Changes:
2.9.8
* TLS Interoperability workaround: turn on SHA-2 digests by force.
This improves interoperability with clients and servers that
deploy SHA-2 digests without the required support for TLSv1.2-style
digest negotiation.
* TLS Performance workaround: the Postfix SMTP server TLS session
cache had become ineffective because recent OpenSSL versions
enable session tickets by default, resulting in a different
ticket encryption key for each smtpd(8) process. The workaround
turns off session tickets. Postfix 2.11 will enable session
tickets properly.
* TLS Interoperability workaround: Debian Exim versions before
4.80-3 may fail to communicate with Postfix and possibly other
MTAs, with the following Exim SMTP client error message:
TLS error on connection to server-name [server-address]
(gnutls_handshake): The Diffie-Hellman prime sent by the
server is not acceptable (not long enough)
See the RELEASE_NOTES file for a Postfix SMTP server configuration
workaround.
* Bugfix (defect introduced: 1997): memory leak while forwarding
mail with the local(8) delivery agent, in code that handles a
cleanup(8) server error.
2.9.7
* Bugfix (introduced: Postfix 2.0): when myhostname is not listed in
mydestination, the trivial-rewrite resolver may log "do not list in both
mydestination and ". The fix is to re-resolve a domain-less address after
adding $myhostname as the surrogate domain, so that it pops out with the
right address-class label. Reported by Quanah Gibson-Mount.
* Bugfix (introduced: Postfix 2.3): don't reuse TCP connections when
smtp_tls_policy_maps is specified. TLS policies may depend on the remote
destination, but the Postfix <2.11 SMTP connection cache client does not
distinguish between different destinations that resolve to the same IP
address. Victor Duchovni. Found during Postfix 2.11 code maintenance.
* Bugfix (introduced: Postfix 2.2): don't reuse TCP connections when SASL
authentication is enabled. SASL passwords may depend on the remote SMTP
server hostname, but the Postfix <2.11 SMTP connection cache client does not
distinguish between different hostnames that resolve to the same IP
address. Found during Postfix 2.11 code maintenance.
- Made nullmailer-queue sync and not just flush queued files to protect
against crashes during sensitive operations.
- Added support for SMTPS (SMTP over SSL/TLS) and STARTTLS.
- Added support for SSL/TLS client certificates.
- Added a quadratic backoff for resend times.
version 3.33: Tue, May 14, 2013 10:12:43 AM
- more cleanup on use of $@ and $!
- cleanup get_bodystructure / get_envelope
- allow Ssl arg as an arrayref to pass args to IO::Socket::SSL
[Ramana V Mokkapati]
- no need to Massage() the folder name in uidnext()
- rt.cpan.org#84028: get_envelope() fails when subject ends w/backslash
[Andy Lyttle]
- rt.cpan.org#79476: move()/copy() with sequence causes numeric warning
[Oleg G]
- *move()/copy() no longer sort message(s) provided by caller
pkgsrc-changes:
Set MultiHomed => 1 in call to IO::Socket::INET to allow fallback to IPv4
when server has both IPv4 and IPv6 addresses and no reliable IPv6 route
RELEASE 0.9.3
-------------
- Fix setting refresh_interval to "Never" in Preferences (#1489286)
- Optimized UI behavior for touch devices
- Fix purge action in folder manager (#1489280)
- Fix base URL resolving on attribute values with no quotes (#1489275)
- Fix wrong handling of links with '|' character (#1489276)
- Fix colorspace issue on image conversion using ImageMagick (#1489270)
- Fix XSS vulnerability when saving HTML signatures (#1489251)
- Fix XSS vulnerability when editing a message "as new" or draft (#1489251)
- Fix rewrite rule in .htaccess (#1489240)
- Fix detecting Turkish language in ISO-8859-9 encoding (#1489252)
- Fix identity-selection using Return-Path headers (#1489241)
- Fix parsing of links with ... in URL (#1489192)
- Fix compose priority selector when opening in new window (#1489257)
- Fix bug where signature wasn't changed on identity selection when editing
a draft (#1489229)
- Fix IMAP SETMETADATA parameters quoting (#1489231)
- Fix "could not load message" error on valid empty message body (#1489228)
- Fix handling of message/rfc822 attachments on message forward and edit
(#1489214)
- Fix parsing of square bracket characters in IMAP response strings (#1489223)
- Don't clear References and in-Reply-To when a message is "edited as new"
(#1489216)
- Fix messages list sorting with THREAD=REFS
- Remove deprecated (in PHP 5.5) PREG /e modifier usage (#1489174)
- Fix empty messages list when register_globals is enabled (#1489157)
- Fix so valid and set date.timezone is not required by installer checks
(#1489180)
- Canonize boolean ini_get() results (#1489189)
- Fix so install do not fail when one of DB driver checks fails but other
drivers exist (#1489178)
- Fix so exported vCard specifies encoding in v3-compatible format (#1489183)
- Always use the internal MD5 functions for the built-in CRAM-MD5
implementation; never use the ones from OpenSSL. This fixes problems with
configurations that use OpenSSL and do not use GNU SASL. Thanks to Gleydson
Soares and Moritz Wilhelmy for providing information and for testing the fix.
