously it only applied to the main-section connection policy
options.
JH/30 Bug 1897: fix callouts connection fallback from TLS to cleartext.
PP/01 Changed default Diffie-Hellman parameters to be Exim-specific, created
by me. Added RFC7919 DH primes as an alternative.
PP/02 Unbreak build via pkg-config with new hash support when crypto headers
are not in the system include path.
JH/31 Fix longstanding bug with aborted TLS server connection handling. Under
GnuTLS, when a session startup failed (eg because the client disconnected)
Exim did stdio operations after fclose. This was exposed by a recent
change which nulled out the file handle after the fclose.
JH/32 Bug 1909: Fix OCSP proof verification for cases where the proof is
signed directly by the cert-signing cert, rather than an intermediate
OCSP-signing cert. This is the model used by LetsEncrypt.
JH/33 Bug 1914: Ensure socket is nonblocking before draining after SMTP QUIT.
HS/01 Fix leak in verify callout under GnuTLS, about 3MB per recipient on
an incoming connection.
HS/02 Bug 1802: Do not half-close the connection after sending a request
to rspamd.
HS/03 Use "auto" as the default EC curve parameter. For OpenSSL < 1.0.2
fallback to "prime256v1".
JH/34 SECURITY: Use proper copy of DATA command in error message.
Could leak key material. Remotely explaoitable. CVE-2016-9963.
ok wiz@
This will create two sendmail service instances, :mta and :msp, to start
the two sendmail instances that are usually required. The :mta instance
optionally depends on spamassassin and spamass-milter.
- The 'isync' compatibility wrapper is now deprecated.
- An IMAP Path/NAMESPACE rooted in INBOX won't be handled specially any more.
This means that some Patterns may need adjustment.
- The default output is a lot less verbose now.
The meanings of the -V and -D options changed significantly.
- The SSL/TLS configuration has been re-designed.
SSL is now explicitly enabled or disabled - "use SSL if available" is gone.
Notice: Tunnels are assumed to be secure and thus default to no SSL.
- Support for SASL (flexible authentication) has been added.
- Support for Windows file systems has been added.
- Support for compressed data transfer has been added.
- Folder deletions can be propagated now.
* dovecot.list.index.log rotation sizes/times were changed so that
the .log file stays smaller and .log.2 is deleted sooner.
+ Added mail_crypt plugin that allows encryption of stored emails.
See http://wiki2.dovecot.org/Plugins/MailCrypt
+ stats: Global stats can be sent to Carbon server by setting
stats_carbon_server=ip:port
+ imap/pop3 proxy: If passdb returns proxy_not_trusted, don't send
ID/XCLIENT
+ Added generic hash modifier for %variables:
%{<hash algorithm>;rounds=<n>,truncate=<bits>,salt=s>:field}
Hash algorithm is any of the supported ones, e.g. md5, sha1, sha256.
Also "pkcs5" is supported using SHA256. For example: %{sha256:user}
or %{md5;truncate=32:user}.
+ Added support for SHA3-256 and SHA3-512 hashes.
+ config: Support DNS wildcards in local_name, e.g.
local_name *.example.com { .. } matches anything.example.com, but
not multiple.anything.example.com.
+ config: Support multiple names in local_name, e.g.
local_name "1.example.com 2.example.com" { .. }
- Fixed crash in auth process when auth-policy was configured and
authentication was aborted/failed without a username set.
- director: If two users had different tags but the same hash,
the users may have been redirected to the wrong tag's hosts.
- Index files may have been thought incorrectly lost, causing
"Missing middle file seq=.." to be logged and index rebuild.
This happened more easily with IMAP hibernation enabled.
- Various fixes to restoring state correctly in un-hibernation.
- dovecot.index files were commonly 4 bytes per email too large. This
is because 3 bytes per email were being wasted that could have been
used for IMAP keywords.
- Various fixes to handle dovecot.list.index corruption better.
- lib-fts: Fixed assert-crash in address tokenizer with specific input.
- Fixed assert-crash in HTML to text parsing with specific input
(e.g. for FTS indexing or snippet generation)
- doveadm sync -1: Fixed handling mailbox GUID conflicts.
- sdbox, mdbox: Perform full index rebuild if corruption is detected
inside lib-index, which runs index fsck.
- quota: Don't skip quota checks when moving mails between different
quota roots.
