Changelog:
0.05 2014-02-16
- Correct typos in documentation; no functionality changes
0.04 2014-02-03
- Update minimum perl version to 5.10, because of use of ++ quantifier
0.03 2014-01-22
- Include documentation updates present in the released version of
0.01, but never checked into the repository
0.02 2014-01-15
- Prevent a quadratic-time check when the provided string did not
contain a valid address
Notmuch 0.18.1 (2014-06-25)
===========================
This is a bug fix and portability release.
Build System
------------
Add a workaround for systems without zlib.pc
Make emacs install robust against the non-existence of emacs
Put notmuch lib directory first in RPATH
Fix handling of html_static_path in sphinx
Both the python bindings and the main docs had spurious settings of
this variable.
Test Suite
----------
Use --quick when starting emacs
This avoids a hang in the T160-json tests.
Allow pending break points in atomicity script
This allows the atomicity tests to run on several more architectures/OSes.
Command-Line Interface
----------------------
To improve portability use fsync instead of fdatasync in
`notmuch-dump`. There should be no functional difference.
Library changes
---------------
Resurrect support for single-message mbox files
The removal introduced a bug with previously indexed single-message
mboxes. This support remains deprecated.
Fix for phrase indexing
There were several bugs where words intermingled from different
headers and MIME parts could match a single phrase query. This fix
will affect only newly indexed messages.
Emacs Interface
---------------
Make sure tagging on an empty query is harmless
Previously tagging an empty query could lead to tags being
unintentionally removed.
Notmuch 0.18 (2014-05-06)
=========================
Overview
--------
This new release includes some enhancements to searching for messages
by filesystem location (`folder:` and `path:` prefixes under *General*
below). Saved searches in *Emacs* have also been enhanced to allow
distinct search orders for each one. Another enhancement to the
*Emacs* interface is that replies to encrypted messages are now
encrypted, reducing the risk of unintentional information disclosure.
The default dump output format has changed to the more robust
`batch-tag` format. The previously deprecated parsing of single
message mboxes has been removed. For detailed release notes, see
below.
General
-------
The `folder:` search prefix now requires an exact match
The `folder:` prefix has been changed to search for email messages
by the exact, case sensitive maildir or MH folder name. Wildcard
matching (`folder:foo*`) is no longer supported. The new behaviour
allows for more accurate mail folder based searches, makes it
possible to search for messages in the top-level folder, and should
lead to less surprising results than the old behaviour. Users are
advised to see the `notmuch-search-terms` manual page for details,
and review how the change affects their existing `folder:` searches.
There is a new `path:` search prefix.
The new `path:` search prefix complements the `folder:` prefix. The
`path:` prefix searches for email messages that are in particular
directories within the mail store, optionally recursively using a
special syntax. See the `notmuch-search-terms` manual page for
details.
Notmuch database upgrade due to `folder:` and `path:` changes
The above mentioned changes to the `folder:` prefix and the addition
of `path:` prefix require a Notmuch database upgrade. This will be
done automatically, without prompting on the next time `notmuch new`
is run after the upgrade. The upgrade is not reversible, and the
upgraded database will not be readable by older versions of
Notmuch. As a safeguard, a database dump will be created in the
`.notmuch` directory before upgrading.
Library changes
---------------
Notmuch database upgrade
The libnotmuch consumers are reminded to handle database upgrades
properly, either by relying on running `notmuch new`, or checking
`notmuch_database_needs_upgrade()` and calling
`notmuch_database_upgrade()` as necessary. This has always been the
case, but in practise there have been no database upgrades in any
released version of Notmuch before now.
Support for indexing mbox files has been dropped
There has never been proper support for mbox files containing
multiple messages, and the support for single-message mbox files has
been deprecated since Notmuch 0.15. The support has now been
dropped, and all mbox files will be rejected during indexing.
Message header parsing changes
Notmuch previously had an internal parser for message headers. The
parser has now been dropped in favour of letting GMime parse both
the headers and the message MIME structure at the same pass. This is
mostly an internal change, but the GMime parser is stricter in its
interpretation of the headers. This may result in messages with
slightly malformed message headers being now rejected.
Command-Line Interface
----------------------
`notmuch dump` now defaults to `batch-tag` format
The old format is still available with `--format=sup`.
`notmuch new` has a --quiet option
This option suppresses the progress and summary reports.
`notmuch insert` respects maildir.synchronize_flags config option
Do not synchronize tags to maildir flags in `notmuch insert` if the
user does not want it.
The commands set consistent exit status codes on failures
The cli commands now consistently set exit status of 1 on failures,
except where explicitly otherwise noted. The notable expections are
the status codes for format version mismatches for commands that
support formatted output.
Bug fix for checking configured new.tags for invalid tags
`notmuch new` and `notmuch insert` now check the user configured
new.tags for invalid tags, and refuse to apply them, similar to
`notmuch tag`. Invalid tags are currently the empty string and tags
starting with `-`.
Emacs Interface
---------------
Init file
If the file pointed by new variable `notmuch-init-file` (typically
`~/.emacs.d/notmuch-config.el`) exists, it is loaded at the end of
`notmuch.el`. Users can put their personal notmuch emacs lisp based
configuration/customization items there instead of filling
`~/.emacs` with these.
Changed format for saved searches
The format for `notmuch-saved-searches` has changed, but old style
saved searches are still supported. The new style means that a saved
search can store the desired sort order for the search, and it can
store a separate query to use for generating the count notmuch
shows.