- Deprecate DIGEST-MD5 authentication as per RFC 6331.
- Remove unmaintained translations (es, pt_BR).
+ SSL: Added support for ECDH/ECDHE cipher suites
+ Added some missing man pages
+ quota-status: Added quota_status_toolarge setting
- director: Users near expiration could have been redirected to
different servers at the same time.
- pop3: Avoid assert-crash if client disconnects during LIST.
- mdbox: Corrupted index header still wasn't automatically fixed.
- dsync: Various fixes to work better with imapc and pop3c storages.
- ldap: sasl_bind=yes caused crashes, because Dovecot's lib-sasl
symbols conflicted with Cyrus SASL library.
- imap: Various error handling fixes to CATENATE. (Found using
Apple's stress test script.)
Upstream changes:
version 2.01: Sat Aug 3 01:07:27 CEST 2013
Improvements:
- add dummy ::Types::create_type_index() because
Catalyst-Plugin-Static-Simple calls it :(
version 2.00: Fri Aug 2 17:44:53 CEST 2013
Changes:
- the mime information is now collected from various sources, amongst
them IANA. Therefore, some types may use different x-'s
#types up from 995 to 2096
- a separate table is built for the extension-to-type mapping.
#exts up from 734 to 1425
- the memory foot-print and start-up speed should have improved
considerably.
Improvements:
- added bin/collect_types
- 3 typos. rt.cpan.org#86847 [D Steinbrunner]
- add ::Type::isVendor(), ::isExperimental(), ::isPersonal on request
by rt.cpan.org#87062 [Lars]
- cleaned-up Exporter syntax of (very) old interface.
- added ::Types::listTypes()
version 1.38: Fri Jan 11 09:58:08 CET 2013
- add application/vnd.ms-excel.template.macroEnabled.12 and five
related from http://filext.com/faq/office_mime_types.php
rt.cpan.org#82616 [M Jemmeson]
version 1.37: Fri Dec 21 11:33:53 CET 2012:
- all mime.types files agree that perl scripts should use
application/x-perl. Hence removed text/x-perl
rt.cpan.org#82100 [Kent Fredric]
version 1.36: Wed Oct 31 20:34:42 CET 2012
- xlsx and friends had encoding 'binary' (since version 1.30),
but should have been 'base64'
rt.cpan.org#80529 [Douglas Wilson]
ChangeLog:
1.534 2013-03-26
Added another spam detection case (mstevens)
1.533 2013-01-23
Added two new spam detection cases (mstevens)
Hopefully fixed tests on newer perl, at the cost of slightly
reformatted messages. Why is Mail::DeliveryStatus::Report
a header object anyway? (mstevens)
Changelog:
Security bugfixes.
MFSA 2013-75 Local Java applets may read contents of local file system
MFSA 2013-73 Same-origin bypass with web workers and XMLHttpRequest
MFSA 2013-72 Wrong principal used for validating URI for some Javascript components
MFSA 2013-71 Further Privilege escalation through Mozilla Updater
MFSA 2013-69 CRMF requests allow for code execution and XSS attacks
MFSA 2013-68 Document URI misrepresentation and masquerading
MFSA 2013-66 Buffer overflow in Mozilla Maintenance Service and Mozilla Updater
MFSA 2013-63 Miscellaneous memory safety hazards (rv:23.0 / rv:17.0.8)
- Support DNS whitelists.
- Improve physical page locality of the DCC server's use of the database hash table
and so improve server performance.
- Reduce dccifd thread stack size to 512 KBytes for busy 32-bit systems
- Dccproc, dccm, and dccifd decode HTML &#xxx character references in URLs.
- Dccproc, dccm, and dccifd convert UTF-8 domain names to Punycode
before checking DNS blacklists.
- Fix reporting of rogue server-IDs.
- Fix dccproc, dccifd, and dccm crash in parsing Received: fields with IPv6 addresses.
- Fix DNSBL bugs in parsing http://example.com?parameter and http://example.com:80
- Deal with trailing '.' and other punctuation URLs in dccm, dccifd, and
dccproc. This changes the FUZ1 and FUZ2 checksums in some cases.
- Fix a rare crash of dccd, the server daemon.
