are replaced with .include "../../devel/readline/buildlink3.mk", and
USE_GNU_READLINE are removed,
* .include "../../devel/readline/buildlink3.mk" without USE_GNU_READLINE
are replaced with .include "../../mk/readline.buildlink3.mk".
Mail_Mie 1.8.8
* Fixed warning/notice on (static vs. non-static) PEAR::raiseError() usage
[alec]
* Fixed Bug #19761: PHP5 warnings about return by reference [alec]
* Fixed Bug #19770: Make cid generator more unique on Windows [alec]
* Fixed Bug #19987: E_STRICT warning when null is passed by reference [alec]
Changelog:
FIXED
Security fixes can be found here
Fixed in Thunderbird 17.0.7
MFSA 2013-59 XrayWrappers can be bypassed to run user defined methods in a privileged context
MFSA 2013-56 PreserveWrapper has inconsistent behavior
MFSA 2013-55 SVG filters can lead to information disclosure
MFSA 2013-54 Data in the body of XHR HEAD requests leads to CSRF attacks
MFSA 2013-53 Execution of unmapped memory through onreadystatechange event
MFSA 2013-51 Privileged content access and execution via XBL
MFSA 2013-50 Memory corruption found using Address Sanitizer
MFSA 2013-49 Miscellaneous memory safety hazards (rv:22.0 / rv:17.0.7)
Subject: [Dovecot-news] Released Pigeonhole v0.4.1 for Dovecot v2.2.4.
Date: Wed, 03 Jul 2013 22:15:31 +0200
To: dovecot-news@dovecot.org, Dovecot Mailing List <dovecot@dovecot.org>
Reply-To: dovecot@dovecot.org
Content-Transfer-Encoding: 7bit
Hello Dovecot users,
Now that I am not preoccupied anymore, I quickly release a new version
of Pigeonhole for Dovecot v2.2. This consists mainly of bug fixes. One
new feature is that the Sieve plugin will try to pass temporary
failures (e.g. from mail storage) back to LDA/LMTP as much as
possible. However, this change turned out a little bigger than I would
have liked, so experiment with it a bit before you deploy it in
production.
Changelog v0.4.1:
+ Added support for handling temporary failures. These are passed back
to LDA/LTMP to produce an appropriate response towards the MTA.
- Sieve storage: Removed PATH_MAX limitation for active symlink. This
caused problems for GNU/Hurd.
- Fixed line endings in X-Sieve headers added by redirect command.
- ManageSieve: Fixed '[' ']' stupidity for response codes (only
happened before login).
- Fixed setting name in example-config/conf.d/20-managesieve.conf.
- Sieve extprograms plugin: Fixed interaction between pipe command and
remote script service. The output from the script service was never
read, causing a broken pipe error at the script service. Apparently,
this was broken since the I/O handling for extprograms was last
revised.
- Fixed assertion failure due to datastack problem in message header
composition.
version 1.2.9 (which is old) is not available. Two improvements that
I noticed are:
1.) A remote DoS vulnerability (for which "pkgsrc" had a patch) has
been fixed.
2.) The SPF records for "gmail.com" are now accepted again.
Mail::DeliveryStatus::BounceParser analyzes RFC822 bounce messages and returns a
structured description of the addresses that bounced and the reason they
bounced; it also returns information about the original returned message
including the Message-ID. It works best with RFC1892 delivery reports, but will
gamely attempt to understand any bounce message no matter what MTA generated it.
+ doveadm: Added "flags" command to modify message flags.
+ doveadm: Added "deduplicate" command to expunge message duplicates.
+ dsync: Show the state in process title with verbose_proctitle=yes.
- imap/pop3 proxy: Master user logins were broken in v2.2.3
- sdbox/mdbox: A corrupted index header with wrong size was never
automatically fixed in v2.2.3.
- mbox: Fixed assert-crashes related to locking
nmzmail is a tool to use the namazu search engine from within the mutt mail
client to search mail stored in maildir folders. Based on the result of the
namazu query, nmzmail generates a maildir folder containing symbolic links to
the mails matching the query. A simple mutt macro makes easy to use nmzmail from
within mutt. nmzmail is pretty similar to mairix, but the code is much simpler,
as it uses an external program as search engine.
v3.5 (2013-06-05)
* Added digest generation and post-processing hooks.