The variable is fully customizable and any configuration done
through customize should *just work*, with the additional options
mentioned above. For manual customization see the documentation for
`notmuch-saved-searches`.
IMPORTANT: a new style notmuch-saved-searches variable will break
previous versions of notmuch-emacs (even search will not work); to
fix remove the customization for notmuch-saved-searches.
If you have a custom saved search sort function (not unsorted or
alphabetical) then the sort function will need to be
modified. Replacing (car saved-search) by (notmuch-saved-search-get
saved-search :name) and (cdr saved-search) by
(notmuch-saved-search-get saved-search :query) should be sufficient.
The keys of `notmuch-tag-formats` are now regexps
Previously, the keys were literal strings. Customized settings of
`notmuch-tag-formats` will continue to work as before unless tags
contain regexp special characters like `.` or `*`.
Changed tags are now shown in the buffer
Previously tag changes made in a buffer were shown immediately. In
some cases (particularly automatic tag changes like marking read)
this made it hard to see what had happened (e.g., whether the
message had been unread).
The changes are now shown explicitly in the buffer: by default
deleted tags are displayed with red strike-through and added tags
are displayed underlined in green (inverse video is used for deleted
tags if the terminal does not support strike-through).
The variables `notmuch-tag-deleted-formats` and
`notmuch-tag-added-formats`, which have the same syntax as
`notmuch-tag-formats`, allow this to be customized.
Setting `notmuch-tag-deleted-formats` to `'((".*" nil))` and
`notmuch-tag-added-formats` to `'((".*" tag))` will give the old
behavior of hiding deleted tags and showing added tags identically
to tags already present.
Version variable
The new, build-time generated variable `notmuch-emacs-version` is used
to distinguish between notmuch cli and notmuch emacs versions.
The function `notmuch-hello-versions` (bound to 'v' in notmuch-hello
window) prints both notmuch cli and notmuch emacs versions in case
these differ from each other.
This is especially useful when using notmuch remotely.
Ido-completing-read initialization in Emacs 23
`ido-completing-read` in Emacs 23 versions 1 through 3 freezes unless
it is initialized. Defadvice-based *Ido* initialization is defined
for these Emacs versions.
Bug fix for saved searches with newlines in them
Split lines confuse `notmuch count --batch`, so we remove embedded
newlines before calling notmuch count.
Bug fixes for sender identities
Previously, Emacs would rewrite some sender identities in unexpected
and undesirable ways. Now it will use identities exactly as
configured in `notmuch-identities`.
Replies to encrypted messages will be encrypted by default
In the interest of maintaining confidentiality of communications,
the Notmuch Emacs interface now automatically adds the mml tag to
encrypt replies to encrypted messages. This should make it less
likely to accidentally reply to encrypted messages in plain text.
Reply pushes mark before signature
We push mark and set point on reply so that the user can easily cut
the quoted text. The mark is now pushed before the signature, if
any, instead of end of buffer so the signature is preserved.
Message piping uses the originating buffer's working directory
`notmuch-show-pipe-message` now uses the originating buffer's
current default directory instead of that of the `*notmuch-pipe*`
buffer's.
nmbug
-----
nmbug adds a `clone` command for setting up the initial repository and
uses `@{upstream}` instead of `FETCH_HEAD` to track upstream changes.
The `@{upstream}` change reduces ambiguity when fetching multiple
branches, but requires existing users update their `NMBGIT`
repository (usually `~/.nmbug`) to distinguish between local and
remote-tracking branches. The easiest way to do this is:
1. If you have any purely local commits (i.e. they aren't in the
nmbug repository on nmbug.tethera.net), push them to a remote
repository. We'll restore them from the backup in step 4.
2. Remove your `NMBGIT` repository (e.g. `mv .nmbug .nmbug.bak`).
3. Use the new `clone` command to create a fresh clone:
nmbug clone http://nmbug.tethera.net/git/nmbug-tags.git
4. If you had local commits in step 1, add a remote for that
repository and fetch them into the new repository.
== [release-2-0-4] 2.0.4: 2014-06-20
A bug fix release of 2.0.3
=== Ruby milter
==== Improvements
* Add Milter::Client::Test::MilterRunner
* Add Milter::Client::EnvelopeAddress
==== Fixes
* Fix the bug that milter written in Ruby cannot finish properly on multiple
CPU environment
This should be the last update during the freeze.
PR/48566 - Emmanuel Dreyfus -- typo in patch-aw leading to build failure
PR/48913 - Matthias Scheler -- libmilter fails on unprivileged builds
- remove some HTML cruft from netbsd-proto.mc
- stop trying to set file ownership and group during stage-install
- initialize sm_res earlier and test before calling res_ninit()
- clear SSL_OP_TLSEXT_PADDING by defualt to fix interoperability issues
- eliminate stray call to res_search()
- verified with nm that all deprecated resolver functions have been eradicated
The above should address the folling PRs:
- PR/47207 - Richard Palo -- attempt to set ownership when unprivileged
- PR/48566 - Emmanuel Dreyfus -- problem with TLS timeouts
- PR/48913 - Matthias Scheler -- attempt to set ownership when unprivileged
pkgsrc changes:
- consolidate several patches into site.config.m4
- pkgsrc LDFLAGS should always be used
- don't bother specifying file owner/group anywhere except in Makefile
- create include/sm/os/sm_os_netbsd.h to fix warnings and OS specific stuff
- install mail.local and rmail
- convert to use res_n* functions
- allows for linking against threaded libraries
- add a TODO file
- PR/35249 - Loren M. Lang
- can't find libraries on Linux, this should be fixed by using pkgsrc LDFLAGS
- PR/46694 - Makoto Fujiwara
- bring back netbsd-proto.mc from when sendmail was part of the base system
- PR/47207 - Richard Palo
- let pkgsrc infrastructure handle file ownership and group
- PR/48566 - Emmanuel Dreyfus
- always set _FFR_USE_GETPWNAM_ERRNO on NetBSD
- roll ffr_tls_1 and the suggested ffr_tls_ec into one new ffr_tls option
- not enabled by default because it changes behaviour
8.14.9/8.14.9 2014/05/21
SECURITY: Properly set the close-on-exec flag for file descriptors
(except stdin, stdout, and stderr) before executing mailers.