Added iconv output support via -x<set>.
Fixed up the BASE64 decoding detection of boundaries which are sometimes missed.
Updated ripOLE to handle nameless / unknown stream blobs.
Added a header fixing routine in MIME_headers, this fix attempts
to unwrap headers which are missing a leading space on the next line
This feature can be disabled using --disable-headerfix.
Added recursion facility if the input mailpack/MIME file is a directory.
1.10.0 09-July-2013
----------------------------------------------
- Memory optimizations
- Fix a runtime error on Windows
1.9.80 10-June-2013
----------------------------------------------
- Update item access time less often.
- Don't try to start akonadiserver if mysqld is not installed
- Allow to fetch available items even if there are errors in some of the items.
- Properly restrict the external part removal to the deleted collection.
- Support checking the cache for payloads in the FETCH command.
- Add infrastructure to track client capabilities.
- Allow to disable the cache verification on retrieval.
- fsck: move orphaned pim items to lost+found, delete orphaned pim item flags.
- Introduce NotificationMessageV2 that supports batch operations on set of entities.
- Fix build with Boost >= 1.53.
- Fix a runtime issue with MySQL >= 5.6 (MySQL >= 5.1.3 is now the minimum version).
Changes since 2.0.6:
IMAPFilter 2.5.5 - 8 Jun 2013
- Work-around for some servers that send an unexpected APPEND response.
- The serial number of the certificates is taken into account, because some
servers send different certificates with the same subject and issuer.
- Details of the stored certificates are written to the certificates file, in
order to make it easier to distinguish each of them.
- Support for TLS versions 1.1 and 1.2 for secure connections.
IMAPFilter 2.5.4 - 9 Apr 2013
- Some server responses are now parsed less stricly.
- More detailed information is now printed when there's an error.
- Bug fix; various corrections in the recovery mechanism.
IMAPFilter 2.5.3 - 22 Jul 2012
- New implementation for international mailbox names.
- Bug fix; wrong variable name in one of the examples on extending.
- Bug fix; an OpenSSL compilation warning.
IMAPFilter 2.5.2 - 29 Feb 2012
- Persistent errors or connection failures are now ignored when running in
daemon mode, and a reconnection is attempted during the next loop iteration.
- Bug fix; problems with failure handling during login/logout.
IMAPFilter 2.5.1 - 27 Feb 2012
- Support for recovery of a session after a BYE response is received.
- Option to control in which cases a terminated session will be restored.
- Bug fix; a BYE response could sometimes get incorrectly ignored.
IMAPFilter 2.5 - 23 Feb 2012
- Support for recovery of a session when a network failure is encountered,
and other robustness improvements.
- Informational messages are printed also for the fetch and append methods.
- Lua 5.2 compatibility, while the codebase can still be compiled with
version 5.1.
- The OpenSSL library is now a mandatory build requirement.
- Bug fix; unrecoverable login failures did not result in aborting of the
execution of the configuration.
- Bug fix; when messages were appended to a mailbox that did not exist, it
failed to create the mailbox and then retry the appending.
- Bug fix; misleading errors were printed on some SSL failures.
- Bug fix; protected call of the commands to execute in the daemon function
could hide important failures.
- Bug fix; the man page had an incorrect description of the -d option.
* Support for the old deprecated 1.x configuration format has been removed,
and the current 2.x format can only be executed from now on.
IMAPFilter 2.4.2 - 19 Jan 2012
- Bug fix; some ASCII characters in mailbox names were incorrectly converted
to UTF-7.
IMAPFilter 2.4.1 - 8 Dec 2011
- Bug fix; become_daemon() failure.
IMAPFilter 2.4 - 6 Dec 2011
- Support for non-ASCII mailbox names.
- New environment variable to set the configuration directory.
- Bug fix; parsing of some server responses was broken since the previous
release.
- Bug fix; the match_field() method matched on the whole header field,
instead of only the header field body.
- Bug fix; debug file check caused printing of a misleading error message.
- Bug fix; typo error in a configuration man page example.
IMAPFilter 2.3 - 6 Aug 2011
- Support for appending/uploading messages to mailboxes.
- Debug file option now takes filename argument.
- New simplified configuration and building procedure.
- Bug fix; in some cases a mailbox was incorrectly assumed selected.
- Bug fix; in some cases server capabilities needed update after login.
- Bug fix; timeout problem with CRAM-MD5 authentication.
- Bug fix; some servers send non-ASCII characters in their responses.
IMAPFilter 2.2.3 - 6 Mar 2011
- Project moved to GitHub.
- Changed file and directory structure.
- The next UID is returned as an additional return value of check_status().
- All processing methods now return a boolean based on their success.
