4a28801833
Alpine 2.23 * Implementation of XOAUTH2 authentication support for Outlook. Based on documentation suggested by Andrew C Aitchison. * Add support for the OAUTHBEARER authentication method in Gmail. Thanks to Alexander Perlis for suggesting it and explaining how the method works. * Creation of Alpine's Privacy Policy. This is presented as a link to an online document from the Release Notes (Link at the top of this document.) Upon user request, Alpine downloads and displays this document. Links to the privacy policy are also displayed when a user starts Alpine for the first time, or when a user starts a new version of Alpine. There is no default exit greeting command for these screens, and to exit the user must press "E", instead of the old default, which was the RETURN command. The RETURN command will open the handle on which the cursor is on, which by default is the Privacy Policy. * Support for the SASL-IR IMAP extension that avoids a round trip during authentication. Similar support added for the SMTP, NNTP and POP3 protocols. Thanks to Geoffrey Bodwin for a report that lead to this implementation. * Alpine can pass an HTML message to an external web browser, by using the "External" command in the ATTACHMENT INDEX screen. * New configuration variable external-command-loads-inline-images-oly that controls if Alpine will keep the source link to all the images in the HTML message, or will only pass a link to inline images included in the message. For your privacy and security this feature is enabled by default. * When reading an email and a user selects an email address to which to compose a message from the message, the user will be able to select a role to compose that message. * New variable system-certs-path that allows users to indicate the location of the directory where certificates are located. In PC-Alpine this must be C:\libressl\ssl\certs. The C: drive can be replaced by the name of the drive where the binary and DLL files are located. * New variable system-certs-file that allows users to configure the location of a container of certificate authority (CA) certificates to be used to validate certificates of remote servers. * Remove sleep of 5 seconds for mailcap programs that use the terminal to display content. Suggested by Carl Edquist. In addition, remove configurable process table command and its corresponding sleep time. Bugs that have been addressed include: * Security Bug: Alpine can be configured to start a secure connection using /tls on an insecure connection. However, if the connection is PREAUTH, Alpine will not upgrade the connection to a secure connection, because a client must not issue a STARTTLS to a server that supports it in authenticated state. This makes Alpine continue to use an insecure connection with the server, exposing user data. Reported by Damian Poddebniak and Fabian Ising from Muenster University of Applied Sciences. * Selecting by subject might not copy the subject of the current message to the selection text correctly. Reported by Iosif Fettich. * Alpine does not set the return path correctly when using a role while bouncing a message. Reported by Dr. C. Griewatsch. * Bug in PC-Alpine that made Alpine go into an infinite loop and consume CPU when it was iconized. Reported by Holger Schieferdecker in comp.mail.pine. * Crash in Alpine when attempting to reply to a multipart/alternative message that is malformed, and the option to include attachments in reply is enabled. Reported and patched by Peter Tirsek. * Bug that makes Alpine split encoded words in the subject of a message in the middle of a utf-8 character into two encoded words, breaking the encoding. Reported by Jean Chevalier. * Alpine would not redraw the screen when a check for new mail in an incoming folder failed due to a failure while validating the server certificate, and the user did not allow the connection to proceed. * Crash in Alpine while resizing the screen when using any of the tokens SUBJKEYTEXT, SUBJECTTEXT, or SUBJKEYINITTEXT in the index format, and the screen was resized. Reported by Iggy Mogo. * When Alpine is trying to authenticate to Gmail, using the XOAUTH2 method, it does not display the url the user needs to open, in order to authorize Alpine to access Gmail using XOAUTH2 when Alpine still has not created a screen. Reported by Baron Fujimoto. * When an html anchor does not quote the link in the href parameter, alpine does not link to it. * Attempt to fix a bug that breaks scrolling of a message in Alpine when the screen is resized. Reported in the Debian bug system at