Fix a misformed comment in conf.c: "/*" within comment
which may cause a compilation error on some systems.
Problem reported by John Beck of Oracle.
DEVTOOLS: Fix regression in auto-detection of libraries when only
shared libraries are available. Problem reported by
Bryan Costales.
Changelog
---------
2.1.18-1 (06-May-2014)
Bug fixes and other patches
- A critical incompatibility between the DMARC Wrap Message action and
Python versions older than 2.6.x for some x <= 5 existed and caused
Wrapped message to be shunted. This is fixed. (LP: #1316682)
- Sender: headers are no longer removed in from_is_list Munge From
actions. (LP: #1315970)
2.1.18 (03-May-2014)
Acknowledgements
- Thanks to Jim Popovitch and Phil Pennock for the branch that formed the
basis of the dmarc_moderation_action feature.
- Thanks to Franck Martin et al for the branch that formed the basis of
the from_is_list feature.
Dependencies
- There is a new dependency associated with the new Privacy options ->
Sender filters -> dmarc_moderation_action feature discussed below.
This requires that the dnspython <http://www.dnspython.org/> package
be available in Python. This package can be downloaded from the above
site or from the CheeseShop <https://pypi.python.org/pypi/dnspython/>
or installed with pip.
New Features
- The from_is_list feature introduced in 2.1.16 is now unconditionally
available to list owners. There is also, a new Privacy options ->
Sender filters -> dmarc_moderation_action feature which applies to list
messages where the From: address is in a domain which publishes a DMARC
policy of reject or possibly quarantine. This is a list setting with
values of Accept, Wrap Message, Munge From, Reject or Discard. There is
a new DEFAULT_DMARC_MODERATION_ACTION configuration setting to set the
default for this, and the list admin UI is not able to set an action
which is 'less' than the default. The prior ALLOW_FROM_IS_LIST setting
has been removed and is effectively always Yes. There is a new
dmarc_quarantine_moderation_action list setting with default set by a
new DEFAULT_DMARC_QUARANTINE_MODERATION_ACTION configuration setting
which in turn defaults to Yes. The list setting can be set to No to
exclude domains with DMARC policy of quarantine from
dmarc_moderation_action.
dmarc_moderation_action and from_is_list interact in the following way.
If the message is From: a domain to which dmarc_moderation_action applies
and if dmarc_moderation_action is other than Accept,
dmarc_moderation_action applies to that message. Otherwise the
from_is_list action applies.
Also associated with dmarc_moderation_action are configuration settings
DMARC_RESOLVER_TIMEOUT and DMARC_RESOLVER_LIFETIME. These are described
in more detail in Defaults.py. There are also new vette log entries
written when dmarc_moderation_action is found to apply to a post.
i18n
- Added missing <mm-digest-question-start> tag to French listinfo template.
(LP: #1275964)
Bug Fixes and other patches
- Removed HTML tags from the title of a couple of rmlist.py pages because
browsers don't render tags in the title. (LP: #265848)
- Most Mailman generated notices to list owners and moderators are now
sent as Precedence: list instead of bulk. (LP: #1313146)
- The Reply-To: munging options weren't honored if there was no
from_is_list action. (LP: #1313010)
- Changed from_is_list actions to insert the list address in Cc: if the
list is fully personalized. Otherwise, the list address is only in
From: and Reply-To: overrides it. (LP: #1312970)
- Fixed the Munge From action to only Munge the From: and/or Reply-To: in
the outgoing message and not in archives, digests and messages sent via
the usenet gateway. (LP: #1311431)
- Fixed a long standing issue in which a notice sent to a user whose
language is other than that of the list can cause subsequent things
which should be in the list's language to be in the user's language
instead. (LP: #1308655)
- Fixed the admin Membership List so a search string if any is not lost
when visiting subsequent fragments of a chunked list. (LP: #1307454)
- For from_is_list feature, use email address from original From: if
original From: has no display name and strip domain part from resultant
names that look like email addresses. (LP: #1304511)
- Added the list name to the vette log "held message approved" entry.
(LP: 1295875)
- Added the CGI module name to various "No such list" error log entries.
(LP: 1295875)
- Modified contrib/mmdsr to report module name if present in "No such list
error log entries.
- Fixed a NameError exception in cron/nightly_gzip when it tries to print
the usage message. (LP: #1291038)
- Fixed a bug in ListAdmin._handlepost that would crash when trying to
preserve a held message for the site admin if HOLD_MESSAGES_AS_PICKLES
is False. (LP: #1282365)
- The from_is_list header munging feature introduced in Mailman 2.1.16 is
no longer erroneously applied to Mailman generated notices.
(LP: #1279667)
- Changed the message from the confirm CGI to not indicate approval is
required for an acceptance of an invitation. (LP: #1277744)
- Fixed POSTFIX_STYLE_VIRTUAL_DOMAINS to be case-insensitiive.
