| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
8.12.10.
|
|
8.12.10/8.12.10 2003/09/24
SECURITY: Fix a buffer overflow in address parsing. Problem
detected by Michal Zalewski, patch from Todd C. Miller
of Courtesan Consulting.
Fix a potential buffer overflow in ruleset parsing. This problem
is not exploitable in the default sendmail configuration;
only if non-standard rulesets recipient (2), final (4), or
mailer-specific envelope recipients rulesets are used then
a problem may occur. Problem noted by Timo Sirainen.
Accept 0 (and 0/0) as valid input for set MaxMimeHeaderLength.
Problem noted by Thomas Schulz.
Add several checks to avoid (theoretical) buffer over/underflows.
Properly count message size when performing 7->8 or 8->7 bit MIME
conversions. Problem noted by Werner Wiethege.
Properly compute message priority based on size of entire message,
not just header. Problem noted by Axel Holscher.
Reset SevenBitInput to its configured value between SMTP
transactions for broken clients which do not properly
announce 8 bit data. Problem noted by Stefan Roehrich.
Set {addr_type} during queue runs when processing recipients.
Based on patch from Arne Jansen.
Better error handling in case of (very unlikely) queue-id conflicts.
Perform better error recovery for address parsing, e.g., when
encountering a comment that is too long. Problem noted by
Tanel Kokk, Union Bank of Estonia.
Add ':' to the allowed character list for bogus HELO/EHLO
checking. It is used for IPv6 domain literals. Patch from
Iwaizako Takahiro of FreeBit Co., Ltd.
Reset SASL connection context after a failed authentication attempt.
Based on patch from Rob Siemborski of CMU.
Check Berkeley DB compile time version against run time version
to make sure they match.
Do not attempt AAAA (IPv6) DNS lookups if IPv6 is not enabled
in the kernel.
When a milter adds recipients and one of them causes an error,
do not ignore the other recipients. Problem noted by
Bart Duchesne.
CONFIG: Use specified SMTP error code in mailertable entries which
lack a DSN, i.e., "error:### Text". Problem noted by
Craig Hunt.
CONFIG: Call Local_trust_auth with the correct argument. Patch
from Jerome Borsboom.
CONTRIB: Better handling of temporary filenames for doublebounce.pl
and expn.pl to avoid file overwrites, etc. Patches from
Richard A. Nelson of Debian and Paul Szabo.
MAIL.LOCAL: Fix obscure race condition that could lead to an
improper mailbox truncation if close() fails after the
mailbox is fsync()'ed and a new message is delivered
after the close() and before the truncate().
MAIL.LOCAL: If mail delivery fails, do not leave behind a
stale lockfile (which is ignored after the lock timeout).
Patch from Oleg Bulyzhin of Cronyx Plus LLC.
Portability:
Port for AIX 5.2. Thanks to Steve Hubert of University
of Washington for providing access to a computer
with AIX 5.2.
setreuid(2) works on OpenBSD 3.3. Patch from
Todd C. Miller of Courtesan Consulting.
Allow for custom definition of SMRSH_CMDDIR and SMRSH_PATH
on all operating systems. Patch from Robert Harker
of Harker Systems.
Use strerror(3) on Linux. If this causes a problem on
your Linux distribution, compile with
-DHASSTRERROR=0 and tell sendmail.org about it.
Added Files:
devtools/OS/AIX.5.2
update provided by Adrian Portelli in PR pkg/22836.
|
|
* A crash bug when deleting currently opened folder has been fixed.
* The performance issue of the address book has been fixed.
* The behavior of manual signature insertion has been reverted.
* A crash bug on startup when a font can't be loaded has been fixed.
* The format of MIME boundary has been modified again.
* Other minor bugfixes have been made.
ok'ed by chris@
|
|
USE_PKGSRC_GCC as appropriate, as this is handled by compiler.mk now.
|
|
in PR pkg/22375.
|
|
Bump PKGREVISION to 2.
|
|
Patch provided by Adrian Portelli <adrianp@stindustries.net> via PR
pkg/22753.
Changes:
============================================================================
2003/08/12 (2.6.8)
* Bug Fixes:
Bug ID Summary
------ ------------------------------------------------------------
4719 Spurious read_fmt_file call
------ ------------------------------------------------------------
<https://savannah.nongnu.org/bugs/?group=mhonarc>
============================================================================
2003/08/07 (2.6.7)
* Bug Fixes:
Bug ID Summary
------ ------------------------------------------------------------
4569 Problem with unfolding can mess up boundary processing in
multipart messages.
4594 Initial space on lines removed when using fancyquote.
------ ------------------------------------------------------------
<https://savannah.nongnu.org/bugs/?group=mhonarc>
* Added LANG resource to define locale. Affects resource filename
resolution and message subject and author sorting.
