Changelog:
FIXED
Security fixes can be found here
FIXED
Thunderbird now supports the Twitter API version 1.1 ahead of Twitter closing the 1.0 version (Bug 857049)
Fixed in Thunderbird 17.0.6
MFSA 2013-48 Memory corruption found using Address Sanitizer
MFSA 2013-47 Uninitialized functions in DOMSVGZoomEvent
MFSA 2013-46 Use-after-free with video and onresize event
MFSA 2013-44 Local privilege escalation through Mozilla Maintenance Service
MFSA 2013-42 Privileged access for content level constructor
MFSA 2013-41 Miscellaneous memory safety hazards (rv:21.0 / rv:17.0.6)
In 2005, this package started using PKG_OPTIONS.clamav instead of the
expected PKG_OPTIONS.p5-Mail-ClamAV, on the theory that the options
were the same. Now, clamav supports "milter" and
"clamav-experimental", and p5- supports "curl". So there's no way to
build this package with the curl option, and no way to build this
package if clamav has any options set. Therefore, the change being
committed will not bother anyone :-) Nevertheless, bump PKGREVISION.
v0.4.0 09-05-2013 Stephan Bosch <stephan@rename-it.nl>
+ Added doveadm-sieve plugin that provides the possibility to synch Sieve
scripts using doveadm sync along with the user's mailboxes.
+ Added the Sieve extprograms plugin to the main Pigeonhole package. It is
still a plugin, but it is now included so that a separate compile is no
longer necessary and distributors are likely to include it. The extprograms
plugin provides Sieve language extensions that allows executing
(administrator-controlled) external programs for message delivery,
message filtering and string manipulation. Refer to
doc/plugins/sieve_extprograms.txt for more information.
+ Added debug message showing Pigeonhole version at initialization. Makes it
very clear that the plugin is properly loaded.
+ Finished implementation of the Sieve include extension. It should now
fully conform to RFC 6609. The main addition is the new :optional tag which
makes the include command ignore missing included scripts without an error.
+ Finished implementation of the Sieve environment extension as much as
possible. Environment items "location", "phase" and "domain" now also
return a usable value.
- increase system recursion limit when run with Python 2.3, to
prevent recursion errors in parsing some pathologically complex
MIME emails. Thanks: Kenneth Pronovici.
8.14.7/8.14.7 2013/04/21
Drop support for IPv4-mapped IPv6 addresses to prevent the MTA
from using a mapped address over a legitimate IPv6 address
and to enforce the proper semantics over the IPv6
connection. Problem noted by Ulrich Sporlein.
Fix a regression introduced in 8.14.6: the wrong list of
macros was sent to a milter in the EHLO stage.
Problem found by Fabrice Bellet, reported via RedHat
(Jaroslav Skarvada).
Fix handling of ORCPT parameter for DSNs: xtext decoding
was not performed and a wrong syntax check was applied
to the "addr-type" field. Problem noted by Dan Lukes
of Obludarium.
Fix handling of NUL characters in the MIME conversion functions
so that message bodies containing them will be sent
on properly. Note: this usually also affects mails
that are not converted as those functions are used
for other purposes too. Problem noted by Elchonon
Edelson of Lockheed Martin.
Do not perform "duplicate" elimination of recipients if they
resolve to the error mailer using a temporary failure
(4xy) via ruleset 0. Problem noted by Akira Takahashi
of IIJ.
CONTRIB: Updated version of etrn.pl script from John Beck
of Oracle.
Portability:
Unlike gcc, clang doesn't apply full prototypes to K&R
definitions.
Changes since 2.1.13, from the NEWS file
v2.2.0 2013-04-11 Timo Sirainen <tss@iki.fi>
* When creating home directories, the permissions are copied from the
parent directory if it has setgid-bit set. For full details, see
http://wiki2.dovecot.org/SharedMailboxes/Permissions
* "doveadm auth" command was renamed to "doveadm auth test"
* IMAP: ID command now advertises server name as Dovecot by default.
