Changes:
1.8.7
-----
- Extend `from' command that sets the envelope from address: the
patterns %U, %H, %C, %M are now replaced with user name, host name,
canonicalized host name, and the contents of /etc/mailname. This is
useful for system-wide installations and is more powerful than the old
auto_from and maildomain commands, which are now deprecated (but still
supported, of course).
1.8.6
-----
- Aliases are now expanded recursively
- Minor bug fixes
* Enable SASL support
Changelog:
This is a long overdue maintenance release:
- SSL now uses SNI, which for example GMail requires
- fixed fallbacks for missing UIDPLUS extension (with e.g. DavMail)
- fixed UIDVALIDITY recovery with really long Message-id headers
- fixed GSSAPI authentication with Kerberos
- fixed support for IMAP servers which do not sort search results (e.g.,
poczta.o2.pl)
- fixed CopyArrivalDate on platforms without glibc
- fixed useless SASL warnings with certain plugins
- the perl 5.14 requirement is now made explicit
- improved OpenBSD support
- fixed a bunch of compiler warnings
Changelog:
68.3.1
Changes
changed
In dark theme unread messages no longer shown in blue to distinguish from tagged messages
changed
Account setup is now using client side DNS MX lookup instead of relying on a server.
Fixes
fixed
Searching LDAP address book crashed in some circumstances
fixed
Message navigation with backward and forward buttons did not work in some circumstances
fixed
WebExtension toolbar icons were displayed too small
fixed
Calendar: Tasks due today were not listed in bold
fixed
Calendar: Last day of long-running events was not shown
68.3.0
What’s New
new
Message display toolbar action WebExtension API
new
Navigation buttons are now available in content tabs, for example those opened via an add-on search
Changes
changed
"New email" icon in Windows systray changed from in-tray with arrow to envelope
Fixes
fixed
Icons of attachments in the attachment pane of the Write window not always correct
fixed
Toolbar buttons of add-ons in the menubar not shown after startup
fixed
LDAP lookup not working when SSL was enabled. LDAP search not working when "All Address Books" was selected.
fixed
Scam link confirmation panel not working
fixed
In Write window, the Link Properties dialog wasn't showing named anchors in context menu
fixed
Calendar: Start-up failed if the application menu is not on the calendar toolbars
fixed
Chat: Account reordering via drag-and-drop not working on Instant messaging status dialog (Show Accounts)
fixed
Various security fixes
Security fixes:
#CVE-2019-17008: Use-after-free in worker destruction
#CVE-2019-13722: Stack corruption due to incorrect number of arguments in WebRTC code
#CVE-2019-11745: Out of bounds write in NSS when encrypting with a block cipher
#CVE-2019-17009: Updater temporary files accessible to unprivileged processes
#CVE-2019-17010: Use-after-free when performing device orientation checks
#CVE-2019-17005: Buffer overflow in plain text serializer
#CVE-2019-17011: Use-after-free when retrieving a document in antitracking
#CVE-2019-17012: Memory safety bugs fixed in Firefox 71, Firefox ESR 68.3, and Thunderbird 68.3
* Fix build with rust-1.39.0
Changelog:
60.9.1:
Fixed
Problem with Google authentication (OAuth2)
60.9.0:
New
Offer to configure Exchange accounts for Office365. A third-party add-on is required for this account type. IMAP still exists as alternative.
Security fixes
#CVE-2019-11739: Covert Content Attack on S/MIME encryption using a crafted multipart/alternative message
#CVE-2019-11746: Use-after-free while manipulating video
#CVE-2019-11744: XSS by breaking out of title and textarea elements using innerHTML
#CVE-2019-11742: Same-origin policy violation with SVG filters and canvas to steal cross-origin images
#CVE-2019-11752: Use-after-free while extracting a key value in IndexedDB
#CVE-2019-11743: Cross-origin access to unload event attributes
#CVE-2019-11740: Memory safety bugs fixed in Firefox 69, Firefox ESR 68.1, Firefox ESR 60.9, Thunderbird 68.1, and Thunderbird 60.9
Leaf package.
2019-11-29 Richard Russon <rich@flatcap.org>
* Features
- Add raw mailsize expando (%cr)
* Bug Fixes
- Avoid double question marks in bounce confirmation msg
- Fix bounce confirmation
- fix new-mail flags and behaviour
- fix: browser <descend-directory>
- fix ssl crash
- fix move to trash
- fix flickering
- Do not check hidden mailboxes for new mail
- Fix new_mail_command notifications
- fix crash in examine_mailboxes()
- fix crash in mutt_sort_threads()
- fix: crash after sending
- Fix crash in tunnel's conn_close
- fix fcc for deep dirs
- imap: fix crash when new mail arrives
- fix colour 'quoted9'
- quieten messages on exit
- fix: crash after failed mbox_check
- browser: default to a file/dir view when attaching a file
* Changed Config
- Change $write_bcc to default off
* Translations
- 100% Portuguese (Brazil)
- 92% Polish
* Docs
- Add a bit more documentation about sending
- Clarify $write_bcc documentation.