- Bug fix; a lost connection is now handled better by trying to reconnect.
- Bug fix; in some cases in IDLE a message had arrived but was ignored.
- Bug fix; in some servers the initial IDLE reply wasn't handled correctly.
- Bug fix; typo errors in the documentation.
IMAPFilter 2.2.2 - 23 Jan 2010
- Bug fix; a couple of errors in the extending examples file.
IMAPFilter 2.2.1 - 20 Jan 2010
- A global option for the IDLE refreshing interval was added.
- Bug fix; more detailed reporting when SSL socket errors occur.
IMAPFilter 2.2 - 30 Dec 2009
- Support for combining searching methods in multiple mailboxes at the same
or different accounts and processing of the results in bulk.
- Support for meta-searching that allows searching on the previous searching
results.
- The processing and fetching methods were enhanced to reflect the new
changes and the documentation was updated.
- Global options for the message cache and the certificates were added.
- Bug fix; questions for certificates are not asked while in daemon mode, but
instead an error is printed.
* A different format is used for the returned structures of the searching
methods, due to the introduction of multiple mailbox searching and
meta-searching, and thus any configuration files that rely on them should
be updated. Consequently, the processing and fetching methods have been
also enhanced and the relevant documentation updated, and while these
changes are backwards compatible, an update of the configuration file is
still recommended.
IMAPFilter 2.1.2 - 3 Dec 2009
- Bug fix; cache for message parts didn't work correctly.
- Bug fix; documentation error.
IMAPFilter 2.1.1 - 24 Nov 2009
- Bug fix; global option timeout and enter_idle() didn't play well together.
IMAPFilter 2.1 - 23 Nov 2009
- Support for the IMAP IDLE extension (RFC 2177) through the enter_idle()
method.
- Support for fetching of a message's body structure through the
fetch_structure() method, and of a message's specific body part through the
fetch_parts() method.
- Addition of a global option that controls the character set used for all
the searching methods.
- Bug fix; fetching of non-existent messages.
- Bug fix; no trailing end-of-line characters in the results of
fetch_fields().
IMAPFilter 2.0.11 - 20 Sep 2009
- Bug fix; fetching of messages with empty body.
- Workaround for problematic IMAP server sending non-compliant mailbox status
information.
IMAPFilter 2.0.10 - 16 Feb 2008
- Bug fix; failed a great number (tens of thousands) of commands were
exchanged with an IMAP server.
- Bug fix; failed to fetch the body of some messages in some extremely rare
occasions.
- Bug fix; the description for the contain_header() method was clarified.
IMAPFilter 2.0.9 - 26 Dec 2007
- Bug fix; the match_*() methods failed to match messages.
- Bug fix; the match_*() methods failed with an error when no messages
matched.
- Bug fix; note added in the documentation about the need to use double
backslashes inside of regular expression patterns.
IMAPFilter 2.0.8 - 23 Dec 2007
- Bug fix; on some platforms it is necessary to link against the math library.
IMAPFilter 2.0.7 - 22 Dec 2007
- Bug fix; the match_*() methods failed with an error message.
are replaced with .include "../../devel/readline/buildlink3.mk", and
USE_GNU_READLINE are removed,
* .include "../../devel/readline/buildlink3.mk" without USE_GNU_READLINE
are replaced with .include "../../mk/readline.buildlink3.mk".
Mail_Mie 1.8.8
* Fixed warning/notice on (static vs. non-static) PEAR::raiseError() usage
[alec]
* Fixed Bug #19761: PHP5 warnings about return by reference [alec]
* Fixed Bug #19770: Make cid generator more unique on Windows [alec]
* Fixed Bug #19987: E_STRICT warning when null is passed by reference [alec]
Changelog:
FIXED
Security fixes can be found here
Fixed in Thunderbird 17.0.7
MFSA 2013-59 XrayWrappers can be bypassed to run user defined methods in a privileged context
MFSA 2013-56 PreserveWrapper has inconsistent behavior
MFSA 2013-55 SVG filters can lead to information disclosure
MFSA 2013-54 Data in the body of XHR HEAD requests leads to CSRF attacks
MFSA 2013-53 Execution of unmapped memory through onreadystatechange event
MFSA 2013-51 Privileged content access and execution via XBL
MFSA 2013-50 Memory corruption found using Address Sanitizer
MFSA 2013-49 Miscellaneous memory safety hazards (rv:22.0 / rv:17.0.7)
Subject: [Dovecot-news] Released Pigeonhole v0.4.1 for Dovecot v2.2.4.
