Commit graph

10672 commits

Author SHA1 Message Date
nia
5910410954 mutt: Depend on mime-types, don't install internal mime.types to SYSCONFDIR 2020-06-09 10:18:49 +00:00
taca
d345e23b1d mail/roundcube: update to 1.14.6
Update roundcube to 1.14.6.


RELEASE 1.4.6
-------------
- Installer: Fix regression in SMTP test section (#7417)
2020-06-09 00:25:19 +00:00
taca
d370564bbb mail/roundcube-plugin-password: update to 1.4.5
Update roundcube-plugin-password to 1.4.5


RELEASE 1.4.5
-------------
- Password: Fix issue with Modoboa driver (#7372)
2020-06-07 22:08:37 +00:00
taca
96c14857ec mail/roundcube: update to 1.4.5
Update roundcube to 1.4.5, including some security fixes.

pkgsrc change:

* Proper replace PHP interpreter.
* Fix php-sockets option to work.


RELEASE 1.4.5
-------------
- Fix bug in extracting required plugins from composer.json that led to spurious error in log (#7364)
- Fix so the database setup description is compatible with MySQL 8 (#7340)
- Markasjunk: Fix regression in jsevent driver (#7361)
- Fix missing flag indication on collapsed thread in Larry and Elastic (#7366)
- Fix default keyservers (use keys.openpgp.org), add note about CORS (#7373, #7367)
- Mailvelope: Use sender's address to find pubkeys to check signatures (#7348)
- Mailvelope: Fix Encrypt button hidden in Elastic (#7353)
- Fix PHP warning: count(): Parameter must be an array or an object... in ID command handler (#7392)
- Fix error when user-configured skin does not exist anymore (#7271)
- Elastic: Fix aspect ratio of a contact photo in mail preview (#7339)
- Fix bug where PDF attachments marked as inline could have not been attached on mail forward (#7382)
- Security: Fix a couple of XSS issues in Installer (#7406)
- Security: Fix XSS issue in template object 'username' (#7406)
- Security: Better fix for CVE-2020-12641
- Security: Fix cross-site scripting (XSS) via malicious XML attachment
2020-06-07 22:07:04 +00:00
nia
ff834919fb thunderbird: Add SUPERSEDES 2020-06-07 10:30:38 +00:00
nia
f76458d071 mail: Remove thunderbird60 - EOL
Note: the release strategy of Thunderbird has changed and there
will be no more non-extended-support releases, so mail/thunderbird
contains the most recent extended support release, derived from firefox68
2020-06-07 10:27:11 +00:00
otis
f8bb8aa5f2 mail/amavisd-new: Fix build after removal of replace-interpreter
- Add NO_BUILD=yes
- Move SUBST_STAGE to pre-configure target
2020-06-06 11:55:39 +00:00
jperkin
38fe454b9c *: Apply revbump for graphics/giflib API change. 2020-06-05 12:48:58 +00:00
ryoon
e6e5c90ff0 thunderbird-l10n: Update to 68.9.0
* Sync with mail/thunderbird-68.9.0.
2020-06-05 03:58:46 +00:00
ryoon
8a51ed84a6 thunderbird: Update to 68.9.0
Changelog:
Fixes
fixed Custom headers added for searching or filtering could not be removed
fixed Calendar: Today Pane updated prior to loading all data
fixed Stability improvements
fixed Various security fixes

Security fixes:
#CVE-2020-12399: Timing attack on DSA signatures in NSS library
#CVE-2020-12405: Use-after-free in SharedWorkerService
#CVE-2020-12406: JavaScript Type confusion with NativeTypes
#CVE-2020-12410: Memory safety bugs fixed in Thunderbird 68.9.0
#CVE-2020-12398: Security downgrade with IMAP STARTTLS leads to information leakage
2020-06-05 03:57:58 +00:00
nia
339d47ab23 Switch legacy mozilla software over to ffmpeg4
While here, clean up options.mk.

Bump PKGREVISIONs
2020-06-04 13:47:19 +00:00
jperkin
af3b49a311 dspam: Add SMF manifest.
Provided by erwinlem in joyent/pkgsrc#267.
2020-06-02 15:04:27 +00:00
adam
6bd0c30da6 Revbump for icu 2020-06-02 08:22:31 +00:00
bouyer
cc2de50862 Update to 6.2.56. Changes since 6.2.54:
Security fix for https://sympa-community.github.io/security/2020-002.html
Translation updates
2020-06-01 21:46:25 +00:00
rillig
5389247a0f mail/claws-mail-*: suppress USE_TOOLS+=perl warning 2020-06-01 20:01:17 +00:00
adam
36437ec4c1 exim exim-html: updated to 4.94
Exim version 4.94
-----------------

JH/01 Avoid costly startup code when not strictly needed.  This reduces time
      for some exim process initialisations.  It does mean that the logging
      of TLS configuration problems is only done for the daemon startup.

