- Add ${PERL5_LICENSE}
(upstream)
- Update 0.09 to 1.04
-------------------
1.04 Mon Dec 22 2014
- Removed the locked sub attributes because they seem to have no
gain(no object acces/modification is done)
- Enhanced the POD
- Enhanced the test so they skip if /usr/sbin/makemap is not
insTALLED(might be needed to bundle a .db again)
- In 2012: Enhanced the lookup function so it does correctly check all
variations of an email address
1.01 Tue Nov 10 2009
- Fixed a permissions issue where a test file didn't exist prior
to testing.
- make IMAP class only issue EXPUNGE command on mailbox close if we have
actually deleted any messages from the open mailbox. Makes use of read-
only IMAP folders possible. Thanks: Zoltan Padrah.
Exim version 4.86
-----------------
JH/01 Bug 1545: The smtp transport option "retry_include_ip_address" is now
expanded.
JH/02 The smtp transport option "multi_domain" is now expanded.
JH/03 The smtp transport now requests PRDR by default, if the server offers
it.
JH/04 Certificate name checking on server certificates, when exim is a client,
is now done by default. The transport option tls_verify_cert_hostnames
can be used to disable this per-host. The build option
EXPERIMENTAL_CERTNAMES is withdrawn.
JH/05 The value of the tls_verify_certificates smtp transport and main options
default to the word "system" to access the system default CA bundle.
For GnuTLS, only version 3.0.20 or later.
JH/06 Verification of the server certificate for a TLS connection is now tried
(but not required) by default. The verification status is now logged by
default, for both outbound TLS and client-certificate supplying inbound
TLS connections
JH/07 Changed the default rfc1413 lookup settings to disable calls. Few
sites use this now.
JH/08 The EXPERIMENTAL_DSN compile option is no longer needed; all Delivery
Status Notification (bounce) messages are now MIME format per RFC 3464.
Support for RFC 3461 DSN options NOTIFY,ENVID,RET,ORCPT can be advertised
under the control of the dsn_advertise_hosts option, and routers may
have a dsn_lasthop option.
JH/09 A timeout of 2 minutes is now applied to all malware scanner types by
default, modifiable by a malware= option. The list separator for
the options can now be changed in the usual way. Bug 68.
JH/10 The smtp_receive_timeout main option is now expanded before use.
JH/11 The incoming_interface log option now also enables logging of the
local interface on delivery outgoing connections.
JH/12 The cutthrough-routing facility now supports multi-recipient mails,
if the interface and destination host and port all match.
JH/13 Bug 344: The verify = reverse_host_lookup ACL condition now accepts a
/defer_ok option.
JH/14 Bug 1573: The spam= ACL condition now additionally supports Rspamd.
Patch from Andrew Lewis.
JH/15 Bug 670: The spamd_address main option (for the spam= ACL condition)
now supports optional time-restrictions, weighting, and priority
modifiers per server. Patch originally by <rommer@active.by>.
JH/16 The spamd_address main option now supports a mixed list of local
and remote servers. Remote servers can be IPv6 addresses, and
specify a port-range.
JH/17 Bug 68: The spamd_address main option now supports an optional
timeout value per server.
JH/18 Bug 1581: Router and transport options headers_add/remove can
now have the list separator specified.
JH/19 Bug 392: spamd_address, and clamd av_scanner, now support retry
option values.
JH/20 Bug 1571: Ensure that $tls_in_peerdn is set, when verification fails
under OpenSSL.
JH/21 Support for the A6 type of dns record is withdrawn.
JH/22 Bug 608: The result of a QUIT or not-QUIT toplevel ACL now matters
rather than the verbs used.
JH/23 Bug 1572: Increase limit on SMTP confirmation message copy size
from 255 to 1024 chars.
JH/24 Verification callouts now attempt to use TLS by default.
HS/01 DNSSEC options (dnssec_require_domains, dnssec_request_domains)
are generic router options now. The defaults didn't change.
JH/25 Bug 466: Add RFC2322 support for MIME attachment filenames.
Original patch from Alexander Shikoff, worked over by JH.
HS/02 Bug 1575: exigrep falls back to autodetection of compressed
files if ZCAT_COMMAND is not executable.