- search: Multiple sequence sets or UID sets in search parameters
weren't handled correctly. They were incorrectly merged together.
Notmuch 0.23.3 (2016-11-27)
===========================
Command Line Interface
----------------------
Treat disappearing files during notmuch new as non-fatal.
Test Suite
----------
Fix incompatibility (related to signature size) with gnupg 2.1.16.
Many of these definitely do not depend on readline.
So there must be a different underlying problem, and that
should be tracked down instead of papering over it.
pkgsrc changes:
* Add dependency to security/pear-Crypt_GPG.
other changes:
* Add eu_EU and sq_AL locale.
RELEASE 1.2.3
* Enigma: Fix bug where last records on keys list were hidden (#5461)
* Enigma: Fix key search with keyword containing non-ascii characters (#5459)
pkgsrc changes:
* Drop dependency to pear-Mail_mimeDecode.
* Update dependency.
Other changes:
* Add is_IS, ku_IQ and sq_AL locale support.
RELEASE 1.2.3
* Searching in both contacts and groups when LDAP addressbook with
group_filters option is used
* Fix vulnerability in handling of mail()'s 5th argument
* Fix To: header encoding in mail sent with mail() method (#5475)
* Fix flickering of header topline in min-mode (#5426)
* Fix bug where folders list would scroll to top when clicking on subscription
checkbox (#5447)
* Fix decoding of GB2312/GBK text when iconv is not installed (#5448)
* Fix regression where creation of default folders wasn't functioning without
prefix (#5460)
* Fix bug where deleting folders with subfolders could fail in some cases
(#5466)
* Fix bug where IMAP password could be exposed via error message (#5472)
* Fix bug where it wasn't possible to store more that 2MB objects in
memcache/apc, Added memcache_max_allowed_packet and apc_max_allowed_packet
settings (#5452)
* Fix "Illegal string offset" warning in rcube::log_bug() on PHP 7.1 (#5508)
* Fix storing "empty" values in rcube_cache/rcube_cache_shared (#5519)
* Fix missing content check when image resize fails on attachment thumbnail
generation (#5485)
* Fix displaying attached images with wrong Content-Type specified (#5527)
Solves:
/usr/libexec/binutils225/elf/ld.gold: error: cannot find -lreadline
The missing specification is obvious on DragonFly because there's
no publically accessible version of readline in base.
Changelog:
45.5.1:
#CVE-2016-9079: Use-after-free in SVG Animation
45.5.0:
#CVE-2016-5296: Heap-buffer-overflow WRITE in rasterize_edges_1
#CVE-2016-5294: Arbitrary target directory for result files of update process
#CVE-2016-5297: Incorrect argument length checking in JavaScript
#CVE-2016-9066: Integer overflow leading to a buffer overflow in nsScriptLoadHandler
#CVE-2016-5291: Same-origin policy violation using local HTML file and saved shortcut file
#CVE-2016-9074: Insufficient timing side-channel resistance in divSpoiler
#CVE-2016-5290: Memory safety bugs fixed in Thunderbird 45.5
Notmuch 0.23.2 (2016-11-20)
===========================
Emacs
-----
Fix notmuch-interesting-buffer and notmuch-cycle-notmuch-buffers.
notmuch-tree-mode and notmuch-message-mode buffers are now
considered interesting by `notmuch-interesting-buffer` and
`notmuch-cycle-notmuch-buffers`.
Restore compatibility with Emacs 23.
Notmuch support for Emacs 23 is now deprecated.