JH/02 Early-pipelining support code is now included unless disabled in Makefile.

JH/03 DKIM verification defaults no long accept sha1 hashes, to conform to
      RFC 8301.  They can still be enabled, using the dkim_verify_hashes main
      option.

JH/04 Support CHUNKING from an smtp transport using a transport_filter, when
      DKIM signing is being done.  Previously a transport_filter would always
      disable CHUNKING, falling back to traditional DATA.

JH/05 Regard command-line receipients as tainted.

JH/06 Bug 340: Remove the daemon pid file on exit, whe due to SIGTERM.

JH/07 Bug 2489: Fix crash in the "pam" expansion condition.  It seems that the
      PAM library frees one of the arguments given to it, despite the
      documentation.  Therefore a plain malloc must be used.

JH/08 Bug 2491: Use tainted buffers for the transport smtp context.  Previously
      on-stack buffers were used, resulting in a taint trap when DSN information
      copied from a received message was written into the buffer.

JH/09 Bug 2493: Harden ARC verify against Outlook, whick has been seen to mix
      the ordering of its ARC headers.  This caused a crash.

JH/10 Bug 2492: Use tainted memory for retry record when needed.  Previously when
      a new record was being constructed with information from the peer, a trap
      was taken.

JH/11 Bug 2494: Unset the default for dmarc_tld_file.  Previously a naiive
      installation would get error messages from DMARC verify, when it hit the
      nonexistent file indicated by the default.  Distros wanting DMARC enabled
      should both provide the file and set the option.
      Also enforce no DMARC verification for command-line sourced messages.

JH/12 Fix an uninitialised flag in early-pipelining.  Previously connections
      could, depending on the platform, hang at the STARTTLS response.

JH/13 Bug 2498: Reset a counter used for ARC verify before handling another
      message on a connection.  Previously if one message had ARC headers and
      the following one did not, a crash could result when adding an
      Authentication-Results: header.

JH/14 Bug 2500: Rewind some of the common-coding in string handling between the
      Exim main code and Exim-related utities.  The introduction of taint
      tracking also did many adjustments to string handling.  Since then, eximon
      frequently terminated with an assert failure.

JH/15 When PIPELINING, synch after every hundred or so RCPT commands sent and
      check for 452 responses.  This slightly helps the inefficieny of doing
      a large alias-expansion into a recipient-limited target.  The max_rcpt
      transport option still applies (and at the current default, will override
      the new feature).  The check is done for either cause of synch, and forces
      a fast-retry of all 452'd recipients using a new MAIL FROM on the same
      connection.  The new facility is not tunable at this time.

JH/16 Fix the variables set by the gsasl authenticator.  Previously a pointer to
      library live data was being used, so the results became garbage.  Make
      copies while it is still usable.

JH/17 Logging: when the deliver_time selector ise set, include the DT= field
      on delivery deferred (==) and failed (**) lines (if a delivery was
      attemtped).  Previously it was only on completion (=>) lines.

JH/18 Authentication: the gsasl driver not provides the $authN variables in time
      for the expansion of the server_scram_iter and server_scram_salt options.

WB/01 SPF: DNS lookups for the obsolete SPF RR type done by the libspf2 library
      are now specifically given a NO_DATA response without hitting the system
      resolver.  The library goes on to do the now-standard TXT lookup.
      Use of dnsdb lookups is not affected.

JH/19 Bug 2507: Modules: on handling a dynamic-module (lookups) open failure,
      only retrieve the errormessage once.  Previously two calls to dlerror()
      were used, and the second one (for mainlog/paniclog) retrieved null
      information.

JH/20 Taint checking: disallow use of tainted data for
      - the appendfile transport file and directory options
      - the pipe transport command
      - the autoreply transport file, log and once options
      - file names used by the redirect router (including filter files)
      - named-queue names
      - paths used by single-key lookups
      Previously this was permitted.

JH/21 Bug 2501: Fix init call in the heimdal authenticator.  Previously it
      adjusted the size of a major service buffer; this failed because the
      buffer was in use at the time.  Change to a compile-time increase in the
      buffer size, when this authenticator is compiled into exim.