- Update documentation for raw size expando
- docbook: set generate.consistent.ids to make generated html reproducible
* Build
- fix build/tests for 32-bit arches
- tests: fix test that would fail soon
- tests: fix context for failing idna tests
Changes since version 1.13.0:
! Bug fix release.
+ $sidebar_relative_shortpath_indent, default unset, enables the
indentation and shortpath behavior introduced in 1.13.0.
+ $sidebar_use_mailbox_shortcuts, default unset, displays standard
mailbox shortcuts, '~' and '=' in the sidebar. When unset, the
sidebar will remove a $folder prefix but won't display mailbox
shortcuts.
Update doveot2 to 2.3.9.2, previous fix for CVE-2019-19722 was partial fix.
v2.3.9.2 2019-12-13 Aki Tuomi <aki.tuomi@open-xchange.com>
- Mails with empty From/To headers can also cause crash
in push notification drivers.
Exim version 4.93
-----------------
JH/01 OpenSSL: With debug enabled output keying information sufficient, server
side, to decode a TLS 1.3 packet capture.
JH/02 OpenSSL: Suppress the sending of (stateful) TLS1.3 session tickets.
Previously the default library behaviour applied, sending two, each in
its own TCP segment.
JH/03 Debug output for ACL now gives the config file name and line number for
each verb.
JH/04 The default received_header_text now uses the RFC 8314 tls cipher clause.
JH/05 DKIM: ensure that dkim_domain elements are lowercased before use.
JH/06 Fix buggy handling of autoreply bounce_return_size_limit, and a possible
buffer overrun for (non-chunking) other transports.
JH/07 GnuTLS: Our use of late (post-handshake) certificate verification, under
TLS1.3, means that a server rejecting a client certificate is not visible
to the client until the first read of encrypted data (typically the
response to EHLO). Add detection for that case and treat it as a failed
TLS connection attempt, so that the normal retry-in-clear can work (if
suitably configured).
JB/01 Bug 2375: fix expansions of 822 addresses having comments in local-part
and/or domain. Found and fixed by Jason Betts.
JH/08 Add hardening against SRV & TLSA lookups the hit CNAMEs (a nonvalid
configuration). If a CNAME target was not a wellformed name pattern, a
crash could result.
JH/09 Logging: Fix initial listening-on line for multiple ports for an IP when
the OS reports them interleaved with other addresses.
JH/10 OpenSSL: Fix aggregation of messages. Previously, when PIPELINING was
used both for input and for a verify callout, both encrypted, SMTP
responses being sent by the server could be lost. This resulted in
dropped connections and sometimes bounces generated by a peer sending
to this system.
JH/11 Harden plaintext authenticator against a badly misconfigured client-send
string. Previously it was possible to cause undefined behaviour in a
library routine (usually a crash). Found by "zerons".
JH/12 Bug 2384: fix "-bP smtp_receive_timeout". Previously it returned no
output.
JH/13 Bug 2386: Fix builds with Dane under LibreSSL 2.9.0 onward. Some old
API was removed, so update to use the newer ones.
JH/14 Bug 1891: Close the log file if receiving a non-smtp message, without
any timeout set, is taking a long time. Previously we would hang on to a
rotated logfile "forever" if the input was arriving with long gaps
(a previous attempt to fix addressed lack, for a long time, of initial
input).
HS/01 Bug 2390: Use message_id for tempfile creation to avoid races in a
shared (NFS) environment. The length of the tempfile name is now
4 + 16 ("hdr.$message_exim_id") which might break on file
systems which restrict the file name length to lower values.
(It was "hdr.$pid".)
HS/02 Bug 2390: Use message_id for tempfile creation to avoid races in a
shared (NFS) environment.
HS/03 Bug 2392: exigrep does case sensitive *option* processing (as it
did for all versions <4.90). Notably -M, -m, --invert, -I may be
affected.
JH/15 Use unsigned when creating bitmasks in macros, to avoid build errors
on some platforms for bit 31.
JH/16 GnuTLS: rework ciphersuite strings under recent library versions. Thanks
to changes apparently associated with TLS1.3 handling some of the APIs
previously used were either nonfunctional or inappropriate. Strings
like TLS1.3:ECDHE_SECP256R1__RSA_PSS_RSAE_SHA256__AES_256_GCM__AEAD:256
and TLS1.2:ECDHE_SECP256R1__RSA_SHA256__AES_128_CBC__SHA256:128 replace
the previous TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256 .
This affects log line X= elements, the $tls_{in,out}_cipher variables,
and the use of specific cipher names in the encrypted= ACL condition.