JH/26 Bug 1539: Add timout/retry options on dnsdb lookups.
JH/27 Bug 286: Support SOA lookup in dnsdb lookups.
JH/28 Bug 1588: Do not use the A lookup following an AAAA for setting the FQDN.
Normally benign, it bites when the pair was led to by a CNAME;
modern usage is to not canoicalize the domain to a CNAME target
(and we were inconsistent anyway for A-only vs AAAA+A).
JH/29 Bug 1632: Removed the word "rejected" from line logged for ACL discards.
JH/30 Check the forward DNS lookup for DNSSEC, in addition to the reverse,
when evaluating $sender_host_dnssec.
JH/31 Check the HELO verification lookup for DNSSEC, adding new
$sender_helo_dnssec variable.
JH/32 Bug 1397: Enable ECDHE on OpenSSL, just the NIST P-256 curve.
JH/33 Bug 1346: Note MAIL cmd seen in -bS batch, to avoid smtp_no_mail log.
JH/34 Bug 1648: Fix a memory leak seen with "mailq" and large queues.
JH/35 Bug 1642: Fix support of $spam_ variables at delivery time. Was
documented as working, but never had. Support all but $spam_report.
JH/36 Bug 1659: Guard checking of input smtp commands again pseudo-command
added for tls authenticator.
- doveadm mailbox list (and some others) were broken in v2.2.20
- director: Fixed making backend changes when running with only a
single director server.
- virtual plugin: Fixed crash when trying to open nonexistent
autocreated backend mailbox.
152 (2015/12/20)
* Fix unescaped left brace in regex is deprecated for Perl 5.22
* Update config.guess and config.sub with autotools-dev 20150820.1
* Add gitlog2imchanges to easily generate 00changes
* Fix a potential path traversal vulnerability.
* Adds some measures against brute-force attacks
RELEASE 1.1.4
-------------
- Add workaround for https://bugs.php.net/bug.php?id=70757 (#1490582)
- Fix duplicate messages in list and wrong count after delete (#1490572)
- Fix so Installer requires PHP5
- Make brute force attacks harder by re-generating security token on every failed login (#1490549)
- Slow down brute-force attacks by waiting for a second after failed login (#1490549)
- Fix .htaccess rewrite rules to not block .well-known URIs (#1490615)
- Fix mail view scaling on iOS (#1490551)
- Fix so database_attachments::cleanup() does not remove attachments from other sessions (#1490542)
- Fix responses list update issue after response name change (#1490555)
- Fix bug where message preview was unintentionally reset on check-recent action (#1490563)
- Fix bug where HTML messages with invalid/excessive css styles couldn't be displayed (#1490539)
- Fix redundant blank lines when using HTML and top posting (#1490576)
- Fix redundant blank lines on start of text after html to text conversion (#1490577)
- Fix HTML sanitizer to skip <!-- node type X --> in output (#1490583)
- Fix invalid LDAP query in ACL user autocompletion (#1490591)
- Fix regression in displaying contents of message/rfc822 parts (#1490606)
- Fix handling of message/rfc822 attachments on replies and forwards (#1490607)
- Fix PDF support detection in Firefox > 19 (#1490610)
- Fix path traversal vulnerability (CWE-22) in setting a skin (#1490620)
- Fix so drag-n-drop of text (e.g. recipient addresses) on compose page actually works (#1490619)
Changelog:
38.5.0:
Not available
38.4.0:
Fixed Various security fixes
Fixed Fixed issue where messages moves of multiple messages from a maildir folder to an mbox folder failed.
Fixed in Thunderbird 38.4
2015-133 NSS and NSPR memory corruption issues
2015-132 Mixed content WebSocket policy bypass through workers
2015-131 Vulnerabilities found through code inspection
2015-128 Memory corruption in libjar through zip files
2015-127 CORS preflight is bypassed when non-standard Content-Type headers are received
2015-123 Buffer overflow during image interactions in canvas
2015-122 Trailing whitespace in IP address hostnames can bypass same-origin policy
2015-116 Miscellaneous memory safety hazards (rv:42.0 / rv:38.4)
== 3.0 / 2015-11-21
* 2 governance changes
* This project and the related mime-types-data project are now exclusively
MIT licensed. Resolves
{#95}[https://github.com/mime-types/ruby-mime-types/issues/95].