Date: Wed, 03 Jul 2013 22:15:31 +0200
To: dovecot-news@dovecot.org, Dovecot Mailing List <dovecot@dovecot.org>
Reply-To: dovecot@dovecot.org
Content-Transfer-Encoding: 7bit
Hello Dovecot users,
Now that I am not preoccupied anymore, I quickly release a new version
of Pigeonhole for Dovecot v2.2. This consists mainly of bug fixes. One
new feature is that the Sieve plugin will try to pass temporary
failures (e.g. from mail storage) back to LDA/LMTP as much as
possible. However, this change turned out a little bigger than I would
have liked, so experiment with it a bit before you deploy it in
production.
Changelog v0.4.1:
+ Added support for handling temporary failures. These are passed back
to LDA/LTMP to produce an appropriate response towards the MTA.
- Sieve storage: Removed PATH_MAX limitation for active symlink. This
caused problems for GNU/Hurd.
- Fixed line endings in X-Sieve headers added by redirect command.
- ManageSieve: Fixed '[' ']' stupidity for response codes (only
happened before login).
- Fixed setting name in example-config/conf.d/20-managesieve.conf.
- Sieve extprograms plugin: Fixed interaction between pipe command and
remote script service. The output from the script service was never
read, causing a broken pipe error at the script service. Apparently,
this was broken since the I/O handling for extprograms was last
revised.
- Fixed assertion failure due to datastack problem in message header
composition.
version 1.2.9 (which is old) is not available. Two improvements that
I noticed are:
1.) A remote DoS vulnerability (for which "pkgsrc" had a patch) has
been fixed.
2.) The SPF records for "gmail.com" are now accepted again.
Mail::DeliveryStatus::BounceParser analyzes RFC822 bounce messages and returns a
structured description of the addresses that bounced and the reason they
bounced; it also returns information about the original returned message
including the Message-ID. It works best with RFC1892 delivery reports, but will
gamely attempt to understand any bounce message no matter what MTA generated it.
+ doveadm: Added "flags" command to modify message flags.
+ doveadm: Added "deduplicate" command to expunge message duplicates.
+ dsync: Show the state in process title with verbose_proctitle=yes.
- imap/pop3 proxy: Master user logins were broken in v2.2.3
- sdbox/mdbox: A corrupted index header with wrong size was never
automatically fixed in v2.2.3.
- mbox: Fixed assert-crashes related to locking
nmzmail is a tool to use the namazu search engine from within the mutt mail
client to search mail stored in maildir folders. Based on the result of the
namazu query, nmzmail generates a maildir folder containing symbolic links to
the mails matching the query. A simple mutt macro makes easy to use nmzmail from
within mutt. nmzmail is pretty similar to mairix, but the code is much simpler,
as it uses an external program as search engine.
v3.5 (2013-06-05)
* Added digest generation and post-processing hooks.
* Fix html2text configuration (ignored since 2012-10-04).
* Fix opmlexport crash due to orphaned feed data.
* Use feed names in OPML 'text' attributes.
v3.4 (2013-05-14)
* Added post-processing hooks for user-specified message manipulation.
* Added settings for IMAP delivery. The old `use-smtp` boolean has
been replaced by a new `email-protocol` setting. Non-IMAP users
should adjust their configuration to set `email-protocol` to
either `sendmail` or `smtp`.
v3.3 (2013-04-13)
* Fix SMTP message submission logic.
* Fix error inheritence (super() calls).
* Convert html2text parsing errors to `ProcessingError`s.
* Cleanup html2text error handling.
* Drop Google Reader rel-via manipulation.
* Drop the wrapping <table> elements from HTML mail
v3.2 (2013-03-13)
* Use extended interpolation in configuration files, to allow percent signs (%).
* Added .as_string() fallback to email flattening (only used if
`use-smtp = False` and `use-8bit = True`).
* Added sendmail configuration option. Change this if you want to
use an alternative, sendmail-compatible mailer.
v3.1 (2013-02-14)
* Import __url__, __author__, and __email__ in rss2email.error,
which fixes bugs in formatting a number of errors.
v3.0 (2013-02-13)
* Changed project email (rss2email@tremily.us) and homepage
(http://github.com/wking/rss2email).
* Split static configuration parameters into a ConfigParser-read
config file (rss2email.cfg). Data that depends on the feed state
is recorded using JSON (rss2email.json).
* Use the XDG Base Directory Specification for standardized
configuration and data file locations.
* Converted the command line interface to argparse, with some
restructuring along the way.
* Added the r2e.1 man page (based on one from the Debian package).
* Added setup.py and a PyPI page for simpler installation
(http://pypi.python.org/pypi/rss2email).
* Added Message-ID headers to outgoing email.
* Added a test suite.
* Upgraded to Python 3.2 to take advantage of cleaner Unicode
handling and argparse.