JH/17 OpenSSL: the default openssl_options now disables ssl_v3.
JH/18 GnuTLS: fix $tls_out_ocsp under hosts_request_ocsp. Previously the
verification result was not updated unless hosts_require_ocsp applied.
JH/19 Bug 2398: fix listing of a named-queue. Previously, even with the option
queue_list_requires_admin set to false, non-admin users were denied the
facility.
JH/20 Bug 2389: fix server advertising of usable certificates, under GnuTLS in
directory-of-certs mode. Previously they were advertised despite the
documentation.
JH/21 The smtp transport option "hosts_noproxy_tls" is now unset by default.
A single TCP connection by a client will now hold a TLS connection open
for multiple message deliveries, by default. Previoud the default was to
not do so.
JH/22 The smtp transport option "hosts_try_dane" now enables all hosts by
default. If built with the facility, DANE will be used. The facility
SUPPORT_DANE is now enabled in the prototype build Makefile "EDITME".
JH/23 The build default is now for TLS to be included; the SUPPORT_TLS define
is replaced with DISABLE_TLS. Either USE_GNUTLS or (the new) USE_OPENSSL
must be defined and you must still, unless you define DISABLE_TLS, manage
the the include-dir and library-file requirements that go with that
choice. Non-TLS builds are still supported.
JH/24 Fix duplicated logging of peer name/address, on a transport connection-
reject under TFO.
JH/25 The smtp transport option "hosts_try_fastopen" now enables all hosts by
default. If the platform supports and has the facility enabled, it will
be requested on all coneections.
JH/26 The PIPE_CONNECT facility is promoted from experimental status and is now
controlled by the build-time option SUPPORT_PIPE_CONNECT.
PP/01 Unbreak heimdal_gssapi, broken in 4.92.
JH/27 Bug 2404: Use the main-section configuration option "dsn_from" for
success-DSN messages. Previously the From: header was always the default
one for these; the option was ignored.
JH/28 Fix the timeout on smtp response to apply to the whole response.
Previously it was reset for every read, so a teergrubing peer sending
single bytes within the time limit could extend the connection for a
long time. Credit to Qualsys Security Advisory Team for the discovery.
JH/29 Fix DSN Final-Recipient: field. Previously it was the post-routing
delivery address, which leaked information of the results of local
forwarding. Change to the original envelope recipient address, per
standards.
JH/30 Bug 2411: Fix DSN generation when RFC 3461 failure notification is
requested. Previously not bounce was generated and a log entry of
error ignored was made.
JH/31 Avoid re-expansion in ${sort } expansion. (CVE-2019-13917)
JH/32 Introduce a general tainting mechanism for values read from the input
channel, and values derived from them. Refuse to expand any tainted
values, to catch one form of exploit.
JH/33 Bug 2413: Fix dkim_strict option. Previously the expansion result
was unused and the unexpanded text used for the test. Found and
fixed by Ruben Jenster.
JH/34 Fix crash after TLS shutdown. When the TCP/SMTP channel was left open,
an attempt to use a TLS library read routine dereffed a nul pointer,
causing a segfault.
JH/35 Bug 2409: filter out-of-spec chars from callout response before using
them in our smtp response.
JH/36 Have the general router option retry_use_local_part default to true when
any of the restrictive preconditions are set (to anything). Previously it
was only for check_local user. The change removes one item of manual
configuration which is required for proper retries when a remote router
handles a subset of addresses for a domain.
JH/37 Appendfile: when evaluating quota use (non-quota_size_regex) take the file
link count into consideration.
HS/04 Fix handling of very log lines in -H files. If a -<key> <value> line
caused the extension of big_buffer, the following lines were ignored.
JH/38 Bug 1395: Teach the DNS negative-cache about TTL value from the SOA in
accordance with RFC 2308. Previously there was no expiry, so a longlived
receive process (eg. due to ACL delays) versus a short SOA value could
surprise.
HS/05 Handle trailing backslash gracefully. (CVE-2019-15846)
JH/39 Promote DMARC support to mainline.
JH/40 Bug 2452: Add a References: header to DSNs.
JH/41 With GnuTLS 3.6.0 (and later) do not attempt to manage Diffie-Hellman
parameters. The relevant library call is documented as "Deprecated: This
function is unnecessary and discouraged on GnuTLS 3.6.0 or later. Since
3.6.0, DH parameters are negotiated following RFC7919."
HS/06 Change the default of dnssec_request_domains to "*"
JH/42 Bug 2545: Fix CHUNKING for all RCPT commands rejected. Previously we
carried on and emitted a BDAT command, even when PIPELINING was not
active.
JH/43 Bug 2465: Fix taint-handling in dsearch lookup. Previously a nontainted
buffer was used for the filename, resulting in a trap when tainted
arguments (eg. $domain) were used.