It was already trivial to guess this from command replies.
* dovecot.index.cache files can be safely accessed only by v2.1.11+.
Older versions may think they're corrupted and delete them.
* LDA/LMTP: If saving a mail brings user from under quota to over
quota, allow it based on quota_grace setting (default: 10%
above quota limit).
* pop3_lock_session=yes now uses a POP3-only dovecot-pop3-session.lock
file instead of actually locking the mailbox (and causing
IMAP/LDA/LMTP to wait for the POP3 session to close).
* mail_shared_explicit_inbox setting's default switched to "no".
* ssl_client_ca_dir setting replaced imapc_ssl_ca_dir and
pop3c_ssl_ca_dir settings.
+ Implemented IMAP MOVE and BINARY extensions
+ Implemented IMAP CATENATE, URLAUTH and URLAUTH=BINARY extensions
(by Stephan Bosch).
+ Implemented IMAP NOTIFY extension. Requires mailbox_list_index=yes
to be enabled.
+ Redesigned and rewritten dsync. The new design makes the syncing
faster, more reliable and more featureful. The new dsync protocol
isn't backwards compatible with old dsync versions (but is designed
to be forwards compatible with future versions).
+ All mailbox formats now support per-user message flags for shared
mailboxes by using a private index. It can be enabled by adding
:INDEXPVT=<path> to mail location. This should be used instead of
:INDEX also for Maildir/mbox to improve performance.
+ Improved mailbox list indexes. They should be usable now, although
still disabled by default.
+ Added LAYOUT=index. The mailbox directories are created using their
GUIDs in the filesystem, while the actual GUID <-> name mapping
exists only in the index.
+ LMTP proxy: Implemented XCLIENT extension for passing remote IP
address through proxy.
v2.2.rc7 2013-04-10 Timo Sirainen <tss@iki.fi>
* checkpasword: AUTH_PASSWORD environment is no longer set.
* Running dsync no longer triggers quota warnings.
+ dsync: Commit large transactions every 100 new messages, so if a
large sync crashes it doesn't have to be restarted from the
beginning.
- replicator: doveadm commands and user list export may have skipped
some users.
- Various fixes to mailbox_list_index=yes
v2.2.rc6 2013-04-08 Timo Sirainen <tss@iki.fi>
* replicator: Don't create replicator-doveadm socket by default.
This way doveadm replicator commands don't accidentally start an
unconfigured replicator server.
+ replicator: Have remote dsync notify the remote replicator that
a user was just synced. This way the replicators are kept roughly
in sync.
+ Added ssl_client_ca_file to specify the CA certs as a file. This is
needed (instead of ssl_client_ca_dir) in RedHat-based systems.
+ Added "doveadm fs" commands, mainly to debug lib-fs backends.
- Mailbox list indexes weren't using proper file permissions based
on the root directory.
v2.2.rc5 2013-04-05 Timo Sirainen <tss@iki.fi>
- A few small random fixes
v2.2.rc4 2013-04-05 Timo Sirainen <tss@iki.fi>
+ Added "doveadm replicator" commands
- Larger changes to lib-http and lib-ssl-iostream error handling.
The API caller can now get the exact error message as a string.
- Various bugfixes to LDAP changes in rc3
v2.2.rc3 2013-03-20 Timo Sirainen <tss@iki.fi>
+ dsync: Support syncing ACLs (and Sieve scripts with Pigeonhole)
+ ldap: Support subqueries and value pointers, see
http://wiki2.dovecot.org/AuthDatabase/LDAP/Userdb
+ postmaster_address setting: Expand %d to recipient's domain
- Fixed a crash when decoding quoted-printable content.