* Fix html2text configuration (ignored since 2012-10-04).
* Fix opmlexport crash due to orphaned feed data.
* Use feed names in OPML 'text' attributes.
v3.4 (2013-05-14)
* Added post-processing hooks for user-specified message manipulation.
* Added settings for IMAP delivery. The old `use-smtp` boolean has
been replaced by a new `email-protocol` setting. Non-IMAP users
should adjust their configuration to set `email-protocol` to
either `sendmail` or `smtp`.
v3.3 (2013-04-13)
* Fix SMTP message submission logic.
* Fix error inheritence (super() calls).
* Convert html2text parsing errors to `ProcessingError`s.
* Cleanup html2text error handling.
* Drop Google Reader rel-via manipulation.
* Drop the wrapping <table> elements from HTML mail
v3.2 (2013-03-13)
* Use extended interpolation in configuration files, to allow percent signs (%).
* Added .as_string() fallback to email flattening (only used if
`use-smtp = False` and `use-8bit = True`).
* Added sendmail configuration option. Change this if you want to
use an alternative, sendmail-compatible mailer.
v3.1 (2013-02-14)
* Import __url__, __author__, and __email__ in rss2email.error,
which fixes bugs in formatting a number of errors.
v3.0 (2013-02-13)
* Changed project email (rss2email@tremily.us) and homepage
(http://github.com/wking/rss2email).
* Split static configuration parameters into a ConfigParser-read
config file (rss2email.cfg). Data that depends on the feed state
is recorded using JSON (rss2email.json).
* Use the XDG Base Directory Specification for standardized
configuration and data file locations.
* Converted the command line interface to argparse, with some
restructuring along the way.
* Added the r2e.1 man page (based on one from the Debian package).
* Added setup.py and a PyPI page for simpler installation
(http://pypi.python.org/pypi/rss2email).
* Added Message-ID headers to outgoing email.
* Added a test suite.
* Upgraded to Python 3.2 to take advantage of cleaner Unicode
handling and argparse.
* Require Signed-off-by lines in new commit messages, following the
Linux and Git projects.
== [release-1-8-9] 1.8.9: 2013-06-28
A bug fix release of 1.8.8.
=== Package
==== Improvements
* [rpm] Update Ruby1.9.3 package for CentOS6 to Ruby1.9.3-p448
released on 2013-06-27
=== milter manager
==== Fixes
* [binding][ruby] Fixed a bug that milter-manager couldn't detect
socket path if greylist.conf includes socket path with
permission.
== [release-1-8-8] 1.8.8: 2013-06-25
A bug fix release of 1.8.7.
=== Package
==== Fixes
* [rpm] milter-manager-log-analyzer should include cron configuration.
[Reported by Satoru Sakashita][milter-manager-users-ja:00200]
* [deb] Remove old configuration file installed by milter-manager.
[Reported by Youhei SASAKI][milter-manager-users-ja:00202]
=== Known Issues
* [test] Failed some test cases using rrdtool on some environments.