(LP: #1267003)
- Added recognition for another simple warning to bounce processing.
(LP: #1263247)
- Fixed a few failing tests in tests/test_handlers.py. (LP: #1262950)
- Fixed bin/arch to not create scrubbed attachments for messages skipped
when processing the --start= option. (LP: #1260883)
- Fixed email address validation to do a bit better in obscure cases.
(LP: #1258703)
- Fixed a bug which caused some authentication cookies to expire too soon
if AUTHENTICATION_COOKIE_LIFETIME is non-zero. (LP: #1257112)
- Fixed a possible TypeError in bin/sync_members introduced in 2.1.17.
(LP: #1243343)
Miscellaneous
- Added to the contrib directory, a script from Alain Williams to count
posts in a list's archive.
2.1.17 (23-Nov-2013)
New Features
- Handling of posts gated from usenet to a list via the Mail <-> News
gateway is changed. Formerly, no list membership, moderation or
*_these_nonmembers checks were done. Now, if the sender of the usenet
post is a moderated member or a nonmember matching a *_these_nonmembers
filter, those checks will be done and actions applied. Nonmember posts
from senders not matching a *_these_nonmembers filter are still accepted
as before. (LP: #1252575)
- There is a new mm_cfg.py setting ANONYMOUS_LIST_KEEP_HEADERS. Since it
is not possible to know which non-standard headers in a message might
reveal sender information, we now remove all headers from incoming posts
to anonymous lists except those which match regular expressions in this
list. The default setting keeps non X- headers except those known to
reveal sender information, Mailman added X- headers and x-Spam- headers.
See the description in Defaults.py for more information. (LP: #1246039)
i18n
- The Japanese message catalog has been updated by SATOH Fumiyasu.
(LP: #1248855)
Bug Fixes and other patches
- Added a reopen command to the sample init.d script in misc/mailman.in.
(LP: #1251917)
- Fixed a misspelling in Tagger.py causing an "unexpected keyword argument
'Delete'" exception. (LP: #1251495)
- Fixed contrib/qmail-to-mailman.py to work with a user other than
'mailman' and to recognize more listname-* addresses. (LP: #412293)
- Fixed a possible UnicodeDecodeError in bin/sync_members. (LP: #1243343)
- Fixed Makefile to not include $DESTDIR in paths compiled into .pyc
files for traceback purposes. (LP: #1241770)
2.1.16 (16-Oct-2013)
New Features
- There is a new list attribute from_is_list to either rewrite the From:
header of posts replacing the posters address with that of the list or
wrap the message in an outer message From: the list for compatability
with DMARC and or ADSP. There is a new mm_cfg.py setting
DEFAULT_FROM_IS_LIST to control the default for new lists, and the
existing REMOVE_DKIM_HEADERS setting has been extended to allow removing
those headers only for certain from_is_list lists. This feature must
be enabled by setting ALLOW_FROM_IS_LIST to Yes in mm_cfg.py. See the
description of these settings in Defaults.py for more detail. This
feature is experimental in 2.1.16, and it is subject to change or to
become just one of the two methods in a subsequent release. People
interested in this feature are encouraged to try it and report their
experiences to the mailman-users@python.org list.
- There is a new DISPLAY_HELD_SUMMARY_SORT_BUTTONS setting which if set
in mm_cfg.py will display a set of radio buttons in the admindb held
message summary to select how the held messages are sorted and grouped
for display. The exact setting determines the default grouping and
sorting. See the description in Defaults.py for details.
- Setting digest_size_threshhold to zero now means no digests will be
sent based on size instead of a digest being sent with every post.
(LP: #558274)
- There is a new mm_cfg.py setting SUBSCRIBE_FORM_SECRET which will put
a dynamically generated, hidden hash in the listinfo subscribe form and
check it upon submission. Setting this will prevent automated processes
(bots) from successfully POSTing web subscribes without first retrieving
and parsing the form from the listinfo page. The form must also be
submitted no later than FORM_LIFETIME nor no earlier than
SUBSCRIBE_FORM_MIN_TIME after retrieval. Note that enabling this will
break any static subscribe forms on your site. See the description in
Defaults.py for more info. (LP: #1082746)
- add_members now has an option to add members with mail delivery disabled
by admin. (LP: #1070574)
- IncomingRunner now logs rejected messages to the vette log.
(LP: #1068837)
- The name of the mailmanctl master lock file is now congigurable via the
mm_cfg.py setting MASTER_LOCK_FILE. (LP: #1082308)
- list_lists now has an option to list only lists with public archives.
(LP: #1082711)
Contributed programs
- A new import_majordomo_into_mailman.pl script has been contributed by
Geoff Mayes. (LP: #1129742)
- A new "sitemap" bash script has been contributed by Tomasz Chmielewski
<mangoo@wpkg.org> to generate a sitemap.xml file of an installation's
public archives for submission to search engines.
i18n
- The Danish translation has been updated thanks to Tom Christensen.
- Fixed a string in the Czech message catalog. (LP: #1234567)
- A Farsi (Persian) translation has been added thanks to Javad Hoseini and
Mahyar Moghimi.
- Fixed several misspelled or garbled string replacements in the Spanish
message catalog. (LP: #1160138)
- pt_BR message catalog has two new and an updated message per Hugo Koji
Kobayashi. (LP: #1138578)
- German message catalog has been updated per Ralf Hildebrandt.
- Corrected typo in templates/it/private.html.