2016-11-26 Richard Russon <rich@flatcap.org>
* Features
- Upstream adoption of compress
- Multiple hcache backends and run-time selection
- $forward_references includes References: header on forwards
- Hooks: define hooks for startup and shutdown
- Add $collapse_all to close threads automatically
* Bug Fixes
- Index in pager crash
- Tag with multiple labels
- Make sure gdbm's symbols are not resolved in QDBM's compatibility layer
- Fix crash when doing collapse_all on an empty folder
- Fix: crash when browsing empty dir
- Initialize imap_authenticate's return value to something meaningful
* Translations
- Update German translation
- Update Slovak translation
- Update French translation
- Add English (British) translation
- Convert files to utf-8
- Mass tidy up of the translation messages
* Docs
- new-mail bug is fixed
- add since date for features
- expand example command options for compress
- fix entries for beep and new-mail-command
- add a version number to the generated vimrc
- fix links in README
- don't use smart quotes in manual examples
- <escape> and \e means refers to both alt and escape key
* Build
- Travis: test messages
- Add option to disable translation messages
- Split hcache code into per-backend files
- Doc/Makefile clean neomutt-syntax.vim
- Improve discovery for the Berkeley Database
- Fix nntp/notmuch conditionals
- Implement mutt_strchrnul()
- Rename vim-keybindings to vim-keys
* Upstream
- attach_format: add new %F placeholder
- Compose: add operation to rename an attachment
- Chain %d->%F->%f in the attachment menu
- Move mbox close-append logic inside mbox_close_mailbox()
- When $flag_safe is set, flagged messages cannot be deleted
- Adds the '@' pattern modifier to limit matches to known aliases
- Adds <mark-message> binding to create "hotkeys" for messages
- Updated requirement on the C compiler
- Fix mark-message translation and keybind menu
- More openssl1.1 fixes: remove uses of X509->name in debugging. (closes#3870)
- Don't close stderr when opening a tunnel. (closes#3726)
- Minor resource and error logic cleanup in tunnel_socket_open()
- Make sure that the output of X509_NAME_oneline is null-terminated
PHP 7.0 support should be improved, too.
- Added new "smtp_helo_override" hook; allows plugins to override
the HELO host sent to the SMTP server when sending messages
- Added STARTTLS support for both IMAP and SMTP connections
- Added PDO support for database connections, so no external
database module needs to be installed
Changes in 1.9.6
Make key importing more robust
New variant of PGP/MIME messages broken by MS-Exchang
Better detection is decrypted message is displayed
Changes in 1.9.5
Enigmail wizard fails with GnuPG installation
Include AppData
Forwarding an encrypted message results in empty body
enigmail does not seem to parse last '=' in quoted-printable encoded encrypted/signed parts
select keys for Per-Recipient-Rules regression : all keys are unchecked
2016-11-04 Richard Russon <rich@flatcap.org>
* Bug Fixes
- don't crash when the imap connection dies
* Upstream
- Add root-message function to jump to root message in thread.
- Updated French translation.
- Prevent an integer overflow in mutt_mktime() (closes#3880)
- Fix pager segfault when lineInfo.chunks overflows. (closes#3888)
- Perform charset conversion on text attachments when piping. (closes#3773) (see #3886)
- Add a --disable-doc configuration option.
- Make ncurses and ncursesw header checking the same.
- Attempt to silence a clang range warning. (closes#3891)
- Fixed issue from changeset 4da647a80c55. (closes#3892)
- Define PATH_MAX, it's missing on the GNU Hurd. (closes#3815)
Upstream changes:
2.211 2016-11-12 09:39:09-05:00 America/New_York
- fix a fencepost error in headers and header_names that led to a
spurious undef in return and to a warning (thanks, Pali Roh獺r)
* Part of the Sieve extprograms implementation was moved to Dovecot, which
means that this release depends on Dovecot v2.2.26+.
* ManageSieve: The PUTSCRIPT command now allows uploading empty Sieve scripts.
There was really no good reason to disallow doing that.
+ Sieve vnd.dovecot.report extension:
+ Added a Dovecot-Reporting-User field to the report body, which contains
the e-mail address of the user sending the report.
+ Added support for configuring the "From:" address used in the report.
+ LDA sieve plugin: Implemented support for a "discard script" that is run
when the message is going to be discarded. This allows doing something other
than throwing the message away for good.
+ Sieve vnd.dovecot.environment extension: Added vnd.dovecot.config.*
environment items. These environment items map to sieve_env_* settings from
the plugin {} section in the configuration. Such values can of course also
be returned from userdb.
+ Sieve vacation extension: Use the Microsoft X-Auto-Response-Suppress header
to prevent unwanted responses from and to (older) Microsoft products.
+ ManageSieve: Added rawlog_dir setting to store ManageSieve traffic logs.
This replaces at least partially the rawlog plugin (mimics similar IMAP/POP3
change).
- doveadm sieve plugin: synchronization: Prevent setting file timestamps to
unix epoch time. This occurred when Dovecot passed the timestamp as
'unknown' during synchronization.
- Sieve exprograms plugin: Fixed spurious '+' sometimes returned at the end
of socket-based program output.
- imapsieve plugin: Fixed crash occurring in specific situations.
- Performed various fixes based on static analysis and Clang warnings.