JH/44 With OpenSSL 1.1.1 (onwards) disable renegotiation for TLS1.2 and below;
recommended to avoid a possible server-load attack. The feature can be
re-enabled via the openssl_options main cofiguration option.
JH/45 local_scan API: documented the current smtp_printf() call. This changed
for version 4.90 - adding a "more data" boolean to the arguments.
Bumped the ABI version number also, this having been missed previously;
release versions 4.90 to 4.92.3 inclusive were effectively broken in
respect of usage of smtp_printf() by either local_scan code or libraries
accessed via the ${dlfunc } expansion item. Both will need coding
adjustment for any calls to smtp_printf() to match the new function
signature; a FALSE value for the new argument is always safe.
JH/46 FreeBSD: fix use of the sendfile() syscall. The shim was not updating
the file-offset (which the Linux syscall does, and exim expects); this
resulted in an indefinite loop.
JH/47 ARC: fix crash in signing, triggered when a configuration error failed
to do ARC verification. The Authentication-Results: header line added
by the configuration then had no ARC item.
upstream changes:
-----------------
Fix for an Exim interoperability problem when postscreen after-220 checks
are enabled. Bug introduced in Postfix 3.4: the code that detected
"PIPELINING after BDAT" looked at the wrong variable. The warning now says
"BDAT without valid RCPT", and the error is no longer treated as a command
PIPELINING error, thus allowing mail to be delivered. Meanwhile, Exim has
been fixed to stop sending BDAT commands when postscreen rejects all RCPT
commands.
Usability bug, introduced in Postfix 3.4: the parser for key/certificate
chain files rejected inputs that contain an EC PARAMETERS object. While
this is technically correct (the documentation says what types are allowed)
this is surprising behavior because the legacy cert/key parameters will
accept such inputs. For now, the parser skips object types that it does not
know about for usability, and logs a warning because ignoring inputs is not
kosher.
Bug introduced in Postfix 2.8: don't gratuitously enable all after-220
tests when only one such test is enabled. This made selective tests
impossible with 'good' clients. This will be fixed in older Postfix
versions at some later time.
upstream changes:
-----------------
[Conf] Antivirus: Fix the default config
[Feature] Add verdict library in lua
[Feature] Allow exception when choosing upstream
[Feature] Allow to disable symbols from the metric config
[Feature] Allow to limit maps per specific worker
[Feature] Always validate Rspamd protocol output
[Feature] Antivirus: Add preliminary virustotal support
[Feature] Clickhouse: Rework Clickhouse collection logic
[Feature] Improve base64 usage
[Feature] Shutdown timeout is now associated with task timeout
[Fix] #3129 Multiple classifiers on redis working incorrectly
[Fix] Allow real upstreams configuration
[Fix] Another try to fix slow callbacks and timers
[Fix] Check results of write message as SSL can bork them
[Fix] Clickhouse: Avoid potential races in collection
[Fix] Clickhouse: Fix periodic script
[Fix] Fail DNS upstream on each retransmit attempt
[Fix] Fix consistent hashing when upstreams are marked inactive
[Fix] Fix issues found
[Fix] Fix off-by-one in retries for the proxy
[Fix] Fix termination
[Fix] Fix upstreams exclusion logic
[Fix] Fix utf8 validation for symbols options and empty strings
[Fix] Oops, fix maps reload
[Fix] Rbl: Allow utf8 lookups for IDN domains
[Fix] Sigh, another try to fix brain-damaged openssl
[Project] Add fast utf8 validation library
[Project] Use own utf8 validation instead of glib
[Rework] Another phase of finish actions rework
[Rework] Further cmake system rework
[Rework] Further isolation of the controller’s functions
[Rework] Make cmake structure more modular
[Rework] Move cmake modules to a dedicated path
[Rework] Replace controller functions by any scanner worker if needed
[Rework] Rework final scripts logic
[Rework] Rewrite rspamd_str_make_utf_valid function
ftp.cyrusimap.org has been down for months. Asked about this on the
cyrus-info mailinglist months ago with no responses. So lets drop it from
MASTER_SITES.
The directory old on the ftp is also available in the http download so I
added that to MASTER_SITES as well.
v0.5.9:
+ Added events for Sieve and ManageSieve, see
https://doc.dovecot.org/admin_manual/list_of_events/#pigeonhole
+ Pigeonhole: Implement the Sieve "special-use" extension described in
RFC 8579.
- duplicate: Test only compared the handles which would cause
different values to be cached as the same duplicate test. Fix to also
compare the actual hashes.
- imap_sieve_filter: IMAP FILTER Command had various bugs in error
handling. Errors may have been duplicated for each email, errors
may have been missing entirely, command tag and ERRORS/WARNINGS
parameters were swapped.
v2.3.9:
* Changed several event field names for consistency and to avoid
conflicts in parent-child event relationships:
* SMTP server command events: Renamed "name" to "cmd_name"
* Events inheriting from a mailbox: Renamed "name" to "mailbox"
* Server connection events have only "remote_ip", "remote_port",
"local_ip" and "local_port".