Bug Fixes and other patches
- Fixed a crash in SpamDetect.py which caused messages with unparseable
RFC 2047 encoded headers to be shunted. (LP: #1235101)
- Fixed cron/disabled to send a fresh cookie when notifying disabled
members. (LP: #1203200)
- Added "message_id" to the interpolation dictionary for the Article.html
template. (LP: #725498)
- Changed the admin GUI to report only the bad entries in a list of email
addresses if any are bad. (LP: #558253)
- Added logging for template errors in HyperArch.py. (LP: #558254)
- Added more explanation to the bad owner address message from
bin/newlist. (LP: #1200763)
- Fixed a bug causing the admin web interface to fail CSRF checking if
the list name contains a '+' character. (LP: #1190802)
- Fixed bin/mailmanctl -s to not remove the master lock if it can't be
determined to be truly stale. (LP: #1189558)
- It is no longer possible to add 'invalid' addresses to the ban_list
and the *_these_nonmembers filters from the check boxes on the admindb
interface. (LP: #1187201)
- Backported recognition for mail.ru DSNs and minor bug fixes from
lp:flufl.bounce. (LP: #1074592, LP: #1079249 and #1079254)
- Defended against buggy web servers that don't include an empty
QUERY_STRING in the CGI environment. (LP: #1160647)
- The Switchboard.finish() method now logs the text of the exception when
it fails to unlink/preserve a .bak file. (LP: #1165589)
- The pending (un)subscriptions waiting approval are now sorted by email
address in the admindb interface as intended. (LP: #1164160)
- The subscribe log entry for a bin/add_members subscribe now identifies
bin/add_members as the source. (LP: #1161642)
- Fixed a bug where the Subject: of the user notification of a
bin/remove_members unsubscribe was not in the user's language.
(LP: #1161445)
- Fixed a bug where BounceRunner could create and leave behind zero length
bounce-events files. (LP: #1161610)
- Added recognition for another Yahoo bounce format. (LP: #1157961)
- Changed configure's method for getting Python's include directory from
distutils.sysconfig.get_config_var('CONFINCLUDEPY') to
distutils.sysconfig.get_python_inc(). (LP: #1098162)
- Added an Auto-Generated: header to password reminders. (LP: #558240)
- Fixed a bug where non-ascii characters in the real name in a subscription
request could throw a UnicodeEncodeError upon subscription approval and
perhaps in other situations too. (LP: #1047100)
- The query fragments send_unsub_notifications_to_list_owner and
send_unsub_ack_to_this_batch will now assume default values if not set
in mass unsubscribe URLs. (LP: #1032378)
- Replaced utf-8 encoded characters in newly added German templates with
HTML entities. (LP: #1018208)
2.1.15 (13-Jun-2012)
Security
- Strengthened the validation of email addresses.
- An XSS vulnerability, CVE-2011-0707, has been fixed.
- The web admin interface has been hardened against CSRF attacks by adding
a hidden, encrypted token with a time stamp to form submissions and not
accepting authentication by cookie if the token is missing, invalid or
older than the new mm_cfg.py setting FORM_LIFETIME which defaults to one
hour. Posthumous thanks go to Tokio Kikuchi for this implementation
which is only one of his many contributions to Mailman prior to his
death from cancer on 14 January 2012.
New Features
- Added a password reminder button to the private archive login page.
Backported from the 2.2 branch.
- There is a new list attribute regular_exclude_ignore set from mm_cfg.py
DEFAULT_REGULAR_EXCLUDE_IGNORE. This defaults to True even though the
prior behavior is equivalent to False. A True setting will ignore an
exclude list if the poster is not a member of that list. The False
setting can result in list members not receiving posts if the nonmember
post is not accepted by the exclude list. Backported from 2.2 branch.
- Eliminated the list cache from the qrunners. Indirect self-references
caused lists to never be dropped from the cache which in turn caused
the qrunners to grow very large in installations with many lists or
multiple large lists. Bug #862683.
- The user options 'list my other subscriptions' page now indicates for
each list if the subscription is 'nomail' or 'digest'. Bug #793669.
- A new list poster password has been implemented. This password may only
be used in Approved: or X-Approved: headers for pre-approving posts.
Using this password for that purpose precludes compromise of a more
valuable password sent in plain text email. Bug #770581.
- A new mm_cfg.py setting AUTHENTICATION_COOKIE_LIFETIME has been added.
If this is set to a non-zero value, web authentication cookies will
expire that many seconds following their last use. Its default value is
zero to preserve current behavior.
- A new mm_cfg.py setting RESPONSE_INCLUDE_LEVEL has been added to control
how much of the original message is included in automatic responses to
email commands. The default is 2 to preserve the prior behavior of
including the full message. Setting this to 1 in mm_cfg.py will include
only the original headers, and 0 will include none of the original. It
is recommended to set this to 0 in mm_cfg.py to minimize the effects of
backscatter. Bug #265835.
- A new mm_cfg.py setting DEFAULT_RESPOND_TO_POST_REQUESTS has been added
to control the default for respond_to_post_requests for new lists. It is
set to Yes for backwards compatibility, but it is recommended that
serious consideration be given to setting it to No. Bug #266051.
- A new mm_cfg.py setting DISCARD_MESSAGE_WITH_NO_COMMAND has been added to
control whether a message to the -request address without any commands or
a message to -confirm whose To: address doesn't match VERP_CONFIRM_REGEXP
is responded to or just logged. It defaults to Yes which is different
from prior behavior. Bug #410236.
- Two new mm_cfg.py settings, BROKEN_BROWSER_WORKAROUND and
BROKEN_BROWSER_REPLACEMENTS, have been added to control escaping of
additional characters beyond the standard <, >, &, and " in the web UI.