* master: Removed hardcoded 511 backlog limit for listen(). The kernel
should limit this as needed.
* doveadm import: Source user is now initialized the same as target
user. Added -U parameter to override the source user.
* Mailbox names are no longer limited to 16 hierarchy levels. We'll
check another way to make sure mailbox names can't grow larger than
4096 bytes.
+ Added a concept of "alternative usernames" by returning user_* extra
field(s) in passdb. doveadm proxy list shows these alt usernames in
"doveadm proxy list" output. "doveadm director&proxy kick" adds
-f <passdb field> parameter. The alt usernames don't have to be
unique, so this allows creation of user groups and kicking them in
one command.
+ auth: passdb/userdb dict allows now %variables in key settings.
+ auth: If passdb returns noauthenticate=yes extra field, assume that
it only set extra fields and authentication wasn't actually performed.
+ auth: passdb static now supports password={scheme} prefix.
+ auth, login_log_format_elements: Added %{local_name} variable, which
expands to TLS SNI hostname if given.
+ imapc: Added imapc_max_line_length to limit maximum memory usage.
+ imap, pop3: Added rawlog_dir setting to store IMAP/POP3 traffic logs.
This replaces at least partially the rawlog plugin.
+ dsync: Added dsync_features=empty-header-workaround setting. This
makes incremental dsyncs work better for servers that randomly return
empty headers for mails. When an empty header is seen for an existing
mail, dsync assumes that it matches the local mail.
+ doveadm sync/backup: Added -I <max size> parameter to skip too
large mails.
+ doveadm sync/backup: Fixed -t parameter and added -e for "end date".
+ doveadm mailbox metadata: Added -s parameter to allow accessing
server metadata by using empty mailbox name.
+ Added "doveadm service status" and "doveadm process status" commands.
+ director: Added director_flush_socket. See
http://wiki2.dovecot.org/Director#Flush_socket
+ doveadm director flush: Users are now moved only max 100 at a time to
avoid load spikes. --max-parallel parameter overrides this.
+ Added FILE_LOCK_SLOW_WARNING_MSECS environment, which logs a warning
if any lock is waited on or kept for this many milliseconds.
- master process's listener socket was leaked to all child processes.
This might have allowed untrusted processes to capture and prevent
"doveadm service stop" comands from working.
- login proxy: Fixed crash when outgoing SSL connections were hanging.
- auth: userdb fields weren't passed to auth-workers, so %{userdb:*}
from previous userdbs didn't work there.
- auth: Each userdb lookup from cache reset its TTL.
- auth: Fixed auth_bind=yes + sasl_bind=yes to work together
- auth: Blocking userdb lookups reset extra fields set by previous
userdbs.
- auth: Cache keys didn't include %{passdb:*} and %{userdb:*}
- auth-policy: Fixed crash due to using already-freed memory if policy
lookup takes longer than auth request exists.
- lib-auth: Unescape passdb/userdb extra fields. Mainly affected
returning extra fields with LFs or TABs.
- lmtp_user_concurrency_limit>0 setting was logging unnecessary
anvil errors.
- lmtp_user_concurrency_limit is now checked before quota check with
lmtp_rcpt_check_quota=yes to avoid unnecessary quota work.
- lmtp: %{userdb:*} variables didn't work in mail_log_prefix
- autoexpunge settings for mailboxes with wildcards didn't work when
namespace prefix was non-empty.
- Fixed writing >2GB to iostream-temp files (used by fs-compress,
fs-metawrap, doveadm-http)
- director: Ignore duplicates in director_servers setting.
- director: Many fixes related to connection handshaking, user moving
and error handling.
- director: Don't break with shutdown_clients=no
- zlib, IMAP BINARY: Fixed internal caching when accessing multiple
newly created mails. They all had UID=0 and the next mail could have
wrongly used the previously cached mail.
- doveadm stats reset wasn't reseting all the stats.
- auth_stats=yes: Don't update num_logins, since it doubles them when
using with mail stats.
- quota count: Fixed deadlocks when updating vsize header.
- dict-quota: Fixed crashes happening due to memory corruption.
- dict proxy: Fixed various timeout-related bugs.
- doveadm proxying: Fixed -A and -u wildcard handling.
- doveadm proxying: Fixed hangs and bugs related to printing.
- imap: Fixed wrongly triggering assert-crash in
client_check_command_hangs.
