RELEASE 0.9.2
-------------
- Fix image thumbnails display in print mode (#1489134)
- Fix height of message headers block (#1489108)
- Fix timeout issue on drag&drop uploads (#1489170)
- Fix default sorting of threaded list when THREAD=REFS isn't supported
- Fix list mode switch to 'List' after saving list settings in Larry skin (#1489164)
- Fix error when there's no writeable addressbook source (#1489162)
- Fix zipdownload plugin issue with filenames charset (#1489156)
- Fix so non-inline images aren't skipped on forward (#1489150)
- Fix "null" instead of empty string on messages list in IE10 (#1489145)
- Fix legacy options handling
- Fix so bounces addresses in Sender headers are skipped on Reply-All (#1489011)
- Fix bug where serialized strings were truncated in PDO::quote() (#1489142)
- Fix displaying messages with invalid self-closing HTML tags (#1489137)
- Fix PHP warning when responding to a message with many Return-Path headers (#1489136)
- Fix unintentional compose window resize (#1489114)
- Fix performance regression in text wrapping function (#1489133)
- Fix connection to posgtres db using unix socket (#1489132)
- Fix handling of comma when adding contact from contacts widget (#1489107)
- Fix bug where a message was opened in both preview pane and new window on double-click (#1489122)
- Fix fatal error when xdebug.max_nesting_level was exceeded in rcube_washtml (#1489110)
- Fix PHP warning in html_table::set_row_attribs() in PHP 5.4 (#1489094)
- Fix invalid option selected in default_font selector when font is unset (#1489112)
- Fix displaying contact with ID divisible by 100 in sql addressbook (#1489121)
- Fix browser warnings on PDF plugin detection (#1489118)
- Fix fatal error when parsing UUencoded messages (#1489119)
== Version 2.5.4 - Tue May 14 14:45:00 +1100 2013 Mikel Lindsaar
<mikel@lindsaar.net>
Features:
* Save settings passed to TestMailer#new (svanderbleek)
* Allow the setting of envelope from directly (jeremy)
* Accept other IETF/IANA-registered Content-Types and
Content-Transfer-Encodings (jeremy)
* Alias shift-jis charset to Shift_JIS Ruby encoding (jeremy)
* Add support for ks_c_5601-1987 charset, aliased to CP949 Ruby encoding
(jeremy)
* Don't allow colons in header names (jeremy)
* Can assign arrays of Message-IDs to References and In-Reply-To (jeremy)
* Setting the html_ or text_part sets a default text/html or text/plain
content type (jeremy)
* Setting the html_ or text_part to nil removes it (jeremy)
* Addresses without a parsable email or display name still format as their raw
text (jeremy)
* Close pull request 504 - Alias GB2312 charset to GB18030 Ruby encoding (bpot)
* Close pull request 399 - Accept :ca_path and :ca_file options for SMTP
delivery (ndbroadbent)
* Close pull request 389 - Don't add superfluous message headers to MIME parts
(djmaze, jeremy)
Performance:
* Close pull request 488 - Speed up field construction & comparison (bpot)
Bugs:
* Don't include separating semicolon in paramter value when sanitizing (bpot)
* Fix fencepost encoding problem with binhex strings and only one token (drasch)
* Fix sendmail delivery to addresses with a leading hyphen (lifo, jeremy)
* Correctly format mbox From headers per RFC4155 (bpot, jeremy)
* Fix bogus '=' at the end of some quoted-printable messages (jeremy)
* Shouldn't be fooled into encoding strings on 1.8 by unrelated Encoding
constant (emiellohr, jeremy)
* Header encoding should be US-ASCII, not the default external encoding (jeremy)
* Address elements should return decoded display names by default (jeremy)
* Fix up tests that depend on utf-8 external encoding; read fixtures as binary
(jeremy)
* Capture stderr from Sendmail and Exim deliveries (jeremy)
* RFC2822 quoted_string content may be empty (jeremy)
* Calling #to_s on a field with a nil value returns an empty string instead of
nil (jeremy)
* The Received header may contain zero name/value pairs, qmail-style (jeremy)
* Fix that setting an attachment with a :mime_type and :encoding would
override the :encoding (jeremy)
* Fix that declaring an html_part but no text_part would use
multipart/alternative anyway (jeremy)
