* Linux: Fixed a high system CPU usage / high context switch count
performance problem
* Maildir: Avoid unnecessarily reading dovecot-uidlist while opening
mailbox.
* Maildir: Fixed renaming child mailboxes when namespace had a prefix.
* mdbox: Don't leave partially written messages to mdbox files when
aborting saving.
* Fixed master user logins when using userdb prefetch
* lda: Fixed a crash when trying to send "out of quota" reply
* lmtp: If delivering duplicate messages to same user's INBOX,
create different GUIDs for them. This helps to avoid duplicate
POP3 UIDLs when pop3_uidl_format=%g.
* virtual storage: Fixed saving multiple mails in a transaction
(e.g. copy multiple messages).
* dsync: Saved messages' save-date was set to 1970-01-01.
- Fix double-login/session issue
- Wrap HTML parts with <html><body> and add Doctype declaration
- Make rcube_autoload silently skip unknown classes
- Fix charset detection in vcards with encoded values
- Better CSS cursors for splitters
- Show the same message only once
- Fix namespaces handling
- Add handling of multifolder METADATA/ANNOTATION responses
- Fix handling of INBOX when personal namespace prefix is non-empty
- Fix handling square brackets in links
- Add description of 'use_https' option in main.inc.php.dist file
* Date: & Message-Id: revert to normally being appended to a message,
only prepend for the Resent-* case. Fixes regression introduced in
Exim 4.70 by NM/22 for Bugzilla 607.
* Include check_rfc2047_length in configure.default because we're seeing
increasing numbers of administrators be bitten by this.
* Added DISABLE_DKIM and comment to src/EDITME
* Bugzilla 994: added openssl_options main configuration option.
* Bugzilla 995: provide better SSL diagnostics on failed reads.
* Bugzilla 834: provide a permit_coredump option for pipe transports.
* Adjust NTLM authentication to handle SASL Initial Response.
* If TLS negotiated an anonymous cipher, we could end up with SSL but
without a peer certificate, leading to a segfault because of an
assumption that peers always have certificates. Be a little more paranoid.
* Bugzilla 926: switch ClamAV to use the new zINSTREAM API for content
filtering; old API available if built with WITH_OLD_CLAMAV_STREAM=yes
NB: ClamAV planning to remove STREAM in "middle of 2010".
CL also introduces -bmalware, various -d+acl logging additions and
more caution in buffer sizes.
* Implemented reverse_ip expansion operator.
* Bugzilla 937: provide a "debug" ACL control.
* Bugzilla 922: Documentation dusting, patch provided by John Horne.
* Bugzilla 973: Implement --version.
* Bugzilla 752: Refuse to build/run if Exim user is root/0.
* Build without WITH_CONTENT_SCAN. Path from Andreas Metzler.
* Bugzilla 816: support multiple condition rules on Routers.
* Add bool_lax{} expansion operator and use that for combining multiple
condition rules, instead of bool{}. Make both bool{} and bool_lax{}
ignore trailing whitespace.
* prevent non-panic DKIM error from being sent to paniclog
* added tcp_wrappers_daemon_name to allow host entries other than
"exim" to be used
* Fix malware regression for cmdline scanner introduced in PP/08.
Notification from Dr Andrew Aitchison.
* Change ClamAV response parsing to be more robust and to handle ClamAV's
ExtendedDetectionInfo response format.
* OpenSSL 1.0.0a compatibility const-ness change, should be backwards
compatible.
Problems fixed:
#32080 Specially crafted <base href> can lead to XSS exploit
#32032 TextEncode related resource information not saved correctly in db file
#32014 CVE-2010-1677: DoS when processing html messages with deep tag nesting
#32013 CVE-2010-4524: Improper escaping of certain HTML sequences (XSS)
#26577 Changed semantic for unpack breaks UTF-8
#25486 Resource FieldStore causes .mhonarc.db to grow over bounds.
#25225 dir_create() fails to make temporary directories (PATCH)
#24247 iso2022jp.pl: unneeded ESC ( B remains in message body
#23198 Incorrect Setting Installation Directory
#20142 strip backslash in rfc822 From: field
#20074 extra space in subject
#18908 X-Subject data get split in separate lines
#18113 inconsistant thread slices w/ poor man's windowing
#17904 FieldOrder affects AddressModifyCode
#17860 incorrect nested HTML Tags for references
#17660 Threaded index resource ordering doesn't allow well formed XML output
#15433 relative attachmentdir is relative to current working dir, not outdir
#14747 major (10X) memory savings possible in some situations
#13853 creation of archive with attachments writes over symlinks
alternative from mk/jpeg.buildlink3.mk
This allows selection of an alternative jpeg library (namely the x86 MMX,
SSE, SSE2 accelerated libjpeg-turbo) via JPEG_DEFAULT=libjpeg-turbo, and
follows the current standard model for alternatives (fam, motif, fuse etc).