[Reported by Hirohisa Yamaguchi][GitHub #29]
=== Thanks
* Satoru Sakashita
* Youhei SASAKI
* Hirohisa Yamaguchi
RELEASE 0.9.2
-------------
- Fix image thumbnails display in print mode (#1489134)
- Fix height of message headers block (#1489108)
- Fix timeout issue on drag&drop uploads (#1489170)
- Fix default sorting of threaded list when THREAD=REFS isn't supported
- Fix list mode switch to 'List' after saving list settings in Larry skin (#1489164)
- Fix error when there's no writeable addressbook source (#1489162)
- Fix zipdownload plugin issue with filenames charset (#1489156)
- Fix so non-inline images aren't skipped on forward (#1489150)
- Fix "null" instead of empty string on messages list in IE10 (#1489145)
- Fix legacy options handling
- Fix so bounces addresses in Sender headers are skipped on Reply-All (#1489011)
- Fix bug where serialized strings were truncated in PDO::quote() (#1489142)
- Fix displaying messages with invalid self-closing HTML tags (#1489137)
- Fix PHP warning when responding to a message with many Return-Path headers (#1489136)
- Fix unintentional compose window resize (#1489114)
- Fix performance regression in text wrapping function (#1489133)
- Fix connection to posgtres db using unix socket (#1489132)
- Fix handling of comma when adding contact from contacts widget (#1489107)
- Fix bug where a message was opened in both preview pane and new window on double-click (#1489122)
- Fix fatal error when xdebug.max_nesting_level was exceeded in rcube_washtml (#1489110)
- Fix PHP warning in html_table::set_row_attribs() in PHP 5.4 (#1489094)
- Fix invalid option selected in default_font selector when font is unset (#1489112)
- Fix displaying contact with ID divisible by 100 in sql addressbook (#1489121)
- Fix browser warnings on PDF plugin detection (#1489118)
- Fix fatal error when parsing UUencoded messages (#1489119)
== Version 2.5.4 - Tue May 14 14:45:00 +1100 2013 Mikel Lindsaar
<mikel@lindsaar.net>
Features:
* Save settings passed to TestMailer#new (svanderbleek)
* Allow the setting of envelope from directly (jeremy)
* Accept other IETF/IANA-registered Content-Types and
Content-Transfer-Encodings (jeremy)
* Alias shift-jis charset to Shift_JIS Ruby encoding (jeremy)
* Add support for ks_c_5601-1987 charset, aliased to CP949 Ruby encoding
(jeremy)
* Don't allow colons in header names (jeremy)
* Can assign arrays of Message-IDs to References and In-Reply-To (jeremy)
* Setting the html_ or text_part sets a default text/html or text/plain
content type (jeremy)
* Setting the html_ or text_part to nil removes it (jeremy)
* Addresses without a parsable email or display name still format as their raw
text (jeremy)
* Close pull request 504 - Alias GB2312 charset to GB18030 Ruby encoding (bpot)
* Close pull request 399 - Accept :ca_path and :ca_file options for SMTP
delivery (ndbroadbent)
* Close pull request 389 - Don't add superfluous message headers to MIME parts
(djmaze, jeremy)
Performance:
* Close pull request 488 - Speed up field construction & comparison (bpot)
Bugs:
* Don't include separating semicolon in paramter value when sanitizing (bpot)
* Fix fencepost encoding problem with binhex strings and only one token (drasch)
* Fix sendmail delivery to addresses with a leading hyphen (lifo, jeremy)
* Correctly format mbox From headers per RFC4155 (bpot, jeremy)
* Fix bogus '=' at the end of some quoted-printable messages (jeremy)
* Shouldn't be fooled into encoding strings on 1.8 by unrelated Encoding
constant (emiellohr, jeremy)
* Header encoding should be US-ASCII, not the default external encoding (jeremy)
* Address elements should return decoded display names by default (jeremy)
* Fix up tests that depend on utf-8 external encoding; read fixtures as binary
(jeremy)
* Capture stderr from Sendmail and Exim deliveries (jeremy)
* RFC2822 quoted_string content may be empty (jeremy)
* Calling #to_s on a field with a nil value returns an empty string instead of
nil (jeremy)
* The Received header may contain zero name/value pairs, qmail-style (jeremy)
* Fix that setting an attachment with a :mime_type and :encoding would
override the :encoding (jeremy)
* Fix that declaring an html_part but no text_part would use
multipart/alternative anyway (jeremy)