JH/22 Taint-checking: move to safe-mode taint checking on all platforms.  The
      previous fast-mode was untenable in the face of glibs using mmap to
      support larger malloc requests.

PP/01 Update the openssl_options possible values through OpenSSL 1.1.1c.
      New values supported, if defined on system where compiled:
      allow_no_dhe_kex, cryptopro_tlsext_bug, enable_middlebox_compat,
      no_anti_replay, no_encrypt_then_mac, prioritize_chacha, tlsext_padding

JH/23 Performance improvement in the initial phase of a two-pass queue run.  By
      running a limited number of proceses in parallel, a benefit is gained. The
      amount varies with the platform hardware and load.  The use of the option
      queue_run_in_order means we cannot do this, as ordering becomes
      indeterminate.

JH/24 Bug 2524: fix the cyrus_sasl auth driver gssapi usage.  A previous fix
      had introduced a string-copy (for ensuring NUL-termination) which was not
      appropriate for that case, which can include embedded NUL bytes in the
      block of data.  Investigation showed the copy to actually be needless, the
      data being length-specified.

JH/25 Fix use of concurrent TLS connections under GnuTLS.  When a callout was
      done during a receiving connection, and both used TLS, global info was
      used rather than per-connection info for tracking the state of data
      queued for transmission.  This could result in a connection hang.

JH/26 Fix use of the SIZE parameter on MAIL commands, on continued connections.
      Previously, when delivering serveral messages down a single connection
      only the first would provide a SIZE.  This was due to the size information
      not being properly tracked.

JH/27 Bug 2530: When operating in a timezone with sub-minute offset, such as
      TAI (at 37 seconds currently), pretend to be in UTC for time-related
      expansion and logging.  Previously, spurious values such as a future
      minute could be seen.

JH/28 Bug 2533: Fix expansion of ${tr } item.  When called in some situations
      it could crash from a null-deref.  This could also affect the
      ${addresses: } operator and ${readsock } item.

JH/29 Bug 2537: Fix $mime_part_count.  When a single connection had a non-mime
      message following a mime one, the variable was not reset.

JH/30 When an pipelined-connect fails at the first response, assume incorrect
      cached capability (perhaps the peer reneged?) and immediately retry in
      non-pipelined mode.

JH/31 Fix spurious detection of timeout while writing to transport filter.

JH/32 Bug 2541: Fix segfault on bad cmdline -f (sender) argument.  Previously
      an attempt to copy the string was made before checking it.

JH/33 Fix the dsearch lookup to return an untainted result.  Previously the
      taint of the lookup key was maintained; we now regard the presence in the
      filesystem as sufficient validation.

JH/34 Fix the readsocket expansion to not segfault when an empty "options"
      argument is supplied.

JH/35 The dsearch lookup now requires that the directory is an absolute path.
      Previously this was not checked, and nonempty relative paths made an
      access under Exim's current working directory.

JH/36 Bug 2554: Fix msg:defer event for the hosts_max_try_hardlimit case.
      Previously no event was raised.

JH/37 Bug 2552: Fix the check on spool space during reception to use the SIZE
      parameter supplied by the sender MAIL FROM command.  Previously it was
      ignored, and only the check_spool_space option value for the required
      leeway checked.

JH/38 Fix $dkim_key_length.  This should, after a DKIM verification, present
      the size of the signing public-key.  Previously it was instead giving
      the size of the signature hash.

JH/39 DKIM verification: the RFC 8301 restriction on sizes of RSA keys is now
      the default.  See the (new) dkim_verify_min_keysizes option.

JH/40 Fix a memory-handling bug: when a connection carried multiple messages
      and an ACL use a lookup for checking either the local_part or domain,
      stale data could be accessed.  Ensure that variable references are
      dropped between messages.

JH/41 Bug 2571: Fix SPA authenticator.  Running as a server, an offset supplied
      by the client was not checked as pointing within response data before
      being used.  A malicious client could thus cause an out-of-bounds read and
      possibly gain authentication.  Fix by adding the check.

JH/42 Internationalisation: change the default for downconversion in the smtp
      transport to be "if needed".  Previously it was "as previously set" for
      the message, which usually meant "if needed" for message-submission but
      "no" for everything else.  However, MTAs have been seen using SMTPUTF8
      even when the envelope addresses did not need it, resulting in forwarding
      failures to non-supporting MTAs.  A downconvert in such cases will be
      a no-op on the addresses, merely dropping the use of SMTPUTF8 by the
      transport.  The change does mean that addresses needing conversion will
      be converted when previously a delivery failure would occur.