See the documentation of these settings in Defaults.py. The default
values for these settings result in no change from the prior release.
Bug #774588.
i18n
- Added some missing German templates from Egon Frerich.
- Added Greek translation from Antonis Limperis.
- A few errors in the Basque translation are fixed. Bug #836861.
- Fixed a misspelling in the German invite.txt template. Bug #815444.
- Fixed a missing format character in the Spanish translation.
Bug #670988.
- Thanks go to the following for updating translations for the changes in
this release.
Thijs Kinkhorst
Stefan Foerster
Fabian Wenk
Bug Fixes and other patches
- Fixed a bug that could send an admin notice of a held subscription with
the subject in the user's preferred language instead of the list's
preferred language and possibly not properly RFC 2047 encoded.
(LP: #998949)
- Fixed a possible CPU bound loop in OutgoingRunner if the attempt to
Connect to the SMTP server throws a socket.error. (LP: #966531)
- Fixed a potential crash in the web UI if a language is removed from the
LC_DESCRIPTIONS dictionary. (LP: #966565)
- Added an Auto-Submitted: header to invitations and (un)subscription
confirmation requests to reduce the possibility of an autoresponder
confirming the request. (LP: #265831)
- Added javascript to the private.html and admlogin.html templates to
focus the cursor on the entry field. (LP: #266054)
- Added CPPFLAGS and LDFLAGS to src/Makefile to support their use.
(LP: #637652)
- Stopped removing the trailing slash from the List-Archive: header URL.
(LP: #964190)
- A configured version of contrib/courier-to-mailman.py is now created in
build/contrib/courier-to-mailman.py. (LP: #999250)
- Subscription disabled warnings are now sent without a Precedence:
header. Bug #808821.
- Backported 2.2 branch fix for a problem in SpamDetect.py that could
cause header_filter_rules to fail to match RFC 2047 encoded headers.
- Fix for bug #629738 could cause a crash in the admindb details display
if the decoded message body contained characters not in the character
set of the list's preferred language. Fixed. Bug #910440.
- Added recognition for another Qmail bounce format.
- Fixed an erroneous seek in the Mailman.Mailbox.Mailbox.AppendMessage
method that could cause a corrupt mailbox for files opened 'w+'.
Bug #901957.
- A held message with a null sender caused a crash in the admindb
interface. This is fixed by changing the sender to <missing>.
Bug #897103.
- Changed subject prefixing to allow for possible whitespace between an
'Re' and the following colon when determining how to add the prefix.
Bug #893290.
- Fixed a problem where topics regexps would not match RFC 2047 encoded
Keywords: and/or Subject: headers. Bug #891676.
- Fixed misleading response to an email approval of a held message.
Bug #889968.
- Added masthead.txt to the list of templates that can be edited via the
web admin interface. Bug #266805.
- Changed the way digest_footer is added to the RFC 1153 (plain) format
digest for RFC compliance. Bug #887610.
- Fixed cron/checkdbs to report unsubscriptions waiting approval.
Bug #873821.
- The fix for BUG #266220 (sf1181161) has been enhanced so that if there
is a pathological HTML part such that the Approved: password text isn't
found, but it is found after stripping out HTML tags, the post is
rejected with an informative message.
- A bug that would cause reset of any new_member_options bits other than
the four displayed as checkboxes on the list admin General Options page
whenever the page was updated or bin/config_list attempted to update
new_member_options has been fixed. Bug #865825.
- A problem with the logic avoiding unnecessarily reloading a current list
object from the config.pck arises if the list is updated by another
process within the same second that it was last read/written. That can
cause the reading of latest version of the list to be skipped. This has
been fixed. Bug #862675.
- Fixed bin/export.py to accept case insensitive password schemes.
Bug #833134.
- Added Tokio Kikuchi's icons to the misc/ and installed icons/
directories. Bug #782474.
- Fixed a problem which could result in raw, undecoded message bodies
appearing in plain digests and archives. Bug #787790.
- Fixed a problem in admindb.py where the character set for the display of
the message body excerpt was not correctly determined. Bug #779751.
- Prevented setting user passwords with leading/trailing whitespace.
Bug #778088.
- Mailman now sets the 'secure' flag in cookies set via https URLs.
Bug #770377.
- Added a logout link to the admindb interface and made both admin and
admindb logout effective for a site admin cookie if allowed.
Bug #769318.
- Replaced the old Mailman logos and icon that install to Mailman's icons
directory with the new ones. If you copy these elsewhere on your
server, please copy these new ones.
- Changed bin/genaliases to only call the POSTFIX_*_CMD commands once when
MTA = 'Postfix'. Bug #266408.
- Added a report of the affected members to the warnings issued when
setting a list with digest members digestable=No and when setting a list
with non-digest members nondigestable=no. Bug #761232.
- Fixed a problem where content filtering could remove the headers from
an attached message/rfc822 part if the message in that part is
multipart/alternative and collapse_alternatives is Yes. Bug #757062.
- Changed the subscribe CGI to strip leading and trailing whitespace from
the supplied email address. Bug #745432.
- Changed the maximum number of arguments for the who command to be
considered administrivia from 2 to 1 to help avoid false positives.
Bug #739524.
- Added the list name as 'display-name' in added Sender: headers to help
mitigate Outlook et al 'on behalf of' displays. Bug #736849.
- Fixed a typo in the usage() definition cron/gate_news. Bug #721015.