* Close pull request 508 - Don't add an extra CRLF to MIME parts; split MIME
parts on correct CRLF boundaries (Aalanar)
* Close pull request 506 - Escape backslashes in quoted strings (ConradIrwin)
* Close pull request 496 - Correctly handle quoted-printable line breaks
(jeremy)
* Close pull request 493 - Repair misencoded quoted-printable line breaks
(jeremy)
* Close pull request 487 - Extract comments from group email addresses (bpot)
* Close pull request 481 - Correctly quote filename attributes (bpot)
* Close pull request 480 - Support mixed encodings in a single header body
(adamvaughan)
* Close pull request 471 - Fix Ruby 1.8 build when UTF16/32 default to
little-endian (kennyj)
Coping with third-party bugs:
* Parse multipart boundary from Content-Type headers containing extra
semicolons (jeremy)
* Close pull request 389 - Only add Content-ID to inline attachments to
appease Outlook (djmaze, jeremy)
Housekeeping:
* Add development gem dependency on rdoc (jeremy)
* Refresh Bundler dependencies & setup (jeremy)
* Remove i18n dependency and last vestiges of activesupport dependency in
specs (jeremy)
* Clarify that Sender is a single address, not an address list (jeremy)
* Add an MIT-LICENSE file to make licensing clear & obvious; update to 2013
(jeremy)
* Close pull request 501 - Tighten up header/body whitespace splitting
(ConradIrwin)
* Close pull request 499 - Clean up some dead code (ConradIrwin)
* Close pull request 489, 495 - Docs typos (JackDanger, francois)
* Close pull request 485 - Be explicit about unsupported address parsing (bpot)
* Close pull request 484 - Remove #tree specs in preparation for deprecation
removal (bpot)
* Close pull request 482 - Update address field specs to reflect to
#initialize API (bpot)
* Close pull request 475 - Shush warning on Object#blank? redefinition
(amatsuda)
* Close pull request 472 - Clean up UTF8/UTF-8 internals (kennyj)
== 1.23 / 2013-04-20
* New Feature:
* Arnaud Meuret (ameuret) suggested that it could be useful if the MIME type
collection was enumerable, so he implemented it in #30. Thanks for the
contribution! https://github.com/halostatue/mime-types/pull/30
* Updated MIME Types:
* RFC6910 was adopted (application/call-completion).
* RFC6902 was adopted (application/json-patch\+json).
* RFC6917 was adopted (application/mrb-consumer\+xml,
application/mrb-publish\+xml).
* RFC6922 was adopted (application/sql).
* RFC2560 is being
{updated}[http://tools.ietf.org/html/draft-ietf-pkix-rfc2560bis].
* Administrivia:
* The gemspec now includes information about the licenses under which the
mime-types gem is available.
* Using hoe-gemspec2 instead of hoe-gemspec.
== 1.22 / 2013-03-30
* New MIME Types:
* Added support for 3FR (Hasselblad raw images) files. MIME-Type was obtained
by looking at exif data with exiftool. Thanks to cgat for these changes.
https://github.com/halostatue/mime-types/pull/27
* Updated MIME Types:
* Pulled the latest updates from the IANA MIME-Type registry.
* Added support for Ruby 2.0 with Travis CI.
Can't locate getopt.pl in @INC (@INC contains:...
by adding two patches.
patches/patch-agent_test_TEST
patches/patch-bin_perload
See the thread starting with:
| To: tech-pkg@NetBSD.org
| Subject: broken packages for 2013q2
| From: David Holland <dholland-pkgtech@NetBSD.org>
| Date: Wed, 12 Jun 2013 04:02:11 +0000
or
http://mail-index.netbsd.org/tech-pkg/2013/06/12/msg011548.html
Log something when refusing to sign because the private key was too
small. This also adds a new "On-SignatureError" handler
setting, and a new status code DKIM_STAT_SIGGEN.
Fix application of "On-InternalError" setting.
Feature request #SF3609496: Don't apply reputation checks to internal
clients.
2.8.2 2013/03/27
Authentication-Results tokens should be checked without case
sensitivity.
Fix snprintf() arguments in dkimf_checkfsnode().
CONTRIB: Patch #SF3608716: Fixes to spec/opendkim.spec.in
2.8.1 2013/03/19
Fix bug #SF3607071: Report the reason why a key file is determined
to be unsafe.
Fix bug #SF3607072: When checking for key file safety, take any
"-u" value provided on the command line into account.
Fix bug #SF3608401: Solaris 10 doesn't have strsep().
BUILD: Fix build for versions of libdb between 3.1 and 4.6.