* Removed duplicate "client_ip", "ip" and "port".
* Mail storage events: Removed "service" field.
Use "service:<name>" category instead.
* HTTP client connection events: Renamed "host" to "dest_host" and
"port" to "dest_port"
* auth: Drop Postfix socketmap support. It hasn't been working
with recent Postfix versions for a while now.
* push-notification-lua: The "subject" field is now decoded to UTF8
instead of kept as MIME-encoded.
+ push-notification-lua: Added new "from_address", "from_display_name",
"to_address" and "to_display_name" fields. The display names are
decoded to UTF8.
+ Added various new fields to existing events.
See http://doc.dovecot.net/admin_manual/list_of_events.html
+ Add lmtp_add_received_header setting. It can be used to prevent LMTP
from adding "Received:" headers.
+ doveadm: Support SSL/STARTTLS for proxied doveadm connections based on
doveadm_ssl setting and proxy ssl/tls settings.
+ Log filters support now "service:<name>", which matches all events for
the given service. It can also be used as a category.
+ lib: Use libunwind to get abort backtraces with function names
where available.
+ lmtp: When the LMTP proxy changes the username (from passdb lookup)
add an appropriate ORCPT parameter.
- lmtp: Add lmtp_client_workarounds setting to implement workarounds for
clients that send MAIL and RCPT commands with additional spaces before
the path and for clients that omit <> brackets around the path.
See example-config/conf.d/20-lmtp.conf.
- lda/lmtp: Invalid MAIL FROM addresses were rejcted too aggressively.
Now mails from addresses with unicode characters are delivered, but
their Return-Path header will be <> instead of the given MAIL FROM
address.
- lmtp: The lmtp_hdr_delivery_address setting is ignored.
- imap: imap_command_finished event's "args" and "human_args" parameters
were always empty.
- mbox: Seeking in zlib and bzip2 compressed input streams didn't work
correctly.
- imap-hibernate: Process crashed when client got destroyed while it was
attempted to be unhibernated, and the unhibernation fails.
- *-login: Proxying may have crashed if SSL handshake to the backend
failed immediately. This was unlikely to happen in normal operation.
- *-login: If TLS handshake to upstream server failed during proxying,
login process could crash due to invalid memory access.
- *-login: v2.3 regression: Using SASL authentication without initial
response may have caused SSL connections to hang. This happened often
at least with PHP's IMAP library.
- *-login: When login processes are flooded with authentication attempts
it starts logging errors about "Authentication server sent unknown id".
This is still expected. However, it also caused the login process to
disconnect from auth server and potentially log some user's password
in the error message.
- dict-sql: SQL prepared statements were not shared between sessions.
This resulted in creating a lot of prepared statements, which was
especially inefficient when using Cassandra backend with a lot of
Cassandra nodes.
- auth: auth_request_finished event didn't have success=yes parameter
set for successful authentications.
- auth: userdb dict - Trying to list users crashed.
- submission: Service could be configured to allow anonymous
authentication mechanism and anonymous user access.
- LAYOUT=index: Corrupted dovecot.list.index caused folder creation to
panic.
- doveadm: HTTP server crashes if request target starts with double "/".
- dsync: Remote dsync started hanging if the initial doveadm
"dsync-server" command was sent in the same TCP packet as the
following dsync handshake. v2.3.8 regression.
- lib: Several "input streams" had a bug that in some rare situations
might cause it to access freed memory. This could lead to crashes or
corruption.
The only currently known effect of this is that using zlib plugin with
external mail attachments (mail_attachment_dir) could cause fetching
the mail to return a few bytes of garbage data at the beginning of the
header. Note that the mail wasn't saved corrupted, but fetching it
caused corrupted mail to be sent to the client.
- lib-storage: If a mail only has quoted content, use the quoted text
for generating message snippet (IMAP PREVIEW) instead of returning
empty snippet.
- lib-storage: When vsize header was rebuilt, newly calculated message
sizes were added to dovecot.index.cache instead of being directly
saved into vsize records in dovecot.index.
- lib: JSON generator was escaping UTF-8 characters unnecessarily.
Fix spurious (may be forged) logs when receiving via IPv6 socket,
and fix sending to IPv6-enabled relay.
Bump PKGREVISION
(no revision bump for libmilter, it's not affected)
- Fixed typos in base.pod and recipes.pod
- Remove re-prompting for port when an invalid service name was
supplied. Just error and exit instead
- Cleaning up error messages that contained extra newlines
- Remove interactive prompts for helo and from when hostname
cannot be determined internally. Just error instead.
