Automatic conversion of the NetBSD pkgsrc CVS module, use with care
41348c590d
Change homepage to http://fetchmail.berlios.de/ and update MASTER_SITES. Changes introduced since 6.2.5: fetchmail-6.2.5.X is a security fix branch that forked off fetchmail-6.2.5. It does not change for anything but security and the most severe bug fixes. Note that no 6.2.5.X security audits are planned except when a particular bug is reported, and that 6.2.5.X is unsafe to use on some systems, particularly those that lack a *working and secure* snprintf implementation. The fetchmail 6.2.5.X branch will be discontinued early in 2006. fetchmail-6.2.5.5 2005-12-19 Matthias Andree * SECURITY FIX CVE-2005-4348: fix null pointer dereference in multidrop mode when the message is empty. Reported by Daniel Drake <http://article.gmane.org/gmane.mail.fetchmail.user/7573> and others (Debian Bug #343836). Fix by Sunil Shetye. * Fix Debian bug #301964, fetchmail leaks sockets when SSL negotiation fails. Fix suggested by Goswin Brederlow. * Add fetchmail-SA-2005-{01,02,03}.txt fetchmail-6.2.5.4 2005-11-13 Matthias Andree * Also ship pre-built rcfile_y.[ch] for systems that don't have flex, yacc or bison. * On FreeBSD, add /usr/local/include to CPPFLAGS so that libintl.h is found. * Avoid automatically picking up HESIOD implementations that lack hesiod_getmailhost, such as the one in FreeBSD's base system. * Fix makedepend for separated build (where the build is not run from the source directory), but prevent packaging from separated build, it yields bogus results. * Fix resolv.h autodetection. * Add +HESIOD to version printout if appropriate. fetchmail-6.2.5.3 2005-11-12 Matthias Andree * SECURITY FIX CVE-2005-3088: fetchmailconf: fix password exposure: use umask 077 before opening output file and restore umask later. * Critical fix: fix IMAP timeouts, counting message count down on servers that do not send EXISTS counts after EXPUNGE. Debian Bug#314509. * Ship pre-built rcfile_l.c for systems that don't have flex. * Build environment: Update included gettext. Fix --with-included-gettext. Fix parallel build (make -j). Fix "always rebuild fetchmail" syndrome. * Do not link against -ll or -lfl (not needed). fetchmail-6.2.5.2 (patch Fri Jul 22 01:52 GMT 2005, tarball Sat Jul 23 21:34 GMT 2005) * README: Added a note about release status - READ IT! * Note: Due to a Makefile.in bug, you may need to use GNU make. * SECURITY FIX CVE-2005-2335: truncate UIDL replies, lest malicious or compromised POP3 servers overflow fetchmail's stack. Debian bug #212762. This is a remote root exploit. Thanks: Miloslav Trmac for pointing out the fix in 6.2.5.1 was buggy. Thanks: Ludwig Nussel for a much simpler fix. * Critical fix: omit blank between MAIL FROM: and <user@example.org>, as this causes mail loss with some listeners. * Fix: POP2 driver wouldn't properly check authentication failure. * Sunil Shetye's fix to force fetchsizelimit to 1 for APOP and RPOP. |
||
|---|---|---|
| archivers | ||
| audio | ||
| benchmarks | ||
| biology | ||
| bootstrap | ||
| cad | ||
| chat | ||
| comms | ||
| converters | ||
| cross | ||
| crosspkgtools | ||
| databases | ||
| devel | ||
| distfiles | ||
| doc | ||
| editors | ||
| emulators | ||
| finance | ||
| fonts | ||
| games | ||
| geography | ||
| graphics | ||
| ham | ||
| inputmethod | ||
| lang | ||
| licenses | ||
| math | ||
| mbone | ||
| meta-pkgs | ||
| misc | ||
| mk | ||
| multimedia | ||
| net | ||
| news | ||
| packages | ||
| parallel | ||
| pkgtools | ||
| regress | ||
| security | ||
| shells | ||
| sysutils | ||
| templates | ||
| textproc | ||
| time | ||
| wm | ||
| www | ||
| x11 | ||
| Makefile | ||
| pkglocate | ||
| README | ||
$NetBSD: README,v 1.18 2005/05/07 22:18:28 wiz Exp $ Please see doc/pkgsrc.txt for information.