2.8.0 2013/02/25
Feature request #SF2964383: Add DKIM_LIBFLAGS_STRICTRESIGN, which
inhibits signing of a handle tagged for resigning when the
attached verifying handle had no valid signatures in it.
Feature request #SF3155117: Do a more thorough check for writeable
key files, checking more of the filesystem permission tree.
Feature request #SF3530734: Add "LDAPDisableCache", which suppresses
the creation of a local cache in front of LDAP queries.
Feature request #SF3547359: If compiled with libcurl, add "SMTPURI"
configuration option that allows direct SMTP transmission
failure reports.
Feature request #SF3578197: Allow per-message override of the list of
header fields to be signed.
Feature request #SF3590860: Combine collected reputation values into
an overall allowed rate under _FFR_REPRRD, as is done for the
other reputation code.
Feature request #SF3598991: Add odkim.signfor() function to the Lua
setup script.
Feature request #SF3599409: Modify dkimf_checkip() to try surrounding
the IP address part of every query with square brackets, which
is a common way to do IP address literals in email contexts.
Fix bug #SF3531477: Add (hopefully temporary) configuration option
"DisableCryptoInit" so that opendkim's initialization of the
crypto library doesn't conflict with the same work done by
other libraries.
Fix bug #SF3599901: Rename "InsecureKey" to "UnprotectedKey" and
"InsecurePolicy" to "UnprotectedPolicy", as the term "insecure"
in reference to a key is sometimes interpreted to mean "not
enough random bits" rather than as a keyword describing the
presence or absence of DNSSEC protection. What's logged in
Authentication-Results header fields has been similarly
modified.
Fix bug #SF3604525: Don't divide by zero when the query cache hasn't
been used.
Protect against handling of signatures with empty domains, which could
cause a NULL dereference and a crash.
Do ATPS checks when enabled even if ADSP is disabled.
Don't fail to start on empty or null configuration files.
Patch #SF3593422: Update for MDB 0.9.5 support.
LIBOPENDKIM: Fix header canonicalization when DKIM_LIBFLAG_FIXCRLF is
used in combination with dkim_chunk().
LIBOPENDKIM: Enable dkim_getcachestats() and the underlying function
to extract the current number of keys in the cache, and also
provide a counter reset mechanism.
BUILD: Feature request #SF3547151: Check for Lua package name variants
in use on Debian.
BUILD: Feature request #SF3599902: Change OpenSSL existence test
to help with Debian packaging.
BUILD: Add "--with-test-socket" to force all of the filter unit tests
to use a specific socket.
BUILD: Add checks for strlcat()/strlcpy() in libbsd.
CONTRIB: Fix bug #SF3575666: Pass pid file path to killproc.
CONTRIB: Add systemd directory.
CONTRIB: Split out initial key generation function from
contrib/init/redhat/opendkim.
MILTERTEST: Don't crash in mt_connect() if the socketspec doesn't
contain a colon.
MILTERTEST: When connect() fails for an AF_INET socket, it apparently
leaves the socket unusable. Discard the socket when that
happens and get a new one.
MILTERTEST: Add a way to extend the mt.connect() retry interval via
environment variables so a large test suite can be easily
extended on slow systems.
TOOLS: Register DNS functions before calling dkim_dns_init() in
opendkim-testkey.
TOOLS: Add "-K" (keep temporary files) flag for opendkim-testmsg
* A new action_add_entity function has been added.
* Deprecated defined(@array) construct has been removed.
* New load1 md-mx-ctrl command summarizes load in a more useful format than load
* watch-multiple-mimedefangs.tcl has been overhauled.
* Various other bugfixes and documentation cleanups.
Changes are too any to write here and please refer CHANGELOG.
pkgsrc changes:
* Add note to enable access_compat_module Apache 2.3 or later.
* Make php-mcrypt mandatory.
* Clean up PKG_OPTIONS.
* Add several patches from official repository.
* using legacy module getopt.pl, add dependency on p5-Perl4-CoreLibs
* fixes some warnings of prototype mismatch.
Bump PKGREVISION from additional dependency.
