diff options
| author | frueauf <frueauf@pkgsrc.org> | 2005-12-20 14:27:53 +0000 |
|---|---|---|
| committer | frueauf <frueauf@pkgsrc.org> | 2005-12-20 14:27:53 +0000 |
| commit | 41348c590d1e66942e3d0ebd043d5b267017b896 (patch) | |
| tree | aa04aae7b666f7d2e794d0871ec14cbab5eee293 /mail/fetchmail/distinfo | |
| parent | 552c2ca893852815301fe21be0596cb568fb5d9d (diff) | |
| download | pkgsrc-41348c590d1e66942e3d0ebd043d5b267017b896.tar.gz | |
Update fetchmail to 6.2.5.5.
Change homepage to http://fetchmail.berlios.de/ and update MASTER_SITES.
Changes introduced since 6.2.5:
fetchmail-6.2.5.X is a security fix branch that forked off
fetchmail-6.2.5. It does not change for anything but security and the
most severe bug fixes. Note that no 6.2.5.X security audits are planned
except when a particular bug is reported, and that 6.2.5.X is unsafe to
use on some systems, particularly those that lack a *working and secure*
snprintf implementation.
The fetchmail 6.2.5.X branch will be discontinued early in 2006.
fetchmail-6.2.5.5 2005-12-19 Matthias Andree
* SECURITY FIX CVE-2005-4348: fix null pointer dereference in
multidrop mode when the message is empty. Reported by Daniel Drake
<http://article.gmane.org/gmane.mail.fetchmail.user/7573> and others
(Debian Bug #343836). Fix by Sunil Shetye.
* Fix Debian bug #301964, fetchmail leaks sockets when SSL negotiation
fails. Fix suggested by Goswin Brederlow.
* Add fetchmail-SA-2005-{01,02,03}.txt
fetchmail-6.2.5.4 2005-11-13 Matthias Andree
* Also ship pre-built rcfile_y.[ch] for systems that don't have flex,
yacc or bison.
* On FreeBSD, add /usr/local/include to CPPFLAGS so that libintl.h is found.
* Avoid automatically picking up HESIOD implementations that lack
hesiod_getmailhost, such as the one in FreeBSD's base system.
* Fix makedepend for separated build (where the build is not run from
the source directory), but prevent packaging from separated build, it
yields bogus results.
* Fix resolv.h autodetection.
* Add +HESIOD to version printout if appropriate.
fetchmail-6.2.5.3 2005-11-12 Matthias Andree
* SECURITY FIX CVE-2005-3088: fetchmailconf: fix password exposure: use
umask 077 before opening output file and restore umask later.
* Critical fix: fix IMAP timeouts, counting message count down on
servers that do not send EXISTS counts after EXPUNGE. Debian Bug#314509.
* Ship pre-built rcfile_l.c for systems that don't have flex.
* Build environment: Update included gettext. Fix
--with-included-gettext. Fix parallel build (make -j). Fix "always
rebuild fetchmail" syndrome.
* Do not link against -ll or -lfl (not needed).
fetchmail-6.2.5.2
(patch Fri Jul 22 01:52 GMT 2005,
tarball Sat Jul 23 21:34 GMT 2005)
* README: Added a note about release status - READ IT!
* Note: Due to a Makefile.in bug, you may need to use GNU make.
* SECURITY FIX CVE-2005-2335: truncate UIDL replies, lest malicious or
compromised POP3 servers overflow fetchmail's stack. Debian bug
#212762. This is a remote root exploit.
Thanks: Miloslav Trmac for pointing out the fix in 6.2.5.1 was buggy.
Thanks: Ludwig Nussel for a much simpler fix.
* Critical fix: omit blank between MAIL FROM: and <user@example.org>,
as this causes mail loss with some listeners.
* Fix: POP2 driver wouldn't properly check authentication failure.
* Sunil Shetye's fix to force fetchsizelimit to 1 for APOP and RPOP.
Diffstat (limited to 'mail/fetchmail/distinfo')
| -rw-r--r-- | mail/fetchmail/distinfo | 14 |
1 files changed, 6 insertions, 8 deletions
diff --git a/mail/fetchmail/distinfo b/mail/fetchmail/distinfo index b26b0d84066..266d4036849 100644 --- a/mail/fetchmail/distinfo +++ b/mail/fetchmail/distinfo @@ -1,16 +1,14 @@ -$NetBSD: distinfo,v 1.33 2005/11/01 19:16:52 adrianp Exp $ +$NetBSD: distinfo,v 1.34 2005/12/20 14:27:53 frueauf Exp $ -SHA1 (fetchmail-6.2.5.tar.gz) = 4656ec4393ccd1c137fe7b331f77cb26b576ac0e -RMD160 (fetchmail-6.2.5.tar.gz) = e32b91a959d0e80c4bd45a8758811cbe95a98180 -Size (fetchmail-6.2.5.tar.gz) = 1257376 bytes +SHA1 (fetchmail-6.2.5.5.tar.gz) = 119dc2d0f533541413b7951edec8ecf1c0308b1b +RMD160 (fetchmail-6.2.5.5.tar.gz) = f0d74e5e985973867944962c949e7e5d76f77b84 +Size (fetchmail-6.2.5.5.tar.gz) = 1327784 bytes SHA1 (patch-aa) = 3c8aaac5d53c1069995ab74ad99bc5e64843a507 SHA1 (patch-ab) = 009a97639502365f8b6ec4e854622620391a812f SHA1 (patch-ac) = ef0e651807bb0942ca79ed3b10ffc000f71bd330 SHA1 (patch-ad) = b6bffc59f28992fa0d3de0f9dad250c73bbeffc6 -SHA1 (patch-ae) = 3acbacee78ab2084a615b0c02b7f83e563bfc7ac -SHA1 (patch-af) = 06e7b84566b0d3ed50b56f88baf23f15ae21eb21 -SHA1 (patch-ag) = e27a4769dc804bec71b449bed7ff318d15ae8bdf +SHA1 (patch-ae) = da3152bfd2e61d914d1f32c5eee6821aaef3e461 SHA1 (patch-ah) = d6d08403b241a3e1a891faadbb36b0cd00df1398 SHA1 (patch-ai) = 16449ab08c266936d80b8be11c93a3dd1ac5c2fe SHA1 (patch-aj) = 1051c1eb754b9c9cffad2eab4561791975aebbe1 -SHA1 (patch-ak) = d75b42146597a17a1ce91dddc7ed0821697d7ec2 +SHA1 (patch-al) = 660df6275304a95b2bc7b98f71980a335677763e |