- dsync: Various bugfixes
v2.2.rc2 2013-02-15 Timo Sirainen <tss@iki.fi>
- rc1 wasn't actually usable in most configurations.
v2.2.rc1 2013-02-15 Timo Sirainen <tss@iki.fi>
* See v2.2.0 notes
- again change protocol codes passed to OSX, as they're not only
reserved codes, but also case-sensitive. Use the ones an OSX user
reports work properly. Thanks: Tim Gray.
- convert SIGTERM to SIGINT so getmail can cleanup and exit normally
if killed with a default signal. Thanks: Carl Lei.
- fix change which resulted in passing full protocol name to OSX
keyring program, which can't handle it (restricted to 4-character
code). Thanks: Tim Gray.
This is a POP3 client module for perl5. It provides an object-oriented
interface to a POP3 server. It can be used to write perl-based
biff clients, mail readers, or whatever. See the inline POD doco
for more details. (perldoc Mail::POP3Client)
Changelog:
FIXED
Security fixes can be found here
FIXED
Adjusting font size when composing emails should be easier (Bug 824926)
Fixed in Thunderbird 17.0.5
MFSA 2013-40 Out-of-bounds array read in CERT_DecodeCertPackage
MFSA 2013-38 Cross-site scripting (XSS) using timed history navigations
MFSA 2013-36 Bypass of SOW protections allows cloning of protected nodes
MFSA 2013-35 WebGL crash with Mesa graphics driver on Linux
MFSA 2013-34 Privilege escalation through Mozilla Updater
MFSA 2013-32 Privilege escalation through Mozilla Maintenance Service
MFSA 2013-31 Out-of-bounds write in Cairo library
MFSA 2013-30 Miscellaneous memory safety hazards (rv:20.0 / rv:17.0.5)
File too long (should be no more than 24 lines).
Line too long (should be no more than 80 characters).
Trailing empty lines.
Trailing white-space.
Trucated the long files as best as possible while preserving the most info
contained in them.
COMMENT should not be longer than 70 characters.
COMMENT should not begin with 'A'.
COMMENT should not begin with 'An'.
COMMENT should not begin with 'a'.
COMMENT should not end with a period.
COMMENT should start with a capital letter.
pkglint warnings. Some files also got minor formatting, spelling, and style
corrections.
1.9.1 02-March-2013
---------------------------------------------
- Disable query cache for Sqlite.
- Handle missing mysqld better.
- Ignore my.cnf settings when using the internal MySQL server.
1.9.0 23-December-2012
---------------------------------------------
- Respect collection cache policy refresh interval for collection tree sync.
- Fix initialization of PostgreSQL database.
- Correctly count items flags in virtual collections.
- Notify parent virtual collections about item changes.
- Require CMake >= 2.8.8.
- Remove dependency to Automoc4.
- Support Qt 5.
1.8.80 12-November-2012
---------------------------------------------
- Recover from lost external payload files.
- Improve the virtual collections handling.
- Notify clients about database schema updates.
- Reduce item access time updates.
- Make use of referential integrity if supported by the database backend.
- Add prepared query cache.
- Many code and queries optimizations.
1.8.1 14-October-2012
---------------------------------------------
- Fix payload loss on some move/copy scenarios.
- Improve error reporting for failed item retrievals.
1.8.0 25-July-2012
---------------------------------------------
- Fix deadlock in ad-hoc Nepomuk searches.
1.7.95 11-July-2012
---------------------------------------------
- Fix Nepomuk queries getting stuck if Nepomuk service crashes.
- Fix unecessary remote retrieval of already cached item parts.
- Reset RID/RREV during cross-resource collection moves.
- Increase timeout for remote item retrieval.
1.7.90 08-June-2012
---------------------------------------------
- Fix handling of large SPARQL queries.
- Support cleanup of orphaned resources in the consistency checker.
- Support compilation with Clang.
1.) Fix broken "yasm" version check which only accepts version numbers
like "a.b.c.d" but not like "a.b.c" and therefore fails with
Yasm 1.2.0. This probably affects other platforms (e.g. Linux
as well).
2.) Use "-R" instead of non-portable "-rpath" linker option.