- Fixed an uncaught KeyError when poster tries to cancel a post which was
already handled. Bug #266224.
- Held message user notifications now come From: list-owner instead of
list-bounces. Bug #714424.
- Issue an HTTP 404 status for private archive file not found.
- @listname entries in *_these_nonmembers are no longer case sensitive.
Bug #705715.
- Changed bin/rmlist to also remove heldmsg files for the removed list and
fixed a problem with removal of stale locks for the list. Bug #700528.
- Fixed a bug where content filtering could leave a multipart message or
part with just one sub-part. These should be recast to just the sub-part.
Bug #701558.
- Fixed a bug that could erroneously handle posts from addresses in
*_these_nonmembers and send held/rejected notices to bogus addresses when
The From or other sender header is RFC 2047 encoded. Bug #702516.
- Updated contrib/mm-handler-2.1.10 to better handle lists with names that
look like admin addresses. Bug #697161.
- Added bounce recognition for a bogus Dovecot MDN. Bug #693134.
- Fixed a problem where an emailed command in the Subject: header with a
non-ascii l10n of an 'Re:' prefix is ignored. Bug #685261.
- Fixed a problem with approving a post by email when the body of the
approval mail is base64 encoded. Bug #677115.
- Fixed the host name in the From: address of the owner notification from
bin/add_members. Bug #666181.
Changelog:
Fixed in Thunderbird 24.6
MFSA 2014-52 Use-after-free with SMIL Animation Controller
MFSA 2014-49 Use-after-free and out of bounds issues found using Address Sanitizer
MFSA 2014-48 Miscellaneous memory safety hazards (rv:30.0 / rv:24.6)
* 2014-06-11: version 1.35
- use just 'postgrey' as process name, instead of '/usr/sbin/postgrey',
because Linux tools are limited to 15 characters (#5)
- Make postgrey work with Perl 5.18 (Yasuhiro KIMURA, #4)
- updated whitelist
* New/changed functionality:
* a single DNS resolver is created for the lifetime of the program,
rather than reinitializing the resolver for each new query.
* bugfixes:
* fix the error message given when an invalid algorithm is
specified in the construction of Mail::DKIM::Signer.
* avoid Perl warning about use of an undefined value in several
places (rt.cpan.org issue #82913).
* speed- improved performance of parsing the message into lines
(rt.cpan.org issue #77902). Patch by Mark Martinec.
* fix DNS queries to use the correct method (txtdata) of Net::DNS
(rt.cpan.org issue #83170). Patch by Mark Martinec.
* fix issue with getting wrong error codes when q= tag is empty
(issue #3011005)
* anti-abuse- prevent a message with thousands of signatures from
thrashing the whole computer (issue #3010997)
* memory usage- significantly reduced memory footprint for
processing a message with a large header and many signatures
* fix error message given when no KeyFile has been specified
(issue #1889690)
* API changes:
* global subroutines resolver() or enable_EDNS0() in module
Mail::DKIM::DNS can be called to specify non-default options
to Net::DNS::Resolver (see also rt.cpan.org issue #80425).
* the Canonicalization::finish_header() method now expects a
argument to be passed to it. In the unusual case that you are
using this method from your own code, please update your code.
* src/mbsync.1:
* don't lie about the default of User
* fix typos
* src/drv_maildir.c:
* don't forget to reset message counts when skipping scan
* remove apparently pointless resetting of recent message count
* src/compat/convert.c:
* error-check renaming of uid mapping database
* error-check reading of old uidvalidity and maxuid files
* src/sync.c:
* error-check committing of sync state
* better error messages for sync state and journal related errors
* remove pointless/counterproductive "Disk full?" error message suffixes
* don't crash in message expiration debug print
* src/compat/config.c:
* fix "inverse copy&pasto" in account labeling code
* don't needlessly quote strings
* write Sync and Expunge to global section if applicable
* don't bother checking impossible condition
* src/main.c:
* fix segfault on passing --{create,expunge}-{master,slave}
* don't needlessly spell out INBOX
* src/drv_imap.c:
* don't crash on malformed response code
* don't crash on truncated LIST response
* fix crash on store without prior fetch with non-UIDPLUS servers
* don't error out if we don't get an X-TUID header
* src/compat/main.c:
* remove pointless pointer assignment
* src/: drv_maildir.c, mdconvert.c:
* fix hypothetical buffer overflows
* close a bunch of fd leaks in error paths
* src/util.c:
* actually use prime numbers for all hash bucket sizes
* src/config.c:
* fix zero MaxSize override in Channels
* src/compat/: config.c, isync.h, util.c:
* rework maildir store mapping
* src/socket.c:
* remove pointless use of AI_V4MAPPED flag
* configure.ac, src/common.h, src/drv_imap.c, src/util.c:
* make date parsing portable, take 2
* src/: drv_maildir.c, sync.c:
* fix _POSIX_SYNCHRONIZED_IO usage
Many of these changes were in response to findings from a Coverity scan.
Fix some conflicting unit tests.
BUILD: Fix bug #195 part II: Compile all binaries with pthreads
support as needed by libopendkim features.
BUILD: Fix packaging damage with autobuild.
2.9.1 2014/03/15
Feature request #177: Add "LuaOnlySigning" so that only the Lua setup
script makes signing requests; suppresses automatic application
of the signing table.
Fix bug #185: odkim.signfor() wasn't processing its arguments properly.
Fix bug #199: Fix use of uninitialized buffer when generating
SMTP response strings due to ADSP rejections.
Fix infinite loop when mlfi_connect() is called with a hostname
starting with a "." character. Reported by Philip Guenther.