- Rearrange internal option definition structure in preparation
for major rework
- Rework how the --show-time-lapse option is tracked internally
and displayed in --dump output
- --protocol's argument was incorrectly marked as optional
- Updating copyright year to 2019
- --use-old-data-tokens was not completely removed, clean up
- --tls-optional-strict was incorrectly marked internally as
optionally accepting an argument
- Fix handling of --option=arg option format which prevented it
from being used with --header and --attach* options
- --attach option processing was calling die() instead of
ptrans/exit on error
- If the arg to --data looks like a file but is not openable,
error and exit instead of using it the file name as the raw
data value
- Add %NEWLINE% as a new --data token
- Small code tidy around %DATE% token replacement
- Enforce key=value format for arguments to --auth-extra and
--auth-map
- Clarify how XCLIENT arguments are grouped in --xclient doc
- Typo in documentation for --ehlo, reported by Konstantin Stephan
- Adding data and dot as valid --drop-after-send and --drop-after
arguments
- Add documentation for missing --quit-after synonym STARTTLS
- Update copyright year to 2019
- --copy-routing should error when no argument given.
- Add validation to --proxy-family (when proxy-version=1) and
--proxy-version options.
- Turn off option bundling. No practical use and it could cause
real confusion (with bundling turned on, -foobar was "-f oobar"
instead of an unknown option.
- Turn on case-sensitivity for configuration options. Needed to
make -S distinct from -s, as documented.
- Add a flag for --dump-mail in the OUTPUT section of --dump
- --version and --help should work even if they aren't the very
first option.
- When processing config file options with no leading '-' and any
environment variable config, prefix the option with '--' for
processing, not '-'. Bandaid for very minor difference between
'-' and '--' option processing which I hope to fix soon.
- Adding an ENVIRONMENT VARIABLES section to the doc.
- Tidying and clarifying the OPTION PROCESSING section of the docs.
- Fix bug causing in "no-" option processing to work unreliably.
- Document the unreliability of using environment variables to unset
other environment variable options with the "no-" prefix.
- Document the general rule that when processing duplicate options,
the last option specified wins, both inter- and intra-method.
- Since there is no inherent order to options provided in environment
variables, sort them before processing to define an order.
- Config file fixes around searching default $SWAKS_HOME, $HOME,
and $LOGDIR locations:
- Searching default locations for the first existing
PATH/.swaksrc did not actually work as documented.
- If none of the default search environment variables was set,
Swaks would not process the "portable" defaults optionally
stored in the actual swaks script.
- Implement --body-attach option to allow more granularity in
setting body information (different mime types, alternatives, etc).
- Fix --attach* option processing to remove possibly ambiguity
- Fix issue with malformed headers. Don't fall over if header
doesn't contain a colon or looks like an illegal continuation.
- Doc fix for default body - %SWAKS_VERSION% missing trailing char.
- --add-header documentation was still referencing a single-char,
no longer valid, replacement token. Replace with the correct token.
Changes since version 1.12.2:
! <half-up> and <half-down> in the pager are now symmetric.
! $ssl_force_tls is now set by default.
! Configure option --with-regex is renamed to --with-bundled-regex.
Most modern OS should be fine using their own regex library. The
rename is to clarify the intention of the option.
! Configure option --disable-doc now only disables the manual generation.
Other parts of the doc directory (man pages, Muttrc file) are generated.
! $user_agent is now unset by default.
! unattachments now has a '*' parameter to remove all attachment counting.
+ Autocrypt support. Enabled via configure option --enable-autocrypt.
Please see the manual for details on how to enable and use this properly.
+ Byte size displays can be customized via new variables $size_show_bytes,
$size_show_mb, $size_show_fractions, $size_units_on_left.
+ $ssl_use_tlsv1_3, default set, allows TLS1.3 connections if supported
by the server.
! format=flowed space stuffing works again, and is performed after every
edit, not just the first time.
+ $browser_sticky_cursor, default set, attempts to keep the cursor on the
same mailbox when performing operations in the browser.
! <display-filename> in the browser menu shows the full path for local and
IMAP mailboxes.
! $sidebar_folder_indent and $sidebar_short_path are now based on previous
entries in the sidebar, allowing them to work on mailboxes outside $folder.
! Sidebar entries are now prefixed with mailbox shortcuts '~' and '='. This
uses the same code as other parts of mutt, for more consistent display.
+ <browse-mailboxes> allows direct access to the mailboxes list from the
index and pager, without having to use a macro. This improves
$browser_sticky_cursor initial selection of the current mailbox.
! <pipe-message> with $pipe_decode set will update MIME headers to decoded
text/plain values.
+ $send_multipart_alternative and $send_multipart_alternative_filter allow
the generation of a multipart/alternative when composing a message. See
their documentation in the manual for more details. Also see
contrib/markdown2html for a sample filter.
