Version 1.0.23:
- No significant changes.
Version 1.0.22:
- A new command 'received_header' with a corresponding '--received-header'
option allows to disable the default Received header if required.
- A new command 'passwordeval' with a corresponding '--passwordeval' option
allows to set the password to the output of a command.
Version 1.0.21:
- No significant changes.
Version 1.0.20:
- Added support for authentication mechanism SCRAM-SHA-1 via GNU SASL.
- The new command tls_fingerprint allows one to trust one particular TLS
certificate, in case tls_trust_file cannot be used for some reason.
- The new script mpop-gnome-tool.py manages Gnome Keyring passwords for mpop.
Version 1.0.19:
- When using OpenSSL, mpop now correctly handles NUL characters in the Common
Name and Subject Alternative Name fields of certificates. This fixes a
security problem. Note that mpop is not affected by this problem if GnuTLS is
used.
- Mpop can now handle mail boxes larger than 2 GiB on 32bit systems. Previously,
this only worked on 64bit systems.
Version 1.0.18:
- Delivery to MS Exchange pickup directories is now supported, thanks to Julien
Larigaldie.
Version 1.0.17:
- No significant changes.
Version 1.0.16:
- Mpop now also reads SYSCONFDIR/netrc if the password was not found in
~/.netrc.
- Support for the GNOME keyring was added by Satoru SATOH.
Version 1.0.15:
- This version fixes two bad bugs that prevented mpop from correctly retrieving
mails under certain cicumstances.
Version 1.0.14:
- The configuration command tls_crl_file was added. This allows to use
certificate revocation lists (CRLs) during certificate verification.
- The configuration command tls_min_dh_prime_bits was added. This is needed to
use TLS/SSL with servers that use a small Diffie-Hellman (DH) prime size.
- The configuration command tls_priorities was added. This allows to fine tune
TLS/SSL session parameters.
Version 1.0.13:
- Support for the Mac OS X keychain was added by Jay Soffian.
so that we don't have any '#' chars in it.
Avoids the following:
% grep COMMENT Makefile
COMMENT= Cryptographic store accessible through a PKCS#11 interface
% pkg_info softhsm
Information for softhsm-1.2.0:
Comment:
Cryptographic store accessible through a PKCS
Experimental version released on March 31st, 2011.
This is the first release after the creation of the Kyua project, a more
modular and reliable replacement for ATF. From now on, ATF will change to
accomodate the transition to this new codebase, but ATF will still continue
to see development in the short/medium term. Check out the project page at
http://code.google.com/p/kyua/ for more details.
The changes in this release are:
* Added support to run the tests with the Kyua runtime engine (kyua-cli), a
new package that aims to replace atf-run and atf-report. The ATF tests
can be run with the new system by issuing a 'make installcheck-kyua' from
the top-level directory of the project (assuming the 'kyua' binary is
available during the configuration stage of ATF).
* atf-run and atf-report are now in maintenance mode (but *not* deprecated
yet!). Kyua already implements a new, much more reliable runtime engine
that provides similar features to these tools. That said, it is not
complete yet so all development efforts should go towards it.
* If GDB is installed, atf-run dumps the stack trace of crashing test
programs in an attempt to aid debugging. Contributed by Antti Kantee.
* Reverted default timeout change in previous release and reset its value
to 5 minutes. This was causing several issues, specially when running
the existing NetBSD test suite in qemu.
* Fixed the 'match' output checker in atf-check to properly validate the
last line of a file even if it does not have a newline.
* Added the ATF_REQUIRE_IN and ATF_REQUIRE_NOT_IN macros to atf-c++ to
check for the presence (or lack thereof) of an element in a collection.
* PR bin/44176: Fixed a race condition in atf-run that would crash atf-run
when the cleanup of a test case triggered asynchronous modifications to
its work directory (e.g. killing a daemon process that cleans up a pid
file in the work directory).
* PR bin/44301: Fixed the sample XSLT file to report bogus test programs
instead of just listing them as having 0 test cases.
bugs and security fix release.
Changes to the Cyrus IMAP Server since 2.4.6
* Fixed Bug #3357 - lmtpd offering STARTTLS in pre-authorized mode.
* Fixed Bug #3392 - allowing INBOX.INBOX to be created if the case
didn't match
* Fixed Bug #3404 - incorrect LIST "" "user" response
* Fixed Bug #3417 - crash on zero-byte quota file
* Fixed numberous bugs with mailbox upgrades
* Fixed replication errors, which have been reported many times on
the mailing list, but don't have bug numbers.
* Increated "paranoia" about record ordering in mailbox, which would
have detected some bad bugs in replication that caused the infinite
runaway mailbox filling reported in 2.4.6 and below
* Increased syslogging detail about replication issues
* Fixed reconstruct crash with zero-byte index file
* Fixed cyradm perl library path finding
* Fixed incorrect use of LITERAL+ formats in our responses to
clients. Unreported, but could be causing wierd hard-to-track-down
bugs out there
* Fixed append immediately on create
* Upgraded Unicode database to version 6.0
* Fixed reconstruct crash on folder names with many digits (i.e. ebay
auction numbers)
* Fixed reconstruct crash with file called '0.'
* Made reconstruct '-n' option actually exist, as advertised in the
man page
* Fixed bug #3423 - STARTTLS plaintext command injection
vulnerability
* Bug #3382 Added "failedloginpause" config option
* Bugs #3383/3385 Removed some obsolete config options
* Bug #3389 $confdir/proc not created on the fly
* Bug #3394 fix imtest parsing of MECHLIST
* Bug #3399 fix with_ldap option default
* Bug #3307 fix mbpath crash on remote mailbox
* Bug #3420 use getpassphrase on Solaris, now passwords over 8
characters long work with cyrus tools
* Bug #3400 and others - lots of bugs with XFER between different
versions in murder clusters fixed, including a bug that caused only
mailboxes with zero messages to be rejected for upgrade
* Bug #3391 fix rename which just moves between partitions
* Bug #3103 fix imtest using plain authentication when it must not
* Bug #3426 fix TLS on sockets other than stdin
* Added support for BDB versions 5 and above
as library path instead of the source tree. install the tries to relink
the target with the new path, which fails because the just-installed
libraries are not in the buildlink directory.
Just don't rebuild makefiles, the run-time search path has been fixed
by buildlink already.
should fix PR 43385. OK wiz@
* Yaml formatted setup files are now produced by default.
(Perl formatted setup files can still be used.)
* Add timezone setting in setup file. This alows time zone to be configured
via the web.
* comment: Better fix to avoid showing comments of subpages, while
not breaking manual inlining of comments.
* meta: Security fix; don't allow alternative stylesheets to be added
on pages where the htmlscrubber is enabled.
(Updating this leaf package during the freeze for the security and
bug fixes.)