- imap proxy: Don't send ID command pipelined with nopipelining=yes
- imap-hibernate: Don't execute quota_over_script or last_login after
un-hibernation.
- imap-hibernate: Don't un-hibernate if client sends DONE+IDLE in one
IP packet.
- imap-hibernate: Fixed various failures when un-hibernating.
- fts: fts_autoindex=yes was broken in 2.2.25 unless
fts_autoindex_exclude settings existed.
- fts-solr: Fixed searching multiple mailboxes (patch by x16a0)
- doveadm fetch body.snippet wasn't working in 2.2.25. Also fixed a
crash with certain emails.
- pop3-migration + dbox: Various fixes related to POP3 UIDL
optimization in 2.2.25.
- pop3-migration: Fixed "truncated email header" workaround.
v2.2.26 had a couple of nasty bugs left in it, so here's a fixup release. The version number is also a little bit weird, but had to be done this way (although 2.2.26.0.1 could have been another possibility).
- Fixed some compiling issues.
- auth: Fixed assert-crash when using NTLM or SKEY mechanisms and
multiple passdbs.
- auth: Fixed crash when exporting to auth-worker passdb extra fields
that had empty values.
- dsync: Fixed assert-crash in dsync_brain_sync_mailbox_deinit
Upstream changes:
1.300030 2016-10-03 18:33:57-04:00 America/New_York
- no changes since 1.300029
1.300029 2016-07-17 15:49:18-04:00 America/New_York (TRIAL RELEASE)
- bring localpart quoting more in line with RFC 821
1.3.5:
* [CritFix] Fix issue with finding of end of lines pointers
* [Feature] Add DMARC_NA symbol
* [Feature] Add R_DKIM_NA / R_SPF_NA / AUTH_NA symbols
* [Feature] Add spamhaus DROP dnsbl
* [Feature] Add termination callbacks for workers
* [Feature] Add user-agent for rspamc
* [Feature] Allow parsing of mailbox messages from the commandline
* [Feature] Support excluding selected users from ratelimits
* [Feature] Yield DMARC_DNSFAIL on lookup failure
* [Fix] Banish table.maxn from Lua parts
* [Fix] Do not use headers to calculate messages digests
* [Fix] Fix absurdic scores for HFILTER_URL_ONLY
* [Fix] Fix actrie patterns
* [Fix] Fix format string
* [Fix] Fix handling of '\0' in lua_tcp
* [Fix] Fix issue with empty messages and dkim
* [Fix] Fix min_learns option
* [Fix] Fix options for SPF dnsfail symbol
* [Fix] Fix processing of symbols when reject limit is reached
* [Fix] Settings: fix `authenticated` parameter (#886)
* [Fix] Try to avoid race condition when using rrd
* [Fix] Use the correct macro to get the size of controller
* [Fix] Fix build and tests on OpenBSD
Notmuch 0.23.1 (2016-10-23)
===========================
General
-------
Require Xapian >= 1.2.6
The ifdef branch for older Xapian (pre-compact API) had bit-rotted.
Emacs
-----
Fix default colours for unread and flagged messages
In 0.23 the default colours for unread and flagged messages in
search view were accidentally swapped. This release returns them to
the original colours.
A related change in 0.23 broke the customize widget for
notmuch-search-line-faces. This is now fixed.
Fix test failure with Emacs 25.1
A previously undiscovered jit-lock related bug was exposed by Emacs
25, causing a notmuch-show mode test to fail. This release fixes the
bug, and hence the test.
Note
This release has more pager bug-fixes and heaps more testing.
Thanks
Many thanks to our new contributors to NeoMutt: Doug Stone-Weaver, Ismaël Bouya, Steven Ragnarök
and our regular contributors: Darshit Shah, David Sterba, Pietro Cerutti, Tobias Angele
Features
notmuch: Add a fake “Folder” header to viewed emails Ismaël Bouya (@immae)
sidebar: consider description when using whitelist Doug Stone-Weaver (@doweaver)
forgotten-attachment: Ignore lines matching quote_regexp. Steven Ragnarök (@nuclearsandwich)
forgotten-attachment: Fix checking logic. Steven Ragnarök (@nuclearsandwich)
forgotten-attachment: Update docs regarding $quote_regexp. Steven Ragnarök (@nuclearsandwich)
skip-quoted: skip to body David Sterba (@kdave)
nntp: use safe_{fopen,fclose}
nntp: fix resource leak
Bug Fixes
“inbox” sorting function Pietro Cerutti (@gahr)
sensible-browser/notmuch changing mailbox
overhaul the index/pager updates
crash in hdrline
remove stray line introduced by pager fix
Possible fix for random pager crashes.