JH/43 Fix possible long line in DSN.  Previously when a very long SMTP error
      response was received it would be used unchecked in a fail-DSN, violating
      standards on line-length limits.  Truncate if needed.

HS/01 Remove parameters of the link to www.open-spf.org. The linked form
      doesn't work. (Additionally add a new main config option to configure the
      spf_smtp_comment)
2020-06-01 19:42:48 +00:00
rillig
4d1a23b6f3 mail/teapop: remove unknown configure option
The correct option would be --enable-lock=flock.
2020-05-31 17:34:15 +00:00
rillig
f4e49541e7 mail/sylpheed: remove unknown configure option 2020-05-31 17:26:30 +00:00
rillig
fcf9b9cd6c mail/php-imap: remove unknow configure option 2020-05-31 16:51:29 +00:00
rillig
2229d6a88e mail/claws-mail: suppress USE_TOOLS+=perl warning 2020-05-31 09:31:58 +00:00
adam
939b354b44 py-email_validator: updated to 1.1.1
1.1.1:
Unknown changes
2020-05-29 08:56:54 +00:00
ryoon
9a7929be75 thunderbird-l10n: Update to 68.8.1
* Sync with mail/thunderbird-68.8.1.
2020-05-27 11:42:10 +00:00
ryoon
6f7a90b6a9 thunderbird: Update to 68.8.1
Changelog:
Fixes:
fixed IMAP stability improvements
fixed HTML tags in IRC topic changes were rendered incorrectly
fixed MailExtensions: Websockets could not be used
2020-05-27 11:40:29 +00:00
taca
c63f2b0979 mail/Makefile: add and enable ruby-roadie-rails 2020-05-25 14:10:11 +00:00
taca
38ab4dba85 mail/ruby-roadie-rails: add package version 2.1.1
Add ruby-roadie-rails package version 2.1.1 based on wip/ruby-roadie-rails52.


roadie-rails

This gem hooks up your Rails application with Roadie to help you generate
HTML emails.
2020-05-25 14:09:08 +00:00
taca
1db4fa5d4e mail/Makefile: add and enable ruby-roadie 2020-05-25 14:07:02 +00:00
taca
b5a4a8cfdd mail/ruby-roadie: add package version 4.0.0
Add ruby-roadie package version 4.0.0 based on wip/ruby-roadie.


Roadie

Roadie tries to make sending HTML emails a little less painful by inlining
stylesheets and rewriting relative URLs for you inside your emails.
2020-05-25 14:06:14 +00:00
taca
a2931befef mail/ruby-mime-types-data: update to 3.2020.05.12
Update ruby-mime-types-data to 3.2020.05.12.


## 3.2020.05.12 / 2020-05-12

- Updated the IANA media registry entires as of release date.

- Added file extensions for HEIC image types. [#34][].
2020-05-25 14:01:30 +00:00
nia
c31c1b6c61 mail: remove etpan
Unmaintained upstream and no longer supported by newer libetpan versions
2020-05-25 11:49:47 +00:00
rillig
b927d16c68 mail/libetpan: skip bashisms check for macOS 2020-05-25 05:58:40 +00:00
rillig
bc596f62eb mail/thunderbird60: skip shell portability 2020-05-25 05:36:38 +00:00
rillig
c9d0627de1 mail/ja-mh: document possible array[char] bug 2020-05-25 05:35:35 +00:00
rillig
99015b79a4 mail/gmime3: remove unknown configure option 2020-05-25 05:34:49 +00:00
rillig
6cbf694c93 mail/courier-*: remove unknown configure option 2020-05-25 05:33:59 +00:00
mef
6c54128b34 (mail/courier-mta) Fix build: Remove no effective SUBST file 2020-05-24 01:22:42 +00:00
schmonz
369c26d7cb Restore missing .include of options.mk. 2020-05-23 21:32:14 +00:00
schmonz
de7f8545e7 Update to notqmail 1.08 (as qmail-1.03nb49). From the changelog:
## Fix bugs

- Vulnerabilities we've inherited from qmail 1.03, reported by Qualys.
    - CVE-2005-1515: fix signedness wraparound in `substdio_{put,bput}()`.
    - CVE-2005-1514: fix possible signed integer overflow in `commands()`.
    - CVE-2005-1513: fix integer overflow in `stralloc_readyplus()`.
    - Fix several other places where variables could overflow.
- `qmail-pop3d`: instead of running as root if root authenticates (and
  being a vector for a dictionary attack on the root password), exit 1
  to look just like a failed `checkpassword` login.
- `qmail-inject`: do not parse header recipients if `-a` is given.
- Correctly detect multiple IP addresses on the same interface.
- Remove workaround for ancient DNS servers that do not properly
  support CNAME.
- Fix possible integer overflow in `alloc()`.