Fix loading of refiles when trailing spaces are present in the value.
LIBOPENDKIM: Only call dkiml_dns_close() if there was a
dkiml_dns_service handle set by dkiml_dns_init(). Also,
when closing, reset that handle to NULL.
LIBOPENDKIM: The various dkim_dns_set_*() functions, when passed a
NULL function pointer, merely store it, making the
corresponding function a no-op. Previously, doing
so restored the default.
LIBOPENDKIM: Have dkim_sig_getreportinfo() return descriptors
(if available) regardless of the signer's reporting parameters.
BUILD: Fix bug #188: Clean up last remnants of libstrl.
BUILD: Fix bug #190: Check for HAVE_SUN_LEN in opendkim-db.c.
BUILD: Fix bug #191: Better minimum version checks for libmemcached.
BUILD: Fix bug #192: Different test for libevent.
BUILD: Fix bug #193: Don't throw away user-provided compilation
variables.
BUILD: Fix bug #195: Compile opendkim-genzone with pthreads support.
BUILD: Fix bug #202: Fix pkg-config check for GNUTLS.
BUILD: Fix bug #203: opendkim-genzone requires pthreads.
BUILD: Patch #29: Look for libmilter in lib64.
BUILD: Patch #30: Include libdl when linking in Lua.
BUILD: Don't throw away user-provided compilation variables.
Problem noted by Quanah Gibson-Mount.
BUILD: Rename "--with-mdb" to "--with-lmdb" for consistency
with that package's naming conventions.
CONTRIB: Fix bug #184: Update to contrib/systemd/opendkim.service
MILTERTEST: Add "polite" flag to mt_disconnect().
TOOLS: Fix bug #187: Increase buffer size for the private key in
opendkim-testkey.
TOOLS: Fix opendkim-spam to match the schema found in stats/mkdb.mysql.
Add dependency to net/pear-Net_Sieve.
Please refer UPGRADING from older relase, especially configuration
files are changed.
Please refer CHANGELOG for detail.
* changed english and added Total on qmqtool -s
* added more stats with qmqtool -s -V
* modified some regexs to be arithmetic instead
* changed string finding code:
increased speed
removed fallback routine
use grep -E (egrep) when /pattern/ is used
support case insensitive search with /pattern/i
* rely on PATH instead of statically searching
* improved queue consistency check
* -[lRTLx] /displays/ calculated size
* added -x feature for extended information on a message
* created ./configure ; make ; make install process
(even though we're just a light perl script)
* Many cosmetic improvements to watch-multiple-mimedefangs.tcl
* Fix md_get_bogus_mx_hosts so it checks A records iff a domain has
no MX records.
* Add a forward declaration of rebuild_entity to avoid warnings on
recent Perl versions.
* Reduce potential patch conflicts by switching more DESTDIR support to sed
* Enable `qmail-netqmail` by default
* Install `qmail-viruscan` signatures via CONF_FILES
* With `tls` option, don't generate cert, instruct the user at INSTALL time
That last change also fixes the source build with `tls` enabled on
systems that don't already have a /var/qmail/control, as reported
by Thomas Lazar on pkgsrc-users@.
While here, add a comment with the new location of the qregex patch.
Since it's named strangely, I've also placed a traditionally-named
copy on ftp.n.o.
Bump PKGREVISION.
* Fix IDLE mode regression (it didn't worked) introduced
after v6.5.5 (pointy hat goes to Eygene Ryabinkin, kudos --
to Tomasz Żok)
* Add knob to invoke folderfilter dynamically on each sync (GitHub#73)
* Add knob to apply compression to IMAP connections (Abdó Roig-Maranges)
* Add knob to filter some headers before uploading message
to IMAP server (Abdó Roig-Maranges)
* Allow to sync GMail labels and implement GmailMaildir repository that
adds mechanics to change message labels (Abdó Roig-Maranges)
* Allow to migrate status data across differend backends
(Abdó Roig-Maranges)
* Support XDG Base Directory Specification
(if $XDG_CONFIG_HOME/offlineimap/config exists, use it as the
default configuration path; ~/.offlineimaprc is still tried after
XDG location) (GitHub#32)
* Allow multiple certificate fingerprints to be specified inside
'cert_fingerprint'
Do it for all packages that
* mention perl, or
* have a directory name starting with p5-*, or
* depend on a package starting with p5-
like last time, for 5.18, where this didn't lead to complaints.
Let me know if you have any this time.
This is a SECURITY release, addressing a CRITICAL remote code execution
flaw in Exim version 4.82 (only) when built with DMARC support (an
experimental feature, not on by default). This release is identical to
4.82 except for the small change needed to plug the security hole. The
next release of Exim will, eventually, be 4.83, which will include the
many improvements we've made since 4.82, but which will require the
normal release candidate baking process before release.
You are not vulnerable unless you built Exim with EXPERIMENTAL_DMARC.
This issue is known by the CVE ID of CVE-2014-2957, was reported
directly to the Exim development team by a company which uses Exim for
its mail server. An Exim developer constructed a small patch which
altered the way the contents of the From header is parsed by converting
it to use safer and better internal functions. It was applied and
tested on a production server for correctness. We were notified of the
vulnerability Friday night, created a patch on Saturday, applied and
tested it on Sunday, notified OS packagers on Monday/Tuesday, and are
releasing on the next available work day, which is Wednesday.
This is why we have made the smallest feasible changes to prevent
exploit: we want this chagne to be as safe as possible to expedite into
production (if the packages were built with DMARC).