Docs
use a more expressive coverity scan badge Tobias Angele (@toogley)
light tidying
Build
replace the ugly strfcpy() macro with a function Darshit Shah (darnir)
build: Look for tgetent in ncurses, fallback to tinfo only if not found Pietro Cerutti (@gahr)
build: fix a couple of build warnings
travis: install doc dependencies
build: fix install/dist/distcheck targets
Upstream
Fix POP3 SASL authentication mechanism DIGEST-MD5. (closes#3862)
Add a few explanatory comments to pop_auth_sasl(). (see #3862)
Fix GPGME signature zero timestamp and locale awareness issues. (closes#3882)
Handle presence of ‘–’ delimiter in $sendmail. (closes#3168)
Allow IPv6 literal addresses in URLs. (closes#3681)
Fix gpgme segfault in create_recipient_set().
Use mutt_strlen and mutt_strncmp in sidebar.c.
Change sidebar to only match $folder prefix on a $sidebar_divider_char. (closes#3887)
Actually fix gpgme segfault in create_recipient_set().
Upstream changes:
version 2.120: Wed 21 Sep 16:41:23 CEST 2016
Fixes:
- revert change of parts(), because it breaks code/the tests.
rt.cpan.org#118016 [Tom Callaway]
version 2.119: Mon Sep 19 22:49:50 CEST 2016
Fixes:
- Mail::Message::parts() did not return the $msg itself when
there are multiparts. [Peter Gunn]
- Cygwin is not windows. rt.cpan.org#115286
- include examples in the man-pages
Improvements:
- require perl 5.8.5
- ::MailDir scans faster with tainting off
- larger Mail::Message::build() example in SYNOPSIS [Andrew Beverley]
- $msg->build options file and files now exactly the same.
- indicate what ::Field::attributes() may return dupplicated
keys. rt.cpan.org #114589 [Randy Diffenderfer]
This is python-policyd-spf, an external policy checker for the postfix mail
server. It will use pyspf to check SPF records to determine if email should
be rejected by your server.
Based on https://github.com/joyent/pkgsrc/pull/421 by Coy Hile.
dependency on net/py-dns was incorrect and cannot have worked).
Changes since 2.0.8:
Version 2.0.12 - August 5, 2015
* Reset void_lookups at top of check()
* Ignore permerror for best_guess()
* Don't crash on null DNS TXT record (ignore): test case null-text
* Trailing spaces are allowed by 4.5/2: test case trailing-space
* Make CNAME loop result in unknown host: test case ptr-cname-loop
* Test case and fix for mixed case CNAME loop, test case ptr-cname-loop
Version 2.0.11 - December 5, 2014
* Fix another bug in SPF record parsing that caused records with terms
separated by multple spaces as invalid, but they are fine per the ABNF
* Downcase names in additional answers returned by DNS before adding
to cache, since case inconsistency can cause PTR match failures (initial
patch thanks to Joni Fieggen) and other problems.
Version 2.0.10 - September 2, 2014
* Fix bug in SPF record parsing that caused all 'whitespace' characters to
be considered valid term separators and not just spaces
* Fixed multiple bugs in temperror processing that would lead to tracebacks
instead of correct error processing
* Fix AAAA not flagged as bytes when strict=2
* Include '~' as safe char in url quoted macro expansion
Version 2.0.9 - April 29, 2014
* Update for new SPF standards track RFC 7208
- Add processing for new void lookups processing limit
- Default SPF process timeout limit to 20 seconds per RFC 7208 4.6.4
- Change default DNS timeout to 20 seconds in DNSLookup to better match
RFC 7208 4.6.4
- Make mx lookups > 10 a permerror per RFC 7208 and mx-limit test
- Add RFC 7208 specific test suite and make allowance for RFC 7208 changes
in RFC 4408 test suite
- Convert YAML tests to TestCases, and have testspf.py return success/fail.
Changelog:
Fixed "Apply columns to..." did not honor special folders
Fixed Threading broken when editing message draft, due to loss of Message-ID
Fixed Mail saved as template copied In-Reply-To and References from original email.