* Require Signed-off-by lines in new commit messages, following the
Linux and Git projects.
== [release-1-8-9] 1.8.9: 2013-06-28
A bug fix release of 1.8.8.
=== Package
==== Improvements
* [rpm] Update Ruby1.9.3 package for CentOS6 to Ruby1.9.3-p448
released on 2013-06-27
=== milter manager
==== Fixes
* [binding][ruby] Fixed a bug that milter-manager couldn't detect
socket path if greylist.conf includes socket path with
permission.
== [release-1-8-8] 1.8.8: 2013-06-25
A bug fix release of 1.8.7.
=== Package
==== Fixes
* [rpm] milter-manager-log-analyzer should include cron configuration.
[Reported by Satoru Sakashita][milter-manager-users-ja:00200]
* [deb] Remove old configuration file installed by milter-manager.
[Reported by Youhei SASAKI][milter-manager-users-ja:00202]
=== Known Issues
* [test] Failed some test cases using rrdtool on some environments.
[Reported by Hirohisa Yamaguchi][GitHub #29]
=== Thanks
* Satoru Sakashita
* Youhei SASAKI
* Hirohisa Yamaguchi
RELEASE 0.9.2
-------------
- Fix image thumbnails display in print mode (#1489134)
- Fix height of message headers block (#1489108)
- Fix timeout issue on drag&drop uploads (#1489170)
- Fix default sorting of threaded list when THREAD=REFS isn't supported
- Fix list mode switch to 'List' after saving list settings in Larry skin (#1489164)
- Fix error when there's no writeable addressbook source (#1489162)
- Fix zipdownload plugin issue with filenames charset (#1489156)
- Fix so non-inline images aren't skipped on forward (#1489150)
- Fix "null" instead of empty string on messages list in IE10 (#1489145)
- Fix legacy options handling
- Fix so bounces addresses in Sender headers are skipped on Reply-All (#1489011)
- Fix bug where serialized strings were truncated in PDO::quote() (#1489142)
- Fix displaying messages with invalid self-closing HTML tags (#1489137)
- Fix PHP warning when responding to a message with many Return-Path headers (#1489136)
- Fix unintentional compose window resize (#1489114)
- Fix performance regression in text wrapping function (#1489133)
- Fix connection to posgtres db using unix socket (#1489132)
- Fix handling of comma when adding contact from contacts widget (#1489107)
- Fix bug where a message was opened in both preview pane and new window on double-click (#1489122)
- Fix fatal error when xdebug.max_nesting_level was exceeded in rcube_washtml (#1489110)
- Fix PHP warning in html_table::set_row_attribs() in PHP 5.4 (#1489094)
- Fix invalid option selected in default_font selector when font is unset (#1489112)
- Fix displaying contact with ID divisible by 100 in sql addressbook (#1489121)
- Fix browser warnings on PDF plugin detection (#1489118)
- Fix fatal error when parsing UUencoded messages (#1489119)
== Version 2.5.4 - Tue May 14 14:45:00 +1100 2013 Mikel Lindsaar
<mikel@lindsaar.net>
Features:
* Save settings passed to TestMailer#new (svanderbleek)
* Allow the setting of envelope from directly (jeremy)
* Accept other IETF/IANA-registered Content-Types and
Content-Transfer-Encodings (jeremy)
* Alias shift-jis charset to Shift_JIS Ruby encoding (jeremy)
* Add support for ks_c_5601-1987 charset, aliased to CP949 Ruby encoding
(jeremy)
* Don't allow colons in header names (jeremy)
* Can assign arrays of Message-IDs to References and In-Reply-To (jeremy)
* Setting the html_ or text_part sets a default text/html or text/plain
content type (jeremy)
* Setting the html_ or text_part to nil removes it (jeremy)
* Addresses without a parsable email or display name still format as their raw
text (jeremy)
* Close pull request 504 - Alias GB2312 charset to GB18030 Ruby encoding (bpot)
* Close pull request 399 - Accept :ca_path and :ca_file options for SMTP
delivery (ndbroadbent)
* Close pull request 389 - Don't add superfluous message headers to MIME parts
(djmaze, jeremy)
Performance:
* Close pull request 488 - Speed up field construction & comparison (bpot)
Bugs:
* Don't include separating semicolon in paramter value when sanitizing (bpot)
* Fix fencepost encoding problem with binhex strings and only one token (drasch)
* Fix sendmail delivery to addresses with a leading hyphen (lifo, jeremy)
* Correctly format mbox From headers per RFC4155 (bpot, jeremy)
* Fix bogus '=' at the end of some quoted-printable messages (jeremy)
* Shouldn't be fooled into encoding strings on 1.8 by unrelated Encoding
constant (emiellohr, jeremy)