* All projects under the mime-types organization now have a standard code of
conduct adapted from the {Contributor
Covenant}[http://contributor-covenant.org]. This text can be found in the
{Code-of-Conduct.rdoc}[Code-of-Conduct_rdoc.html] file.
* 3 major changes
* All methods deprecated in mime-types 2.x have been removed.
* mime-types now requires Ruby 2.0 compatibility or later. Resolves
{#97}[https://github.com/mime-types/ruby-mime-types/issues/97].
* The registry data has been removed from mime-types and put into
mime-types-data, maintained and released separately. It can be found at
{mime-types-data}[https://github.com/mime-types/mime-types-data].
* 17 minor changes:
* MIME::Type changes:
* Changed the way that simplified types representations are creatd to
reflect the fact that +x-+ prefixes are no longer considered special
according to IANA. A simplified MIME type is case-folded to lowercase. A
new keyword parameter, +remove_x_prefix+, can be provided to remove +x-+
prefixes.
* Improved initialization with an Array works so that extensions do not
need to be wrapped in another array. This means that <tt>%w(text/yaml
yaml yml)</tt> works in the same way that <tt>['text/yaml', %w(yaml
yml)]</tt> did (and still does).
* Changed +priority_compare+ to conform with attributes that no longer
exist.
* Changed the internal implementation of extensions to use a frozen Set.
* When extensions are set or modified with +add_extensions+, the primary
registry will be informed of a need to reindex extensions. Resolves
{#84}[https://github.com/mime-types/ruby-mime-types/issues/84].
* The preferred extension can be set explicitly. If not set, it will be the
first extension. If the preferred extension is not in the extension list,
it will be added.
* Improved how xref URLs are generated.
* Converted +obsolete+, +registered+ and +signature+ to attr_accessors.
* MIME::Types changes:
* Modified MIME::Types.new to track instances of MIME::Types so that they
can be told to reindex the extensions as necessary.
* Removed +data_version+ attribute.
* Changed #[] so that the +complete+ and +registered+ flags are keywords
instead of a generic options parameter.
* Extracted the class methods to a separate file.
* Changed the container implementation to use a Set instead of an Array to
prevent data duplication. Resolves
{#79}[https://github.com/mime-types/ruby-mime-types/issues/79].
* MIME::Types::Cache changes:
* Caching is now based on the data gem version instead of the mime-types
version.
* Caching is compatible with columnar registry stores.
* MIME::Types::Loader changes:
* MIME::Types::Loader::PATH has been removed and replaced with
MIME::Types::Data::PATH from the mime-types-data gem. The environment
variable RUBY_MIME_TYPES_DATA is still used.
* Support for the long-deprecated mime-types v1 format has been removed.
* The registry is default loaded from the columnar store by default. The
internal format of the columnar store has changed; many of the boolean
flags are now loaded from a single file. Resolves
{#85}[https://github.com/mime-types/ruby-mime-types/85].
pkgsrc changes:
- Remove patches/patch-src_Makefile.in that seems no more needed
Changes:
Version 1.6.3:
- A bug in SOCKS support was fixed.
- Handling non-fatal errors in TLS handshakes was fixed.
The find-prefix infrastructure was required in a pkgviews world where
packages installed from pkgsrc could have different installation
prefixes, and this was a way for a dependency prefix to be determined.
Now that pkgviews has been removed there is no longer any need for the
overhead of this infrastructure. Instead we use BUILDLINK_PREFIX.pkg
for dependencies pulled in via buildlink, or LOCALBASE/PREFIX where the
dependency is coming from pkgsrc.
Provides a reasonable performance win due to the reduction of `pkg_info
-qp` calls, some of which were redundant anyway as they were duplicating
the same information provided by BUILDLINK_PREFIX.pkg.
Notmuch 0.21 (2015-10-29)
=========================
General
-------
Notmuch now requires gmime >= 2.6.7. The gmime 2.4 series is no longer
supported.
Database revision tracking: `lastmod:` queries
Each message now has a metadata revision number that increases with
every tagging operation. See the discussion of `lastmod:` in
`notmuch-search-terms(7)` for more information.