* Close pull request 508 - Don't add an extra CRLF to MIME parts; split MIME
parts on correct CRLF boundaries (Aalanar)
* Close pull request 506 - Escape backslashes in quoted strings (ConradIrwin)
* Close pull request 496 - Correctly handle quoted-printable line breaks
(jeremy)
* Close pull request 493 - Repair misencoded quoted-printable line breaks
(jeremy)
* Close pull request 487 - Extract comments from group email addresses (bpot)
* Close pull request 481 - Correctly quote filename attributes (bpot)
* Close pull request 480 - Support mixed encodings in a single header body
(adamvaughan)
* Close pull request 471 - Fix Ruby 1.8 build when UTF16/32 default to
little-endian (kennyj)
Coping with third-party bugs:
* Parse multipart boundary from Content-Type headers containing extra
semicolons (jeremy)
* Close pull request 389 - Only add Content-ID to inline attachments to
appease Outlook (djmaze, jeremy)
Housekeeping:
* Add development gem dependency on rdoc (jeremy)
* Refresh Bundler dependencies & setup (jeremy)
* Remove i18n dependency and last vestiges of activesupport dependency in
specs (jeremy)
* Clarify that Sender is a single address, not an address list (jeremy)
* Add an MIT-LICENSE file to make licensing clear & obvious; update to 2013
(jeremy)
* Close pull request 501 - Tighten up header/body whitespace splitting
(ConradIrwin)
* Close pull request 499 - Clean up some dead code (ConradIrwin)
* Close pull request 489, 495 - Docs typos (JackDanger, francois)
* Close pull request 485 - Be explicit about unsupported address parsing (bpot)
* Close pull request 484 - Remove #tree specs in preparation for deprecation
removal (bpot)
* Close pull request 482 - Update address field specs to reflect to
#initialize API (bpot)
* Close pull request 475 - Shush warning on Object#blank? redefinition
(amatsuda)
* Close pull request 472 - Clean up UTF8/UTF-8 internals (kennyj)
== 1.23 / 2013-04-20
* New Feature:
* Arnaud Meuret (ameuret) suggested that it could be useful if the MIME type
collection was enumerable, so he implemented it in #30. Thanks for the
contribution! https://github.com/halostatue/mime-types/pull/30
* Updated MIME Types:
* RFC6910 was adopted (application/call-completion).
* RFC6902 was adopted (application/json-patch\+json).
* RFC6917 was adopted (application/mrb-consumer\+xml,
application/mrb-publish\+xml).
* RFC6922 was adopted (application/sql).
* RFC2560 is being
{updated}[http://tools.ietf.org/html/draft-ietf-pkix-rfc2560bis].
* Administrivia:
* The gemspec now includes information about the licenses under which the
mime-types gem is available.
* Using hoe-gemspec2 instead of hoe-gemspec.
== 1.22 / 2013-03-30
* New MIME Types:
* Added support for 3FR (Hasselblad raw images) files. MIME-Type was obtained
by looking at exif data with exiftool. Thanks to cgat for these changes.
https://github.com/halostatue/mime-types/pull/27
* Updated MIME Types:
* Pulled the latest updates from the IANA MIME-Type registry.
* Added support for Ruby 2.0 with Travis CI.
Can't locate getopt.pl in @INC (@INC contains:...
by adding two patches.
patches/patch-agent_test_TEST
patches/patch-bin_perload
See the thread starting with:
| To: tech-pkg@NetBSD.org
| Subject: broken packages for 2013q2
| From: David Holland <dholland-pkgtech@NetBSD.org>
| Date: Wed, 12 Jun 2013 04:02:11 +0000
or
http://mail-index.netbsd.org/tech-pkg/2013/06/12/msg011548.html
Log something when refusing to sign because the private key was too
small. This also adds a new "On-SignatureError" handler
setting, and a new status code DKIM_STAT_SIGGEN.
Fix application of "On-InternalError" setting.
Feature request #SF3609496: Don't apply reputation checks to internal
clients.
2.8.2 2013/03/27
Authentication-Results tokens should be checked without case
sensitivity.
Fix snprintf() arguments in dkimf_checkfsnode().
CONTRIB: Patch #SF3608716: Fixes to spec/opendkim.spec.in
2.8.1 2013/03/19
Fix bug #SF3607071: Report the reason why a key file is determined
to be unsafe.
Fix bug #SF3607072: When checking for key file safety, take any
"-u" value provided on the command line into account.