* Header encoding should be US-ASCII, not the default external encoding (jeremy)
* Address elements should return decoded display names by default (jeremy)
* Fix up tests that depend on utf-8 external encoding; read fixtures as binary
(jeremy)
* Capture stderr from Sendmail and Exim deliveries (jeremy)
* RFC2822 quoted_string content may be empty (jeremy)
* Calling #to_s on a field with a nil value returns an empty string instead of
nil (jeremy)
* The Received header may contain zero name/value pairs, qmail-style (jeremy)
* Fix that setting an attachment with a :mime_type and :encoding would
override the :encoding (jeremy)
* Fix that declaring an html_part but no text_part would use
multipart/alternative anyway (jeremy)
* Close pull request 508 - Don't add an extra CRLF to MIME parts; split MIME
parts on correct CRLF boundaries (Aalanar)
* Close pull request 506 - Escape backslashes in quoted strings (ConradIrwin)
* Close pull request 496 - Correctly handle quoted-printable line breaks
(jeremy)
* Close pull request 493 - Repair misencoded quoted-printable line breaks
(jeremy)
* Close pull request 487 - Extract comments from group email addresses (bpot)
* Close pull request 481 - Correctly quote filename attributes (bpot)
* Close pull request 480 - Support mixed encodings in a single header body
(adamvaughan)
* Close pull request 471 - Fix Ruby 1.8 build when UTF16/32 default to
little-endian (kennyj)
Coping with third-party bugs:
* Parse multipart boundary from Content-Type headers containing extra
semicolons (jeremy)
* Close pull request 389 - Only add Content-ID to inline attachments to
appease Outlook (djmaze, jeremy)
Housekeeping:
* Add development gem dependency on rdoc (jeremy)
* Refresh Bundler dependencies & setup (jeremy)
* Remove i18n dependency and last vestiges of activesupport dependency in
specs (jeremy)
* Clarify that Sender is a single address, not an address list (jeremy)
* Add an MIT-LICENSE file to make licensing clear & obvious; update to 2013
(jeremy)
* Close pull request 501 - Tighten up header/body whitespace splitting
(ConradIrwin)
* Close pull request 499 - Clean up some dead code (ConradIrwin)
* Close pull request 489, 495 - Docs typos (JackDanger, francois)
* Close pull request 485 - Be explicit about unsupported address parsing (bpot)
* Close pull request 484 - Remove #tree specs in preparation for deprecation
removal (bpot)
* Close pull request 482 - Update address field specs to reflect to
#initialize API (bpot)
* Close pull request 475 - Shush warning on Object#blank? redefinition
(amatsuda)
* Close pull request 472 - Clean up UTF8/UTF-8 internals (kennyj)
== 1.23 / 2013-04-20
* New Feature:
* Arnaud Meuret (ameuret) suggested that it could be useful if the MIME type
collection was enumerable, so he implemented it in #30. Thanks for the
contribution! https://github.com/halostatue/mime-types/pull/30
* Updated MIME Types:
* RFC6910 was adopted (application/call-completion).
* RFC6902 was adopted (application/json-patch\+json).
* RFC6917 was adopted (application/mrb-consumer\+xml,
application/mrb-publish\+xml).
* RFC6922 was adopted (application/sql).
* RFC2560 is being
{updated}[http://tools.ietf.org/html/draft-ietf-pkix-rfc2560bis].
* Administrivia:
* The gemspec now includes information about the licenses under which the
mime-types gem is available.
* Using hoe-gemspec2 instead of hoe-gemspec.
== 1.22 / 2013-03-30
* New MIME Types:
* Added support for 3FR (Hasselblad raw images) files. MIME-Type was obtained
by looking at exif data with exiftool. Thanks to cgat for these changes.
https://github.com/halostatue/mime-types/pull/27
* Updated MIME Types:
* Pulled the latest updates from the IANA MIME-Type registry.
* Added support for Ruby 2.0 with Travis CI.
Can't locate getopt.pl in @INC (@INC contains:...
by adding two patches.
patches/patch-agent_test_TEST
patches/patch-bin_perload
See the thread starting with:
| To: tech-pkg@NetBSD.org
| Subject: broken packages for 2013q2
| From: David Holland <dholland-pkgtech@NetBSD.org>
| Date: Wed, 12 Jun 2013 04:02:11 +0000
or
http://mail-index.netbsd.org/tech-pkg/2013/06/12/msg011548.html
Log something when refusing to sign because the private key was too
small. This also adds a new "On-SignatureError" handler
setting, and a new status code DKIM_STAT_SIGGEN.
Fix application of "On-InternalError" setting.
Feature request #SF3609496: Don't apply reputation checks to internal
clients.
