and krb5 options. These are disabled by default, so bump PKGREVISION to 4
because the package was previously finding and using both libraries.
Also forbid the usage of krb[45] options together with ssl. This fixes a
crash when using SSL, because the Mozilla NSS libraries and libcrypto (used
by Kerberos) have functions with the same name. I don't know why this
worked for me in the first place, but it doesn't any more.
Changes:
* The new filtering system, which has many new features, has been
implemented.
* The handling of 'New' flags for messages has been modified.
* The spool path setting can now take both file and directory.
* Invalid URIs used by DnD has been fixed.
* Other bugfixes have been made.
Version 3.2.1 is a maintenance release and contains bugfixes to v3.2.0 only.
BUGFIX: PGP Messages cause pop3filter to hang
BUGFIX: Invalid read of free()'d memory caused by parsing multi-line headers
BUGFIX: SQLite driver fails to call PRAMA specified in dspam.conf
BUGFIX: MySQL generates DUPLICATE KEY errors on simultaneous inserts
BUGFIX: Memory leaks in dspam_clean
BUGFIX: dspam_clean crashes with SQLite driver
BUGFIX: Signatures include leading whitespace when in loose match
BUGFIX: Some versions of PostgreSQL don't support PQfreemem()
BUGFIX: Memory mishandling in PostgreSQL driver
BUGFIX: Message delimiters mangled when processing a PGP signed message
BUGFIX: --with-delivery-agent configure option no longer present
BUGFIX: Default log directory /var/log not writable by some installs
BUGFIX: Man page installation doesn't prefix with $(DESTDIR)
BUGFIX: Emails ending with http:// cause invalid memory read
Changes:
- Added CLIENT and SERVER variables to VirusAction script environment.
- Even better logging for network errors.
- Print out clamsmtp version in debug logs
- Allow configuration of server keep alives (NOOPs). Default to none
- Add SSL support when the 'ssl' option is set.
- Use the options framework to handle ipv6 support ('ipv6' option).
- Fix permissions of files copied into the user directory from the data
directory under /usr/pkg (i.e., give write permissions to them).
Otherwise, the sample Inbox folder is copied with mode 444 and you get
multiple warnings from Evolution saying that it can't update the folder.
Evolution 2.x is - at last - usable!
so that we'd not force dependance on specific MySQL version, and instead pick
the currently installed mysql*-client (or install the default if there
is no mysql-client package installed yet)
this makes package buildable with arbitrary MySQL version, such as 3.23.x,
4.0.x or 4.1.x
so that we'd not force dependance on specific MySQL version, and instead pick
the currently installed mysql*-client (or install the default if there
is no mysql-client package installed yet)
this makes package buildable with arbitrary MySQL version, such as 3.23.x,
4.0.x or 4.1.x
- dspam.conf can contain sensitive information such as SQL
username/password accounts. So change ownership to root:dspam and mode to
0640.
- The cgi template cgi/templates/nav_performance.html contains a
@yourdomain.com which should be customised on install.
Added an extra BUILD_DEFS called DSPAM_DOMAIN to allow users to do this.
ok'ed xtraeme@
[11.13] released 10/27/04
* Backslashes outside a quoted command argument are now handled properly.
* For junk mail detection, the characters '_', '#', '&', and '%' are now
considered as word constituents. Also the '/' character is kept if it
occurs between digits, and the ';' character if a '&' was previously
encountered within the same word.
* For junk mail detection, fields of MIME part headers are now handled like
fields of the main header.
* For junk mail detection, most HTML tags are now ignored, similar to the
proposal in Paul Graham's 'Better Bayesian Filtering'. Also, the top and
bottom probabilities are now adjusted to the number of messages used for
building the database.
* When the junk mail database is updated, it is now truncated beyond the
last byte just written. Previously, stale data could have remained after
this point, which was no problem for nail itself, but could make zcat(1)
fail on the file.
* In the junk mail database, hashes of 56 bits are now used to represent
words. A side-effect is that it is possible to test for occurences of
given words with a higher certainty.
* To take advantage of the changes to the junk mail recognition method,
you have to delete your junk mail database and have to create it again.
* The new 'probability' command prints the junk statistics for given words.
* The 'answered', 'classify, 'draft', 'flag', 'good', 'junk', 'undraft',
'unflag', and 'unkill' command now make their argument the current
message. This is now also done by the 'score' command unless the new
score of the message is negative.
* Very old versions of OpenSSL are now detected by the configuration script.
OpenSSL code will not be included if the version is too old (Bugreport by
Thomas Voegtle).
Changes:
* Portability fixes
* Documentation fixes
* '-M' allows processing 1 msg-count file with multiple messages.
Otherwise allow multiple msg-count files with 1 message in each.
* Allow only one of '-d' and '-D' options for bogotune.
* Remove check for bogohome since it breaks "bogotune -D".
* Ignore 'X-Bogosity' lines in mime attachments.
* Bogotune now warns when using '-E' to suppress ESF checking
and non 1.0 esf values are read from the config file.
* Limit bogotune's scanning to rx values between 0.4 and 0.6.
* Fix a potential crash on malformatted input (writing a NUL byte to
the wrong place) in the RFC-2047 decoder. Reported by Clint Adams.
* bogofilter will now properly exit with code 3 when encountering write
errors in pass-through mode. It would use the wrong code, 2, since
the introduction of the "unsure" exit code.
* Properly flush existing data before changing I/O buffer size. Fixes
t.bogodir failure seen, for instance, on Solaris, particularly with
-D and redirected output.