https://bugs.debian.org/cgi-bin/bugreport.cgie?bug=956361. Alpine 2.24 * Implementation of XOAUTH2 for Yahoo! Mail. * Expansion of the configuration screen for XOAUTH2 to include username, authorization flow, and tenant. * XOAUTH2: automatic renew of access token and connection to a server within 60 seconds of expiration of the access token. * If a user has more than one client-id for a service, Alpine asks the user which client-id to use and associates that client-id to the credentials in the XOAUTH2 configuration screen. * Addition of Yandex.com to the list of services that Alpine can use XOAUTH2 to authenticate for reading and sending email. * Addition of a link to the Apache License 2.0 (see above). This is available from the Release Notes as well as the welcome screen. * Modifications to protect the privacy of users: + Alpine does not generate Sender or X-X-Sender by default by enabling [X] Disable Sender as the default. + Alpine does not disclose User Agent by default by enabling [X] Suppress User Agent by default. + Alpine uses the domain in the From: header of a message to generate a message-id and suppresses all information about Alpine, version, revision, and time of generation of the message-id from this header. This information is replaced by a random string. * Unix Alpine displays configure options and flags when invoked as "alpine -v". Suggested by Matt Ackeret. * Alpine will ding the terminal bell when asking about quitting when new mail arrives. This is consistent with Alpine dinging the bell when new mail arrives. The bell will not ding if it is disabled for status messages. Suggested by Chime Hart. * When messages are selected, pressing the ";" command to broaden or narrow a search, now offers the possibility to completely replace the search, and is almost equivalent to being a shortcut to "unselect all messages, and select again". The difference is that cancelling this command will not unselect all currently selected messages. Suggested by Holger Trapp. * Alpine will not write debug files unless started with the option -d, so for example "alpine -d 2" will generate a debug file at level 2, but just issuing the alpine command will not write any debug to a file. * Experimental: Attempt to implement the Encryption Range in Windows. It works in Windows 10, and it should work in Windows 8.1. It needs testing in Windows 7 and Windows Vista. * Addition of variables user-certs-path and user-certs-file which allow a user to specify locations for certificates that the user trusts. * Ignore non-empty initial challenge in the GSSAPI authenticator. Based on a patch written by Jarek Polok, but submitted by Ignacio Reguero. * When a server expires a refresh token, Alpine needs to cancel it internally. Alpine will attempt to get a new one when it reopens the folder after it cancels it. * Set up the IMAP ID at the moment of logging in to the server, rather than as a one time option, in case we need to use a special IMAP ID. Bugs that have been addressed include: * When Alpine starts a PREAUTH connection, it might still ask the user to login. Reported by Frank Tobin. * Crash while resizing the screen when viewing a calendar event. * When Alpine opens a folder in a server whose address is given numerically it might crash due to an incorrect freeing of memory. Reported by Wang Kang. * Crash when Alpine frees memory on a system where LC_CTYPE is not configured, and the user calls the file browser to attach files to a message. Reported by Luis Gerardo Tejero. * Invalid signatures created by Alpine, when built with recent releases of the Openssl-1.1.1 series (but not in the Openssl-1.0.1 series). Fix contributed by Bernd Edlinger. * After returning from the directory side of a dual-folder, sometimes Alpine would return to the first folder in the parent directory or to the dual-folder. The fix is to return to the original dual-folder as intended. Reported by Holger Trapp. * When an attachment is deleted and the original message is saved, Alpine might write only a part of the name of the file deleted. Reported by Holger Trapp. * URLs that are surrounded by white space are not cleaned by Alpine before passing them to the browser, resulting in no display of the URL when Alpine tries to open it. Reported by Gregory Heytings. * When Alpine is built without smime, password file functionality might fail. Reported by Andres Fehr. * Crash in PC-Alpine when using the eXternal command. * Fix in Macs that made Alpine abort a ssh connection to an imap server. Reported and assisted by Wang Kang. |
||
---|---|---|
.. | ||
patches | ||
DESCR | ||
distinfo | ||
Makefile | ||
PLIST |