Fix bug #SF3608401: Solaris 10 doesn't have strsep().
BUILD: Fix build for versions of libdb between 3.1 and 4.6.
2.8.0 2013/02/25
Feature request #SF2964383: Add DKIM_LIBFLAGS_STRICTRESIGN, which
inhibits signing of a handle tagged for resigning when the
attached verifying handle had no valid signatures in it.
Feature request #SF3155117: Do a more thorough check for writeable
key files, checking more of the filesystem permission tree.
Feature request #SF3530734: Add "LDAPDisableCache", which suppresses
the creation of a local cache in front of LDAP queries.
Feature request #SF3547359: If compiled with libcurl, add "SMTPURI"
configuration option that allows direct SMTP transmission
failure reports.
Feature request #SF3578197: Allow per-message override of the list of
header fields to be signed.
Feature request #SF3590860: Combine collected reputation values into
an overall allowed rate under _FFR_REPRRD, as is done for the
other reputation code.
Feature request #SF3598991: Add odkim.signfor() function to the Lua
setup script.
Feature request #SF3599409: Modify dkimf_checkip() to try surrounding
the IP address part of every query with square brackets, which
is a common way to do IP address literals in email contexts.
Fix bug #SF3531477: Add (hopefully temporary) configuration option
"DisableCryptoInit" so that opendkim's initialization of the
crypto library doesn't conflict with the same work done by
other libraries.
Fix bug #SF3599901: Rename "InsecureKey" to "UnprotectedKey" and
"InsecurePolicy" to "UnprotectedPolicy", as the term "insecure"
in reference to a key is sometimes interpreted to mean "not
enough random bits" rather than as a keyword describing the
presence or absence of DNSSEC protection. What's logged in
Authentication-Results header fields has been similarly
modified.
Fix bug #SF3604525: Don't divide by zero when the query cache hasn't
been used.
Protect against handling of signatures with empty domains, which could
cause a NULL dereference and a crash.
Do ATPS checks when enabled even if ADSP is disabled.
Don't fail to start on empty or null configuration files.
Patch #SF3593422: Update for MDB 0.9.5 support.
LIBOPENDKIM: Fix header canonicalization when DKIM_LIBFLAG_FIXCRLF is
used in combination with dkim_chunk().
LIBOPENDKIM: Enable dkim_getcachestats() and the underlying function
to extract the current number of keys in the cache, and also
provide a counter reset mechanism.
BUILD: Feature request #SF3547151: Check for Lua package name variants
in use on Debian.
BUILD: Feature request #SF3599902: Change OpenSSL existence test
to help with Debian packaging.
BUILD: Add "--with-test-socket" to force all of the filter unit tests
to use a specific socket.
BUILD: Add checks for strlcat()/strlcpy() in libbsd.
CONTRIB: Fix bug #SF3575666: Pass pid file path to killproc.
CONTRIB: Add systemd directory.
CONTRIB: Split out initial key generation function from
contrib/init/redhat/opendkim.
MILTERTEST: Don't crash in mt_connect() if the socketspec doesn't
contain a colon.
MILTERTEST: When connect() fails for an AF_INET socket, it apparently
leaves the socket unusable. Discard the socket when that
happens and get a new one.
MILTERTEST: Add a way to extend the mt.connect() retry interval via
environment variables so a large test suite can be easily
extended on slow systems.
TOOLS: Register DNS functions before calling dkim_dns_init() in
opendkim-testkey.
TOOLS: Add "-K" (keep temporary files) flag for opendkim-testmsg
* A new action_add_entity function has been added.
* Deprecated defined(@array) construct has been removed.
* New load1 md-mx-ctrl command summarizes load in a more useful format than load
* watch-multiple-mimedefangs.tcl has been overhauled.
* Various other bugfixes and documentation cleanups.
Changes are too any to write here and please refer CHANGELOG.
pkgsrc changes:
* Add note to enable access_compat_module Apache 2.3 or later.
* Make php-mcrypt mandatory.
* Clean up PKG_OPTIONS.
* Add several patches from official repository.
* using legacy module getopt.pl, add dependency on p5-Perl4-CoreLibs
* fixes some warnings of prototype mismatch.
Bump PKGREVISION from additional dependency.
to address issues with NetBSD-6(and earlier)'s fontconfig not being
new enough for pango.
While doing that, also bump freetype2 dependency to current pkgsrc
version.