Fixed Additional spaces were inserted when drafts were edited.
Fixed Recipient addresses were shown in red despite being inserted from the address book in some circumstances.
Fixed Display name was truncated if no separating space before email address.
- add `ignore_header_shrinkage` parameter to Filter_external for users
who know it is normal for their particular filter to result in a
smaller message header than the source message, for example when the
filter encapsulates the original message in a simpler wrapper message.
Thanks: "RW", Tristan Miller, Francesco Ariis.
- EXPERIMENTAL: when deleting a message from an IMAP mailbox, set the
\Seen flag in addition to the the \Deleted flag. This apparently
prevents the ever-innovatively-broken MSExchange from sending a
spurious incorrect disposition-notification message to the sender of
the message. I do not know if this will cause problems with other
broken IMAP server implementations; please send a report to the getmail-
user's mailing list if you see odd behaviour with this change. Thanks:
John Hein.
- enable socket timeouts for IMAP SSL classes by default. They were
disabled in the code because they were incompatible with SSL in older
versions of Python. If you see problems with Python 2.6 or 2.7 now,
please let me know.
2016-10-14 Richard Russon <rich@flatcap.org>
* Features
- sidebar: Make sure INBOX appears first in the list.
- notmuch: Synchronise tags to flags
* Bug Fixes
- updates when pager is open
- crash when neither $spoolfile, $folder are set
- forgotten-attachment: fix empty regex expression
- status-color when pager_index_lines > 0
- buffer underrun when no menu item is selected
- crash handling keywords/labels
* Docs
- update notmuch references
* Build
- update references to 1.7.1
- strfcpy() improvement
* Upstream
- automatic post-release commit for mutt-1.7.1
- Mark IMAP fast-trash'ed messages as read before copying. (see #3860)
- Updated Czech translation.
- Preserve forwarded attachment names in d_filename.
== 3.1 / 2016-05-22
* 1 documentation change:
* Tim Smith (@tas50) updated the build badges to be SVGs to improve
readability on high-density (retina) screens with pull request
{#112}[https://github.com/mime-types/ruby-mime-types/pull/112].
* 3 bug fixes
* A test for MIME::Types::Cache fails under Ruby 2.3 because of frozen
strings, {#118}[https://github.com/mime-types/ruby-mime-types/issues/118].
This has been fixed.
* The JSON data has been incorrectly encoded since the release of mime-types
3 on the +xrefs+ field, because of the switch to using a Set to store
cross-reference information. This has been fixed.
* A tentative fix for
{#117}[https://github.com/mime-types/ruby-mime-types/issues/117] has been
applied, removing the only circular require dependencies that exist (and
for which there was code to prevent, but the current fix is simpler).
I have no way to verify this fix and depending on how things are loaded by
+delayed_job+, this fix may not be sufficient.
* 1 governance change
* Updated to {Contributor Covenant 1.4}[Code-of-Conduct_rdoc.html].
== Version 2.6.4 - Wed Mar 23 08:16 -0700 2016 Jeremy Daer <jeremydaer@gmail.com>
Features:
* #772 - Normalize encoding matchers (grosser)
* #775 - Avoid failed encodings / stop bad charsets early (grosser)
* #782 – Make the gem compatible with Rubinius (robin850)
* #865 - Allow a body with an invalid encoding to be round tripped (kjg)
* #866 - Support decoding message bodies with non-Ruby-standard charsets (jeremy)
* #868 - Use the Ruby19.charset_encoder when decoding message bodies (kjg)
* #872 - Low-level option to include BCC field in the encoded message (grossadamm)
* #901 - Allow mail.text_part = '…' and mail.html_part = '<p>…</p>' (taavo)
* #924 - Matcher for having attachments (schepedw)
Performance:
* #956 - Use native String#encode for CR/LF conversion (carsonreinke)
* #970 - Support Ruby 2.3+ frozen string literals (twalpole)
Bugs:
* #719 - Fix to not extract header content that looks like its field name (kjg)
* #789 - Fix encoding collapsing not dealing with multiple encodings in 1 line (grosser)
* #808 - Mail::Field correctly responds_to? the methods of its instantiated field (thegcat)
* #849 - Handle calling Part#inline? when the Content-Disposition field couldn't be parsed (kjg)
* #874 – Stay under 1000-char SMTP line length limits (pushrax)
* #877 - Make Mail::Field == other take the field value into account (kjg)
* #907 - Mail::ContentDispositionField should work with nil value (kjg)
* #910 - Mail::Address should handle b_value_encoded local and domain parts (kjg)
* #918 - Account for possibility of absent delivery-status headers (kjg)
forgotten-attachment: fix empty regex expression
The original regex was of the form "abc(|def)" to check for both "abc"
and "abcdef". Unfortunately, the regex libraries on BSDs/MacOS don't
like this use of an empty sub-expression.