## Reduce bug likelihood

- Remove `dnscname` and `dnsmxip` programs that were being built but not
  installed.
- Remove `systype` and related platform detection.
- Remove unused variable in `maildir.c`.
- Reduce variable scope in `tcpto.c`.
- Avoid local variables shadowing same-named globals.
- Avoid needing `exit.h` in named-pipe bug check.
- Add a `test` target and some unit tests, using Check.
- Add missing function declarations in `cdbmss.h`, `scan.h`.
- Add missing return types to `main()`.
- Add `hier.h` for inclusion in `instcheck.c`, `instchown.c`, `instpackage.c`.
- Use system headers and types instead of the `HASSHORTSETGROUPS` check.
- Use system headers instead of redeclaring `exit()`, `read()`,
  `write()`, `malloc()`, `free()`, `fork()`, `uint32_t`.
- Use C89 function signatures for code we've touched so far.
- Automated builds:
    - TravisCI: move setting `MAKEFLAGS` out of the script and into
      the matrix.
    - Add FreeBSD builds with CirrusCI.
    - Add a GitHub Actions build.

## Other changes

- Remove DJB's TODO.
- Replace many `pobox.com` URLs.
- Acknowledge Erik Sjölund's `qmail-local.c` bugfix that we've
  inherited from netqmail.
- Avoid generating catted manpages by building with `NROFF=true`.
- Optionally create a `systemd` service file.
- Run an alternate `qmail-remote` by setting `QMAILREMOTE` in
  `qmail-send`'s environment.

## Intent to remove

In the course of developing this release, we found programs that we
intend to remove in the next release. We believe none of these remains
necessary or useful enough to be worth the cost of maintaining. If you
disagree, please let us know!

- Remove `qsmhook`, long since replaced by `preline`.
- Remove inefficient `maildirwatch`.
- Remove obsolete mail client wrappers.
- Remove `qmail-pop3d`, since Maildir is well supported by actively
  maintained POP3 servers.
2020-05-23 20:50:02 +00:00
nia
a7b7a3c765 *: Remove references to mysql55 2020-05-23 13:08:51 +00:00
rillig
c33f2e6201 mail/fml: remove unknown configure option 2020-05-23 12:49:26 +00:00
rillig
4ee6ee7f86 mail/dbmail: remove unknown configure option 2020-05-23 12:36:35 +00:00
rillig
23230f9bb0 mail/dspam: remove unknown configure option 2020-05-23 12:33:22 +00:00
rillig
5d0f8dce0b mail/offlineimap: clean up REPLACE_PYTHON 2020-05-22 21:35:03 +00:00
rillig
0b6e08ab4e mail/turba: clean up and sort REPLACE_FILES 2020-05-22 21:28:52 +00:00
rillig
b935597127 erlang, amavisd, policyd: remove redundant replace-interpreter
Since do-configure-pre-hook already depends on replace-interpreter, there
is no point in making any other stage depend on that as well.  At best,
it has no effect.  At worst it creates a hard-to-find difference between
builds that run "bmake install" directly and builds that split the build
into "bmake configure && bmake build && bmake install", as bulk builds
do.
2020-05-22 18:12:15 +00:00
adam
d62c903eea revbump after updating security/nettle 2020-05-22 10:55:42 +00:00
taca
70e54393f8 Remove RUBY_VERSIONS_INCOMPATIBLE for ruby24. 2020-05-21 16:04:21 +00:00
nia
400c33f713 balsa: Update to 2.6.1
* Balsa-2.6.1 release. Release date 2020-05-10

- fix server identity verification.
2020-05-21 14:19:46 +00:00
mef
53a7211e97 (mail/courier-imap) Remove (one more) no-op files from SUBST block 2020-05-21 13:31:59 +00:00
nia
a21cbc4ac0 libetpan: Missing tools 2020-05-21 10:07:03 +00:00
rillig
a792ed8547 mail/amavisd-milter: remove unknown configure options 2020-05-21 07:08:07 +00:00