Suggested by tron in PR 47882
a) refer 'perl' in their Makefile, or
b) have a directory name of p5-*, or
c) have any dependency on any p5-* package
Like last time, where this caused no complaints.
- messages retrieved with POP could have a blank trailing line
removed when delivered; fixed. Thanks: Christoph Mitterer, Krzysztof
Warzecha.
- fix an ImportError when IMAP retriever used with getmail under
Python 2.4.
+ zlib: Keep the last mail cached uncompressed in a temp file. This
fixes performance when doing small partial fetches from a large
mail.
+ acl: If plugin { acl_defaults_from_inbox = yes } is set, get the
default ACLs for private and shared namespaces from the user's INBOX.
(This probably will become default in v2.3.)
+ pop3: Added pop3_deleted_flag setting to switch POP3 deletions to
only hide the messages from POP3, but still be visible via IMAP.
- ACL plugin: Mailbox creation wasn't actually checking any ACLs
and always succeeded (due to some v2.2 API changes). The created
mailbox couldn't have been accessed though, so this couldn't have
caused any data leak.
- IMAP: Various URLAUTH fixes.
- IMAP: Fixed a hang with invalid APPEND parameters.
- IMAP LIST-EXTENDED: INBOX was never listed with \Subscribed flag.
- mailbox_list_index=yes still caused crashes.
- maildir: Fixed a crash after dovecot-keywords file was re-read.
- maildir: If files had reappeared unexpectedly to a Maildir, they
were ignored until index files were deleted.
- Maildir: Fixed handling over 26 keywords in a mailbox.
- Maildir++: Fixed mail_shared_explicit_inbox=no
- namespace { prefix="" list=no } was listing mailboxes.
- imap/pop3-login proxying: Fixed a crash if TCP connection succeeded,
but the remote login timed out.
- Case-insensitive search/sort didn't work correctly for all unicode
characters, as specified by i;unicode-casemap comparator. If full
text search indexes were used, they need to be rebuilt for old mails
to be handled correctly. (This bug has existed always in Dovecot.)
Changelog:
FIXED
Security fixes can be found here
FIXED
Thunderbird now supports the Twitter API version 1.1 ahead of Twitter closing the 1.0 version (Bug 857049)
Fixed in Thunderbird 17.0.6
MFSA 2013-48 Memory corruption found using Address Sanitizer
MFSA 2013-47 Uninitialized functions in DOMSVGZoomEvent
MFSA 2013-46 Use-after-free with video and onresize event
MFSA 2013-44 Local privilege escalation through Mozilla Maintenance Service
MFSA 2013-42 Privileged access for content level constructor
MFSA 2013-41 Miscellaneous memory safety hazards (rv:21.0 / rv:17.0.6)
In 2005, this package started using PKG_OPTIONS.clamav instead of the
expected PKG_OPTIONS.p5-Mail-ClamAV, on the theory that the options
were the same. Now, clamav supports "milter" and
"clamav-experimental", and p5- supports "curl". So there's no way to
build this package with the curl option, and no way to build this
package if clamav has any options set. Therefore, the change being
committed will not bother anyone :-) Nevertheless, bump PKGREVISION.
v0.4.0 09-05-2013 Stephan Bosch <stephan@rename-it.nl>
+ Added doveadm-sieve plugin that provides the possibility to synch Sieve
scripts using doveadm sync along with the user's mailboxes.
+ Added the Sieve extprograms plugin to the main Pigeonhole package. It is
still a plugin, but it is now included so that a separate compile is no
longer necessary and distributors are likely to include it. The extprograms
plugin provides Sieve language extensions that allows executing
(administrator-controlled) external programs for message delivery,
message filtering and string manipulation. Refer to
doc/plugins/sieve_extprograms.txt for more information.
+ Added debug message showing Pigeonhole version at initialization. Makes it
very clear that the plugin is properly loaded.
+ Finished implementation of the Sieve include extension. It should now
fully conform to RFC 6609. The main addition is the new :optional tag which
makes the include command ignore missing included scripts without an error.
+ Finished implementation of the Sieve environment extension as much as
possible. Environment items "location", "phase" and "domain" now also
return a usable value.
- increase system recursion limit when run with Python 2.3, to
prevent recursion errors in parsing some pathologically complex
MIME emails. Thanks: Kenneth Pronovici.