2.8.2 2013/03/27
Authentication-Results tokens should be checked without case
sensitivity.
Fix snprintf() arguments in dkimf_checkfsnode().
CONTRIB: Patch #SF3608716: Fixes to spec/opendkim.spec.in
2.8.1 2013/03/19
Fix bug #SF3607071: Report the reason why a key file is determined
to be unsafe.
Fix bug #SF3607072: When checking for key file safety, take any
"-u" value provided on the command line into account.
Fix bug #SF3608401: Solaris 10 doesn't have strsep().
BUILD: Fix build for versions of libdb between 3.1 and 4.6.
2.8.0 2013/02/25
Feature request #SF2964383: Add DKIM_LIBFLAGS_STRICTRESIGN, which
inhibits signing of a handle tagged for resigning when the
attached verifying handle had no valid signatures in it.
Feature request #SF3155117: Do a more thorough check for writeable
key files, checking more of the filesystem permission tree.
Feature request #SF3530734: Add "LDAPDisableCache", which suppresses
the creation of a local cache in front of LDAP queries.
Feature request #SF3547359: If compiled with libcurl, add "SMTPURI"
configuration option that allows direct SMTP transmission
failure reports.
Feature request #SF3578197: Allow per-message override of the list of
header fields to be signed.
Feature request #SF3590860: Combine collected reputation values into
an overall allowed rate under _FFR_REPRRD, as is done for the
other reputation code.
Feature request #SF3598991: Add odkim.signfor() function to the Lua
setup script.
Feature request #SF3599409: Modify dkimf_checkip() to try surrounding
the IP address part of every query with square brackets, which
is a common way to do IP address literals in email contexts.
Fix bug #SF3531477: Add (hopefully temporary) configuration option
"DisableCryptoInit" so that opendkim's initialization of the
crypto library doesn't conflict with the same work done by
other libraries.
Fix bug #SF3599901: Rename "InsecureKey" to "UnprotectedKey" and
"InsecurePolicy" to "UnprotectedPolicy", as the term "insecure"
in reference to a key is sometimes interpreted to mean "not
enough random bits" rather than as a keyword describing the
presence or absence of DNSSEC protection. What's logged in
Authentication-Results header fields has been similarly
modified.
Fix bug #SF3604525: Don't divide by zero when the query cache hasn't
been used.
Protect against handling of signatures with empty domains, which could
cause a NULL dereference and a crash.
Do ATPS checks when enabled even if ADSP is disabled.
Don't fail to start on empty or null configuration files.
Patch #SF3593422: Update for MDB 0.9.5 support.
LIBOPENDKIM: Fix header canonicalization when DKIM_LIBFLAG_FIXCRLF is
used in combination with dkim_chunk().
LIBOPENDKIM: Enable dkim_getcachestats() and the underlying function
to extract the current number of keys in the cache, and also
provide a counter reset mechanism.
BUILD: Feature request #SF3547151: Check for Lua package name variants
in use on Debian.
BUILD: Feature request #SF3599902: Change OpenSSL existence test
to help with Debian packaging.
BUILD: Add "--with-test-socket" to force all of the filter unit tests
to use a specific socket.
BUILD: Add checks for strlcat()/strlcpy() in libbsd.
CONTRIB: Fix bug #SF3575666: Pass pid file path to killproc.
CONTRIB: Add systemd directory.
CONTRIB: Split out initial key generation function from
contrib/init/redhat/opendkim.
MILTERTEST: Don't crash in mt_connect() if the socketspec doesn't
contain a colon.
MILTERTEST: When connect() fails for an AF_INET socket, it apparently
leaves the socket unusable. Discard the socket when that
happens and get a new one.
MILTERTEST: Add a way to extend the mt.connect() retry interval via
environment variables so a large test suite can be easily
extended on slow systems.
TOOLS: Register DNS functions before calling dkim_dns_init() in
opendkim-testkey.
TOOLS: Add "-K" (keep temporary files) flag for opendkim-testmsg
* A new action_add_entity function has been added.
* Deprecated defined(@array) construct has been removed.
* New load1 md-mx-ctrl command summarizes load in a more useful format than load
* watch-multiple-mimedefangs.tcl has been overhauled.
* Various other bugfixes and documentation cleanups.
Changes are too any to write here and please refer CHANGELOG.
pkgsrc changes:
* Add note to enable access_compat_module Apache 2.3 or later.
* Make php-mcrypt mandatory.
* Clean up PKG_OPTIONS.
* Add several patches from official repository.
* using legacy module getopt.pl, add dependency on p5-Perl4-CoreLibs
* fixes some warnings of prototype mismatch.
Bump PKGREVISION from additional dependency.