Changes:
- Removed user option from startup script (use User config option)
- Don't send lines that are too long to syslog [Ben Mesman]
- Stable release
environment (affects the libical library). The later does not really remove
it under NetBSD (only leaves it blank), thus making programs get the wrong
timezone (always UTC).
This problem exposes, for example, in the GNOME Clock applet. The time is
fine until you open the calendar (clicking on the applet). After that, the
clock is converted to UTC and there is no way to reverse it, other than
killing the running process (i.e., starting over with a clean environment).
Bump PKGREVISION to 2.
Changes from 11.11 include:
* Blank characters between MIME encoded words in header fields are now
discarded for display purposes as demanded by RFC 2047.
* Unless the 'fullnames' variable was set, nail did not generate 'To' header
fields when replying to messages since version 11.5 (Bugreport by Bob
Tennent).
* An internal problem in the token scanning for junk mail detection has been
fixed; the end of the mail header was not always correctly determined.
* Special characters in IMAP or POP3 account strings like 'imap://user@host'
can now be escaped using URL notation, e.g. 'foo%2Fbar' for 'foo/bar'. It
was previously not possible to use these characters. This is a slightly
incompatible change as the '%' character must now also be escaped, as
'%25'. (Bugreport by Thomas Wolff.)
* The system mailbox is now locked using fcntl(2) for reading too (Problem
reported by Thomas Wolff).
* When new mail arrives in an IMAP mailbox, the current message is now
properly advanced by the 'next' command if it has been printed before.
* If neither the host name nor the user's email address can be determined,
no Message-ID fields are generated.
* The empty string is now accepted as a message subject for sending.
* Fixed two format string vulnerabilities (die() and log_event()) (Closes: #243945)
* Segfaults when trying to send mail with authenticated smtp (Closes: #261975)
* Make address rewriting possible to disable (Closes: #146238)
* Add AuthUser, AuthPass, AuthMethod to configuration file (Closes: #249905)
* Logic to choose cram-md5 authentication is backwards (Closes: #249907)
* SSMTP builds with MD5 support but during the exchange it segfaults (Closes: #249203)
* The source compilaton fails if ./configure --enable-logfile is selected (Closes: #242905)
* SSL/TLS support cannot handle STARTTLS (Closes: #244666)
* Creates bad date headers on some systems (Closes: #230864)
* Fix 'MAIL FROM' problems with cron and the like setting bad 'From:'
address when FromLineOverride=YES is set (Closes: #205513)
* Update version string in ssmtp.c (Closes: #198763)
* Work around missing spaces in headers (Closes: #192445)
Version 3.2 adds many significant enhancements, these include the
introduction of a dspam.conf master configuration, an aesthetically
redesigned web interface, support for SQLite, support for Windows, and
and many other enhancements.
More information:
http://www.nuclearelephant.com/projects/dspam/text/RELEASE-3.2.0.txt
pkgsrc changes:
* Default storage driver has been changed to SQLite, to sync with dspam's
defaults.
* Deprecated options has been removed totally, now you'll have to specify
them via PKG_OPTIONS.dspam=foo bar baz.
Version 4.1.5
13 September 2004
-getmail would not delete messages from the server if it was configured not
to retrieve them and the delete_after directive was not in use (i.e. user
normally left messages on server but occasionally wanted to force-delete
them). Fixed. Thanks: Frankye Fattarelli.
Version 4.2.0
18 September 2004
-SECURITY: previous versions of getmail contain a security vulnerability.
A local attacker with a shell account could exploit a race condition (or a
similar symlink attack) to cause getmail to create or overwrite files in a
directory of the local user's choosing if the system administrator ran getmail
as root and delivered messages to a maildir or mbox file under the control of
the attacker, resulting in a local root exploit. Fixed in versions 4.2.0
and 3.2.5.
This vulnerability is not exploitable if the administrator does not deliver
mail to the maildirs/mbox files of untrusted local users, or if getmail is
configured to use an external unprivileged MDA. This vulnerability is
not remotely exploitable.
Thanks: David Watson. My gratitude to David for his work on finding and
analyzing this problem.
-Now, on Unix-like systems when run as root, getmail forks a child
process and drops privileges before delivering to maildirs or mbox files.
getmail will absolutely refuse to deliver to such destinations as root;
the uid to switch to must be configured in the getmailrc file.
-revert behaviour regarding delivery to non-existent mbox files. Versions
4.0.0 through 4.1.5 would create the mbox file if it did not exist; in
versions 4.2.0 and up, getmail reverts to the v.3 behaviour of refusing
to do so.
Version 4.2.1
8 October 2004
-set message attributes on corrupt container objects to prevent problems
with destinations that expect multidrop-retrieved messages.
Thanks: Harry Wearne.
-move tests for existence of file from mbox destination initialization
to delivery method, and change error from configuration to delivery error.
Thanks: David Watson.
Version 4.2.2
11 October 2004
-in child delivery processes, change real as well as effective uid/gid.
Thanks: David Watson.
-handle corrupted oldmail file better. Thanks: Matthias Andree.
v0.99.11 2004-09-04 Timo Sirainen <tss@iki.fi>
+ 127.* and ::1 IP addresses are treated as secured with
disable_plaintext_auth = yes
+ auth_debug setting for extra authentication debugging
+ Some documentation and error message updates
+ Create PID file in /var/run/dovecot/master.pid
+ home setting is now optional in static userdb
+ Added mail setting to static userdb
- After APPENDing to selected mailbox Dovecot didn't always notice the
new mail immediately which broke some clients
- THREAD and SORT commands crashed with some mails
- If APPENDed mail ended with CR character, Dovecot aborted the saving
- Output streams sometimes sent data duplicated and lost part of it.
This could have caused various strange problems, but looks like in
practise it rarely caused real problems.