+ In the compose menu <view-alt>, <view-alt-text>, <view-alt-mailcap> allow
previewing the output of the $send_multipart_alternative_filter.
! $write_bcc now defaults unset. It no longer affects the Fcc copy, which
will always include the Bcc header.
+ When $count_alternatives is set, Mutt will recurse inside
multipart/alternatives while performing attachment searching and counting.
This affects %X in the index and ~X pattern matching.
Changelog:
Notmuch 0.29.3 (2019-11-27)
===========================
General
-------
Fix for use-after-free in notmuch_config_list_{key,val}.
Fix for double close of file in notmuch-dump.
* 3.17.4
--------
* New HTML viewer plugin: Litehtml viewer
* Added option 'Enable keyboard shortcuts' to the 'Keyboard
shortcuts' frame on /Configuration/Preferences/Other/Miscellaneous
* Compose: implemented copying of attached images to clipboard
* Compose: images and text/uri-list (files) can now be attached by
pasting into the Compose window
* Python plugin: window sizes are now remembered for the Python
console, the 'Open URLs' and the 'Set mailbox order' windows.
* Fancy plugin: the download-link feature now follows redirections
* MBOX export: the Enter key in the dialogue now starts the export
* The date (ISO format) has been added to log timestamps
* Updated translations: Brazilian Portuguese, Catalan, Czech, Danish,
Dutch, French, German, Hungarian, Indonesian, Polish, Portuguese,
Romanian, Russian, Slovak, Spanish, Swedish, Traditional Chinese,
Turkish
* bug fixes:
o bug 1920, 'No automatic NNTP filtering'
o bug 2045, 'address book blocks focus on email window'
o bug 2131, 'Focus stealing after mail check'
o bug 2627, 'Filtering does not work on NNTP'
o bug 3070, 'misbehaving text wrapping when URL chars are
present'
o bug 3838, 'Canceled right-click on message list leaves UI
in inconsistent state'
o bug 3977, 'Fix crashes when some external APIs fail'
o bug 3979, 'Hang (with killing needed) during action which
extracts attachments'
o bug 4029, 'segfault after deleting message in a window'
o bug 4031, 'fingerprint in SSL/TLS certificates for ...
(regress error)'
o bug 4037, 'Fix some small issues'
o bug 4142, 'Translation error on Russian'
o bug 4145, 'proxy server for sending doesn't work'
o bug 4155, 'remember directory of last saving'
o bug 4166, 'corrupted double-linked list'
0 bug 4167, 'Max line length exceeded when forwarding mail'
o bug 4188, 'STL file is sent not as an attachment but as its
base64 representation in plaintext'
o CID 1442278, 'impossible to trigger buffer overflow'
o Make key accelerators from menu work in addressbook window
o save checkbox choices of display/summaries/defaults prefs
o Do not throw an error when cancelling 'Save email as...'.
o occasional crash on drag'n'drop of msgs
o possible stack overflow in vcalendar's Curl data handler
o crash when LDAP address source is defined in index, but
LDAP support is disabled
o crash in Fancy plugin if one of the MIME parts has no
Content-ID
o a few small memory leaks in scan_mailto_url()
o configure script for rare cases where python is not
installed
o incorrect charset conversion in sc_html_read_line().
o markup in 'key not fully trusted' warning in pgpcore
o use after free in rare code path in rssyl_subscribe()
o several memory leaks
o verify_folderlist_xml() for fresh starts
o printf formats for size_t and goffset arguments.
o alertpanel API use in win32 part of mimeview.c
o pid handling in debug output of kill_children_cb()
o incorrect pointer arithmetic in w32_filesel.c
* 3.17.3
--------
* Add support for TLS Server Name Indication (SNI). This enables the
sending of your hostname, if available, to the server so that it
can select the appropriate certificate for your domain. This is
useful for servers which host multiple domains on the same IP
address.
This is a hidden Account preference, 'use_tls_sni', and is enabled
by default.
* SSL/TLS certificate manager: The Delete key will now delete the
selected certificate.
* Window sizes are now remembered for the 'Apply tags' and SSL/TLS
certificate manager windows.
* bug fixes:
o bug 3519, 'Links including umlauts are broken'
o bug 4134, ''Save message to' option not set when it should
be'
o prevent the Tools/SSL/TLS Certificates dialogue from
crashing when certificate filenames contain a fingerprint.
o build on GNU Hurd.
o various build fixes when building without GnuTLS.
* 3.17.2
--------
* Message List: A context menu has been added to the column headers,
it has two entries: a new option, 'Lock column headers', and 'Set
displayed colums'.
* Folder List: A context menu has been added to the column headers,
containing 'Set displayed columns'.
* Preferences: The Display/Summaries option page has been split into
three notebook pages: Folder List, Message List, and Defaults.
The Message List page contains the new 'Lock column headers'
option. The Defaults page contains several new options for new
folders.