The mechanical edits were applied via the following script:
#!/bin/sh
for d in */*; do
[ -d "$d" ] || continue
for i in "$d/"Makefile* "$d/"*.mk; do
case "$i" in *.orig|*"*"*) continue;; esac
out="$d/x"
sed -e 's;graphics/jpeg/buildlink3\.mk;mk/jpeg.buildlink3.mk;g' \
-e 's;BUILDLINK_PREFIX\.jpeg;JPEGBASE;g' \
< "$i" > "$out"
if cmp -s "$i" "$out"; then
rm -f "$out"
else
echo "Edited $i"
mv -f "$i" "$i.orig" && mv "$out" "$i"
fi
done
done
1.5.5 2010-12-02 03:45 UTC
Changelog:
Minor Bug fix release.
#17959 - Boundaries ending with non-word characters - patch by Alex Adriaanese
------ - ignore whitespace and trailing cr/lf in last section of split
------ - correct spacing on multi-line headers. now only striped for encoded data. (on previous line)
Changes to the Cyrus IMAP Server since 2.4.5
* Fixed Bug #3370 - corruption on OpenBSD and other systems without a
reliable mmap
* Fixed Bug #3360 - race condition which could lose seen data on XFER
with upgrade
* Lots of documentation updates
* Fixed Bug #3355 - added an option to suppress items from the
capability response (and bug #3356 when the first attempt was
buggy)
* Fixed Bug #3357 - crash when calling ctl_mboxlist on mailboxes with
annotations
* Fixed Bug #3369 - crash when undumping mailbox during XFER
* Fixed Bug #3361 - shared folders not listing in LSUB "" % - only
with unixheirsep and altnamespace
* Fixed Bug #3362 - "too many open files" when doing XFER of a user
with too many sub mailboxes. Makes XFER less "atomic", but now it
works, which is good!
* Fixed Bug #3313 - md5 library usage. Properly this time!
- Several fixes to improve performance, stability and security
- Several fixes to improve handling of large folder files stored locally.
- Several fixes to improve corruption in local copy of IMAP mailboxes.
- MFSA 2010-78 Add support for OTS font sanitizer
- MFSA 2010-75 Buffer overflow while line breaking after document.write
with long string
- MFSA 2010-74 Miscellaneous memory safety hazards (rv:1.9.2.13/ 1.9.1.16)
* LDA Sieve plugin: started using Dovecot LDA reject API for the
reject extension. This means that the LDA reject_reason and
reject_subject settings now also work for Pigeonhole's LDA Sieve
plugin.
* Did some work on the new sieve-filter tool. It is mostly
functional, but it is not finished yet.
* Dovecot change: services' default vsz_limits weren't being enforced
correctly in earlier v2.0 releases. Now that they are enforced, you
might notice that the default limits are too low and you need to
increase them. This problem will show up in logs as "out of memory"
errors. See default_vsz_limit and service { vsz_limit } settings.
- Imap4flags: fixed segfault bug occurring in multiscript context.
- Added version checking to the ManageSieve settings plugin. This
plugin was forgotten when the LDA plugin was updated with this
change in the previous release.
- LDA Sieve plugin: fixed memory leak at deinitialization.
* Services' default vsz_limits weren't being enforced correctly in
earlier v2.0 releases. Now that they are enforced, you might notice
that the default limits are too low and you need to increase them.
This problem will show up in logs as "out of memory" errors.
See default_vsz_limit and service { vsz_limit } settings.
* LMTP: In earlier versions if mail was delivered to user+detail@domain
address, LMTP server always attempted to deliver the mail to mailbox
named "detail". This was rather unintentional and shouldn't have been
the default. lmtp_save_to_detail_mailbox=yes setting now preserves
this behavior (default is no).
+ Added systemd support (configure --with-systemdsystemunitdir).
Based on patch by Christophe Fergeau.
+ Replaced broken mbox-snarf plugin with a new more generic snarf
plugin.
- dbox: Fixes to handling external mail attachments
- verbose_proctitle=yes didn't work for all processes in v2.0.7
- imap, pop3: When service { client_count } was larger than 1, the
log messages didn't use the correct prefix. Last logged in user's
prefix was always used, regardless of what user's session actually
logged it. Now the proper log prefix is always used.