Expanding the regex to: "(abc|abcdef)" fixes the problem.
3bc69ca250
Bump PKGREVISION.
Notmuch 0.23 (2016-10-03)
=========================
General (Xapian 1.4+)
---------------------
Compiling against Xapian 1.4 enables several new features.
Support for single argument date: queries
`date:<expr>` is equivalent to `date:<expr>..<expr>`.
Support for blocking opens
When opening a database notmuch by default will wait for another
process to release a write lock, rather than returning an error.
Support for named queries
Named queries (also known as 'saved searches') can be defined with a
`query:name` format. The expansion of these queries is stored in the
database and they can be used from any notmuch client.
Library
-------
Message property API
libnotmuch now supports the attachment of arbitrary key-value pairs
to messages. These can be used by various tools to manage their
private data without polluting the user tag space. They also support
iteration of values with the same key or same key prefix.
Bug fix for `notmuch_directory_set_mtime`
Update cached mtime to match on-disk mtime.
CLI
---
Support for compile time options
A group of `built_with` keys is now supported for notmuch
config. Initial keys in this group are `compact`, `field_processor`,
and `retry_lock`.
Dump/Restore support for configuration information and properties
Any configuration information stored in the database (initially just
named queries) is dumped and restored. Similarly any properties
attached to messages are also dumped and restored. Any new
information in the dump format is prefixed by '#' to allow existing
scripts to ignore it.
Emacs
-----
Make notmuch-message-mode use insert for fcc
Notmuch-message-mode now defaults to using notmuch insert for
fcc. The old file based fcc behaviour can be restored by setting the
defcustom `notmuch-maildir-use-notmuch-insert` to nil.
When using notmuch insert, `notmuch-fcc-dirs` must be a subdirectory
of the mailstore (absolute paths are not permitted) followed by any
tag changes to be applied to the inserted message. The tag changes
are applied after the default tagging for new messages. For example
setting the header to "sentmail -inbox +sent" would insert the
message in the subdirectory sentmail of the mailstore, add the tag
"sent", and not add the (normally added) "inbox" tag.
Finally, if the insert fails (e.g. if the database is locked) the
user is presented with the option to retry, ignore, or edit the
header.
Make internal address completion customizable
There is a new defcustom `notmuch-address-internal-completion` which
controls how the internal completion works: it allows the user to
choose whether to match on messages the user sent, or the user
received, and to filter the messages used for the match, for example
by date.
Allow internal address completion on an individual basis
There is a new function `notmuch-address-toggle-internal-completion`
(by default it has no keybinding) which allows users who normally
use an external completion command to use the builtin internal
completion for the current buffer.
Alternatively, if the user has company-mode enabled, then the user
can use company mode commands such as `company-complete` to
activate the builtin completion for an individual completion.
Resend messages
The function `notmuch-show-resend-message` (bound to `b` in show
and tree modes) will (attempt to) send current message to new
recipients. The headers of the message won't be altered (e.g. `To:`
may point to yourself). New `Resent-To:`, `Resent-From:` and so on
will be added instead.
Face customization is easier
New faces `notmuch-tag-unread`, `notmuch-tag-flagged`,
`notmuch-tag-deleted`, `notmuch-tag-added`,
`notmuch-search-flagged-face` and `notmuch-search-unread-face` are
now used by default. Customize `notmuch-faces` to modify them.
Omit User-Agent header by default when sending mail
Ruby Bindings
-------------
Add support for `notmuch_database_get_all_tags`
Go Bindings
-----------
Go bindings moved to contrib
Add support for `notmuch_threads_t` and `notmuch_thread_t`
Fixed constant values so they are not all zero anymore
Previously, it was impossible to open writable database handles,
because `DATABASE_MODE_READ_ONLY` and `DATABASE_MODE_READ_WRITE` were
both set to zero.
The same issue occured with sort modes.