The build under Solaris 10 fails now during the build phase and not
already in the configuration phase.
- More Solaris build fixes (Jim Klimov)
- Use ZZ for unknown GeoIP country
- Fix swapped %f and %r for stat example in default greylist.conf
- Support p0f v3.06 and up with --with-p0f-src or --enable-p0f306
Patch provided by Richard Palo in private e-mail.
Approved by Thomas 'wiz' Klausner.
- Seperated POP/IMAP/SMTP code into a seperate library so that it
can be used with different applications. Now "poppy" handles just
config file reading and pretty-printing.
- Intial draft of a spamkill application. Deletes spams based on the
headers on a POP3/IMAP server. Requires customization for your
setup.
1.8.7: Release date: 2012-12-25 17:28 UTC
* Bug #5333: Fix more return by reference errors [alec]
* Bug #19754: Fix compatibility with PHP4 [alec]
1.8.6: Release date: 2012-10-23 09:52 UTC
* Bug #19473: PEAR::isError() compatibility problem with PHP 5.4 [alec]
* Bug #19497: Attachment filename is cut on slash character [alec]
* Bug #19665: Add Mail-Reply-To and Mail-Followup-To to structured recipient
headers list [alec]
Fix bug #SF3596147: Allow arbitrarily long configuration file lines.
Fix bug #SF3596229: Fix logging of signature errors, which logged
the domain name twice instead of the domain name and the
selector.
Safely handle incoming Authentication-Results fields with large number
of tokens.
Avoid mixing up status codes when processing conf_logresults, leading
to confusing log entries.
Fix ADSP logging.
== [release-1-8-6] 1.8.6: 2013-03-04
A bug fix release of 1.8.5.
=== milter-core
==== Improvements
* [core][event-loop] Add an API to customize event loop on your own.
==== Fixes
* [core][event-loop] Fix to work broken libev backend with Ruby 1.9.
=== milter manager
==== Improvements
* Add max-pending-finished-sessions as configuration option.
If the number of current pending finished sessions is larger than
'max-pending-finished-sessions', the current pending finished sessions are
freed immediately.
=== milter-client
==== Improvements
* Add --max-pending-finished-sessions command line option.
=== Ruby milter
==== Improvements
* Add an API to customize event loop on your own from Ruby.
* Support manager.max_pending_finished_sessions.
* Add API to reset when transaction is finished.
Use this API to avoid not to share instance information for each transaction unexpectedly.
=== Document
==== Improvements
* Add documentation about manager.max_pending_finished_sessions
* Add API to reset transaction.
==== Fixes
* Fix the default value of manager.maitenance_interval which is not correct.
- fix a bug that could crop up when retrieving mail via IMAP from
Gmail, and the Gmail servers provided weird data in their header
extensions. Thanks: Krzysztof Warzecha.