- MySQL: Only the first specified host was ever used
version 2.07: Fri Oct 1 12:39:43 CEST 2010
Improvements:
- update README: MailTools 2.* require 5.8.1
rt.cpan.org#61753 [Alexandre Bouillot]
- add "MAIL FROM" to Mail::Mailer::smtp, to be able to
communicate with Comcast [David Myers]
* libclamav/pdf.c: fix crashes
* libclamav/pe_icons.c: off by one while
* libclamav: fix detection of embedded executables
* libclamav/matcher-ac.c: fix offset handling for sigs with {x-y} wildcards
* freshclam/manager.c: fix error path infinite loop
* clamd/clamd.c: fix RLIMIT_DATA setting on BSD
* freshclam: improve mirror management
* libclamav: fix possible use of uninitialized values
* libclamav: Set the unreliability flag on (un)packed files
* libclamav/c++: Update embedded copy of LLVM to version 2.8
* freshclam: make query format backward compatible
* freshclam: get detection stats directly from clamd
* libclamav/cache.c,c++/bytecode2llvm.cpp}: make cl_load thread safe
* freshclam: load database in subprocess
* clamd: add new commands DETSTATS and DETSTATSCLEAR
* libclamav/7z.c: fix file descriptor leak
* clamd, libclamavll: add ability to logg messages from libclamav
* libclamav/builtin_bytecodes.h: Don't disable JIT on pentium4
Changes to the Cyrus IMAP Server since 2.4.4
* Tidy up of the git version number added to the ID response
* Fixed incorrect time field in date searches (Bug #3339) - thanks Greg Banks
for noticing this one
* Fixed reconstruct crash and other potential issues (Bug #3353) - first
reported Paul Dekkers
* Fixed ACL passing for rename/delete on murder backends (Bug #3342) - first
reported by Robert Spellman
* Fixed corruption of long (>1024 byte) seen records on replica (Bug #3344) -
found at FastMail by Bron Gondwana
* Made all perl utilities use /usr/bin/perl in the #! line (Bug #2275) -
reported by Yann Rouillard over 5 years ago!
* Fixed crash on message with incomplete final boundary (Bug #3345) - found
at FastMail by Bron Gondwana
* Regression: sync_crc was being set to 00000000 on repack - introduced in
2.4.4 (Bug #3347) - first found at FastMail, but also seen at multiple
other sites
* Always print [CLOSED] response when selecting a new mailbox, even if a
CONDSTORE enabling command has not been sent (Bug #3352) - reported by Jan
Kundra't, author of the Trojita IMAP client
* Fixed crash with reconstruct -rf and missing mailboxes.db entries (Bug #
3351) - reported by Giles Malet
* Made sync_server report errors earlier if there are extra records on the
master which aren't present on the replica (Bug #3355) - thanks to David
Carter for finding it and a first pass at a fix
* Stopped expunges to never-reported-messages being showed (basically if the
'EXPUNGE' command was run, and it expunged a message that the client had
never even seen - seriously rare race condition, Bug #3356) - discovered by
Bron Gondwana hammering a testbed with Dovecot's imaptest tool
* Fixed compile with old PCRE (Bug #3358) - found and fixed by Simon Matter
* Fixed missing quota usage after XFER (Buf #3349) - found by Dave McMurtrie
changes:
-Enable building with GTK+ 2.22
-QuickSearch can now be run from the command line
-Added a hidden option to set a margin in the text area of the
Compose window
-updated manual and man page
-bugfixes
-translation updates
pkgsrc change: reset MAINTAINER -- he doesn't use the program anymore
- Postfix no longer automatically appends the system default CA
(certificate authority) certificates, when it reads the CA
certificates specified with {smtp, lmtp, smtpd}_tls_CAfile or
with {smtp, lmtp, smtpd}_tls_CApath. This prevents third-party
certificates from getting mail relay permission with the
permit_tls_all_clientcerts feature. Unfortunately, this change
may cause compatibility problems with configurations that rely
on certificate verification for other purposes. To get the old
behavior, specify "tls_append_default_CA = yes".
- A prior fix for compatibility with Postfix < 2.3 was incomplete.
When pipe-to-command delivery fails with a signal, mail is now
correctly deferred, instead of being returned to sender.
- Poor smtpd_proxy_filter TCP performance over loopback (127.0.0.1)
connections was fixed by adapting the output buffer size to the MTU.
- The SMTP server no longer applies the reject_rhsbl_helo feature
to non-domain forms such as network addresses. This would cause
false positives with dbl.spamhaus.org.
- The Postfix SMTP server failed to deliver a "421" response and
hang up the connection after Milter error. Instead, the server
delivered a "503 Access denied" response and left the connection
open, due to some Postfix 1.1 workaround for RFC 2821.
- The milter_header_checks parser failed to enable any of the actions
that have no effect on message delivery (warn, replace, prepend,
ignore, dunno, and ok).
== [release-1-6-2] 1.6.2: 2010-11-23
A bug fix release of 1.6.1.
=== milter manager
==== Improvements
* Made PID file directory prepareing process in init
script on Debian robust.
[Reported by Kenji Shiono]
* Used gint64 for time_t.
[Suggested by OBATA Akio]
==== Fixes
* Fixed missing temporary file close.
[Reported by Kenji Shiono]
=== milter manager admin
==== Improvements
* Documented required sqlite3-ruby version on CentOS.
[Reported by Kenji Shiono]
=== Ruby milter
==== Improvements
* Made milter-tarpit.rb, a sample milter, asynchronous.
[Reported by Kenji Shiono]
* Provided all milter API.
==== Fixes
* Fixed a typo in command line option.
[Reported by Kenji Shiono]