Date queries now support `date:<expr>..!` shorthand for
`date:<expr>..<expr>`
You can use, for example, `date:yesterday..!` to match from the
beginning of yesterday to the end of yesterday. For further details,
please refer to the `notmuch-search-terms` manual page.
Notmuch database upgrade to support `lastmod:` queries
The above mentioned `lastmod:` prefix. This will be done
automatically, without prompting on the next time `notmuch new` is
run after the upgrade. The upgrade is not reversible, and the
upgraded database will not be readable by older versions of
Notmuch. As a safeguard, a database dump will be created in the
`.notmuch` directory before upgrading.
Build System
------------
The ruby bindings are now built as part of the main notmuch build
process. This can be disabled with the `--without-ruby` option to
configure.
Building the documentation can be disabled with the `--without-docs`
option to configure.
Skipped individual tests are no longer considered as failures.
Command Line Interface
----------------------
Database revision tracking
Two new options were added to support revision tracking. A global
option "--uuid" (`notmuch(1)`) was added for to detect counter
rollover and reinitialization, and `notmuch-count(1)` gained a
`--lastmod` option to query database revision tracking data.
The `notmuch address` command supports new deduplication schemes
`notmuch address` has gained a new `--deduplicate` option to specify
how the results should be deduplicated, if at all. The alternatives
are `no` (do not deduplicate, useful for processing the results with
external tools), `mailbox` (deduplicate based on the full, case
sensitive name and email address), and `address` (deduplicate based
on the case insensitive address part). See the `notmuch-address`
manual page for further information.
Emacs Interface
---------------
`notmuch-emacs-version` is used in `User-Agent` header
The value of recently introduced variable `notmuch-emacs-version` is
now used as a part of `User-Agent` header when sending emails.
Removed `notmuch-version` function by renaming it to `notmuch-cli-version`
With existing variable `notmuch-emacs-version` the accompanied
function which retrieves the version of `notmuch-command` is
better named as `notmuch-cli-version`.
Query input now supports completion for "is:<tag>"
New message composition mode: `notmuch-compose-mode`
This is mainly to fix fcc handling, but may be useful for user
customization as well.
Allow filtering of search results in `notmuch-show`
Add function to rerun current tree-view search in search mode
Bug fix for replying to encrypted messages in `notmuch-tree` mode
Allow saved searched to specify tree view rather than search view
Applies to saved searches run from `notmuch-hello`, or by a keyboard
shortcut (`notmuch-jump`). Can be set in the customize interface, or
by adding :search-type tree to the appropriate saved search plist in
`notmuch-saved-searches`.
Increase maximum size of rendered text parts
The variable `notmuch-show-max-text-part-size` controls the maximum
size (in bytes) which is automatically rendered. This may make
rendering large threads slower. To get the previous behaviour set
this variable to 10000.
Library
-------
The use of absolute paths is now enforced when calling
`notmuch_database_{open, create}`
New function `notmuch_directory_delete` to delete directory documents
Previously there was no way to delete directory documents from the
database, leading to confusing results when the "ghost" directory
document of a renamed or deleted filesystem directory was
encountered every time the parent directory was being scanned by
`notmuch new`. The mtime of the old directory document was also used
if a directory by the same name was added again in the filesystem,
potentially bypassing the scan for the directory. The issues are
fixed by providing a library call to delete directory documents, and
deleting the old documents in `notmuch new` on filesystem directory
removal or rename.
Database revision tracking
Revision tracking is supported via a new prefix "lastmod:" in the
query parser and the new function
`notmuch_database_get_revision`. For the latter, see `notmuch(3)`.
New status code returning API for n_query_count_{messages,threads}
Deprecated functions
`notmuch_query_search_threads`, `notmuch_query_search_messages`,
`notmuch_query_count_messages`, and `notmuch_query_count_threads`
are all deprecated as of this release. Clients are encouraged to
transition to the `_st` variants supporting better error reporting.
nmbug-status
------------
`nmbug-status` now supports specifying the sort order for each view.
Upstream changes:
1.936 2015-09-10 22:46:29-04:00 America/New_York
- no changes since 1.935, but a stable release
1.935 2015-08-31 16:47:46-04:00 America/New_York (TRIAL RELEASE)
- do not remove too many newlines at the end (bug introduced in 1.926)