== HEAD
== Version 2.5.3 - Sun Dec 4 15:52:00 +1100 2012 Mikel Lindsaar <mikel@reinteractive.net>
* Close pull request 468 - Remove debug output to STDOUT (tadman)
* Fix up spec warnings
* Remove un needed require
* Ensure spec_helper constants only defined once
* Use stub against time instead of DateTime to avoid double redefinition error
== Version 2.5.2 - Sun Nov 18 15:01:00 +1100 2012 Mikel Lindsaar <mikel@reinteractive.net>
* Removing double loading of treetop parsers to remove warnings
* Making parsers auto compile on spec suite and load in production code to avoid error that caused yank of 2.5.0
* Reapply pull request 443 - CC fields with semicolon are now parsed right (paulwittmann)
== Version 2.5.1 - Sun Nov 18 14:01:00 +1100 2012 Mikel Lindsaar <mikel@reinteractive.net>
* Yanked 2.5.0
* Reverted pull request 443 - CC fields with semicolon are now parsed right (paulwittmann)
== Version 2.5.0 - Sun Nov 18 12:20:00 +1100 2012 Mikel Lindsaar <mikel@reinteractive.net>
Features:
* Close pull request 406 - Add Mail#eager_autoload! to load all autoloaded files on demand (bpot)
* Close pull request 461 - Allow string as delivery_method (skyeagle, radar)
* Close pull request 407 - Do not require Net::IMAP or Net::POP if they're already loaded (bpot)
* Close pull request 400 - Raise exception if delivery values or from values are missing completely from an email that is getting delivered (dmathieu)
* Close pull request 397 - Support dots in local part of the addresses (eac)
* Close pull request 477 - Fixed handling content_type with superfluous spaces (ledermann)
* Close pull request 451 - Ignore nil in addresses so things do not blow up when e.g. a user had no email (grosser)
* Close pull request 362 - Enable TLS in Ruby 1.8 (kingargyle)
* Close pull request 358 - Fix Mail::CommonAddress#value=, Mail::CommonAddress#<< and Mail::Encodings.encode_non_usascii (mrkn)
* Close pull request 350 - Makes mail Header object ennumerable (ged)
Performance:
* Close pull request 369 - Mail::Header#charset is called pretty often during header parser work (bogdan)
* Close pull request 368 - Improve existing code by moving some objects to contstant instead of constructing them over and over again. (bogdan)
* Close pull request 366 - Headers parsing performance optimization (bogdan)
* Close pull request 365 - Add maximum_amount of parsed headers configuration parameter (bogdan)
Bugs:
* Close pull request 444 - Fix typo in spec (cczona)
* Close pull request 439 - Fix Ruby 1.9 behaviour to match 1.8.7 behaviour on ignoring invalid or undefined characters (ochko)
* Close pull request 430 - Unstructured field converts to string before calling encoding on it (brupm mikel)
* Close pull request 424 - Use String#to_crlf instead of String#gsub (okkez)
* Close pull request 429 - Fix an obvious bug in exim delivery_method (dskim)
* Close pull request 425 - Remove Gemfile.lock from generated gem (kbackowski)
* Close pull request 414 - Fix typo on "ignoring" (derwiki)
* Close pull request 405 - Fix stack overflow (RegexpError) triggered by large emails with an envelope (bpot)
* Close pull request 402 - Prevent InReplyTo, Keyword, References or ResentMessageId fields from generating lines longer than 998 chars (pplr)
* Close pull request 391 - Fixed failed attachment parsing when file name in headers contains spaces and is not wrapped in quotes (danieltreacy)
* Close pull request 385 - Fix Multibyte::Chars#upcase/downcase (technoweenie)
* Close pull request 384 - copy dat unicode over from active support (technoweenie)
* Close pull request 380 - Split strictly on MIME boundary lines (ConradIrwin)
* Close pull request 277 - Fix specific email decoding failure example (yalab)
* Close pull request 361 - Support 8bit encoding for ruby 1.9 (bogdan)
* Close pull request 346 - Fix two bugs of TestRetriever (ermaker)
* Close pull request 337 - Make the behavior of value_decode the same between Ruby 1.8 and Ruby 1.9. (kennyj)
* Close pull request 336 - Fix more warning: possibly useless use of == in void context (kennyj)
* Close pull request 293 - make charset and mime type more resliant to bad header values (kmeehl)
* Fix failing spec Issue 453 on Ruby 1.9.3
* Fix mail reading: don't raise invalid byte sequence in UTF-8 when reading non-UTF-8 emails (mreinsch)
* Close pull request 353 - define NilClass#blank? only if not defined yet (amatsuda)
* Close pull request 357 - Fixes#349 an inverted condition on imap open read_only (felixroeser)
* Remove duplicated line feed from regexp
* Remove unused variable
* Updated IMAP documentation
* Tweak publisher
objects, so provide a dummy file which will always get included to avoid
issues on systems where you are not allowed an empty library. Noticed
by tron.
Bump PKGREVISION.