* New Folder Properties: It is now possible to control signing and
encrypting options on the Compose page. By default it follows the
Account preferences, but they can be overridden to always sign
and/or encrypt, or never sign/encrypt.
* Saving sent messages: The global preference, 'Save sent messages',
can now be overriden by the Folder Property and Account
preferences. The global preference no longer needs to be activated
for the Account Preference, 'Put sent messages in ...' option to
function. Likewise, the Folder Property, 'Save copy of outgoing
messages to this folder instead of Sent', no longer relies on the
global preference being set.
* SSL/TLS certificates: The SHA-256 fingerprint is now displayed, and
the MD5 fingerprint has been removed.
* SSL/TLS certificates list: Status and Expiry columns have been
added, and expired and invalid certificates are now clearly
indicated.
* QuickSearch: body searches are now quicker.
* QuickSearch: symbols used in Extended searches are now expanded
in the 'Edit' dialogue.
* Re-editing: Flags and tags are now preserved when re-editing a
message.
* Fancy plugin: The minimum required webkitgtk version is now 1.10.0.
* PDF Viewer plugin: Ctrl+scroll now zooms.
* Tools: added cm-break.pl script, which breaks thread references for
the selected messages; textviewer.pl has been updated and now
requires perl 5.14.1.
* The legacy "sylpheed-claws" symlink is no longer installed in the
bindir.
* New translation: Portuguese.
* Updated translations: Brazilian Portuguese, Catalan, Czech, Danish,
Dutch, French, German, Russian, Slovak, Spanish, Swedish, Turkish.
* bug fixes:
o bug 3418, 'Building on a Cross Compiling toolchain doesn't
work'
o bug 3889, 'Address and quoted message inconsistent in
reply'
o bug 4114, 'autogen.sh: Fix argument quoting'
o bug 4115, 'autogen: avoid unwarranted re-configure'
o bug 4120, 'New cert files are created in $HOME instead of
in ~/.claws-mail/certs'
o byg 4121, 'Moving a subfolder in another folder erases its
processing rules' (sic)
o bug 4132, '"Mark all as (un)read" dialog appears when
acting on 1 message only'
o bug 4133, 'trying to read message from an NNTP group (with
all expired articles.'
o regression where mail was not being checked at startup when
it should have been
o links not being opened in browser when Fancy menu is opened
with a keyboard
o show correct address:port in SOCKS5 proxy connection failure
message
o prevent unexpected loss of drafted message
o Quicksearch eating keypresses it didn't handle
o build on Debian 7
o build on FreeBSD, sys/wait.h is needed for WEXITSTATUS
macro
o Reply from mainwindow menu and toolbar when mainwindow's
messageview is hidden
o CID 1438531 Fix wrong test leading to dead code
o CID 1439871 and validate Unicode char strictly
o CID 1439996 and remove unnecessary comparison
o Fancy: left-click on links not opening in browser
o RSSyl: lost processing rules when renaming folder
o annoyance where your current reading is disturbed when a
new msg is filtered into the current folder
o don't leave the user in limbo when privacy system is 'none'
and auto signing/encrypting is set
o several memory leaks
### GMime 3.2.5
* Modified GMimeParser to prevent stack overflows when parsing deeply nested messages.
GMimeParser now has a limit on how deep multipart and/or message/rfc822 MIME part
nesting is allowed to go before the parser will take action to prevent a stack
overflow. If the max level is reached at a message/rfc822 part, then that part
will be consumed by the parser as a generic GMimePart rather than a
GMimeMessagePart. Likewise, if the max level is reached at any type of multipart,
then the content of said multipart will be packed into the GMimeMultipart's
preface and not parsed any further.
* g_mime_multipart_foreach has been rewritten to avoid recursion, thereby avoiding potential
stack overflows.
* The gmime-port-2-6-to-3-0.sh script has been fixed to use proper sed syntax.
AUTOFIX: hacks.mk:5: Replacing "${PKGSRC_COMPILER} == \"ido\"" with "${PKGSRC_COMPILER:Mido}".
The PKGSRC_COMPILER can be a list of chained compilers, e.g. "ccache
distcc clang". Therefore, comparing it using == or != leads to wrong
results in these cases.
Alan Coopersmith (7):
configure: Drop AM_MAINTAINER_MODE
autogen.sh: Honor NOCONFIGURE=1
Update README for gitlab migration
Update configure.ac bug URL for gitlab migration
Use _CONST_X_STRING to make libXt declare String as const char *
Fix -Wsign-compare warning in quit() function
xbiff 1.0.4
Emil Velikov (1):
autogen.sh: use quoted string variables
Kevin Lyda (1):
Clarify how volume works
Mihail Konev (1):
autogen: add default patch prefix
Peter Hutterer (1):
autogen.sh: use exec instead of waiting for configure to finish