* readmail.pl updated to define the following special header field
keys passed to filter routines:
x-mha-content-type The media type of the entity extracted from
content-type entity header
x-mha-part-number The relative part number of the entity with
respect to parent entity. To get the
absolute part number, use
readmail::get_full_part_number($fields).
x-mha-parent-header Reference to parent header fields hash.
This, and other data structures, are now mentioned in the MIMEFILTERS
resource page.
* Text/richtext tag, <samepage>, is quietly dropped in mhtxtenrich.pl.
|
|
|
|
if no milters configured and setting is consistent with how the in-tree
version is built.
Bump PKGREVISION.
Closes PR pkg/21010 from Todd Vierling.
|
|
version.
From PR pkg/21012 from Jim Bernard.
|
|
Don't bother bumping PKGREVISION for this.
|
|
to listen to IMAPS requests.
|
|
No changes since 3.2.2rc1.
|
|
* Correct a potential DOS attack in the fud daemon.
* Arbitron now works again
* Telemetry logging for mupdate
* Duplicate Suppression logging for redirect sieve actions
* A number of bugs in reconstruct have been fixed. also added the -p
and -x options
* Better stubbing out of user_deleteacl
* No longer log any shutdown() failures
* Improved IPv6 support (for systems with two getnameinfo
implementations)
* Misc Documentation Improvements
|
|
|
|
which also fixes the broken dependency. (hi, grant!)
|
|
file at a time. Also some minor clean-ups.
|
|
default user mailboxes to their home directory, specify the name of
the mailbox file.
|
|
* Use ALL_TARGET appropriately instead of using a post-build target.
* Get rid of DEPTHFIRST* variables and do the "depth-first" listing by
using a reverse sort instead.
* Get rid of extra shell processes.
* Tabify.
|
|
dependencies.
|
|
|
|
now set to "pure_install" in perl5/module.mk, so we need to append the
additional target "inst_cfs" that is normally invoked by the "install"
target in ${WRKSRC}/Makefile.
|
|
whitespace.
|
|
full /etc/mail/spamassassin. This is more precise.
|
|
perl5/module.mk.
|
|
- Fixed crash when processing subjects containing "[Fwd: ...]"
- Work around a problem with the Netscape Collabra NNTP server
implementation of the OVER command
- Try to correct for mail clients that wrongly use RFC 2047 instead
of RFC 2231 to encode their attachment filename parameters, which
confuses attachment saving and viewing of filenames of non-ASCII
character sets.
- Fixed potential security problems caused by maliciously-formed RFC
2231 attachment parameters
- Index lines displayed incorrectly for messages with empty subject
lines in threads
- Command-line argument -create_lu was broken in versions 4.55 and
4.56
- Delivery Status Notifications were broken when attempting to do
SMTP over TLS
- Pine hangs when adding an Extra Header in rules with BdyText line
at top of screen
- Possible crash if quell-content-id feature is on and a message
with more than one attachment is rejected by the SMTP server
- When an attached filetype was set by matching the extension, the
MIME charset wasn't being set
- predict-nntp-server didn't preserve flagged options for
nntp-server such as /ssl or /user
- PC-Pine disconnected mailbox icon stays yellow even after
reconnecting
- PC-Pine with the Microsoft SSL bug was crashing when doing bounce,
save, and full headers, which can now be prevented by setting the
quell-ssl-largeblocks feature
- PC-Pine with the Microsoft SSL bug was crashing when doing bounce,
save, and full headers, which can now be prevented by setting the
quell-ssl-largeblocks feature
|
|
|
|
|
|
Bump PKGREVISION to 2.
|
|
imap-2002e is a minor release, released concurrently with Pine 4.57, and
contains primarily bugfixes. Programs written for imap-2002d should build
with this version without modification.
The NNTP client code now tries to perform better with legacy NNTP servers
which do not comply with the current NNTP protocol specification draft, most
notably Netscape Collabra.
Delivery notifications now work reliably with SMTP servers that support it.
The following changes are primarily of concern to developers and power users:
There is a "limited advertise" option in env_unix.c which, if set, will only
advertise the user's own namespace and the #shared/ namespace.
It is now possible to build the IMAP toolkit with a separate SSL KEY file
from the certificate file (SSLKEYS vs. SSLCERTS).
A new BODY structure element, sparep, is available for the main program to
use as a pointer for its own purposes; as well as a SET_FREEBODYSPAREP
function, similar to SET_FREEENVELOPESPAREP, SET_FREEELTSPAREP, etc.
|
|
Changes:
* Balsa-2.0.14 release. Release date 2003-08-26
- message wrapping improvements, RFC 2646 support.
- experimental LDAP write support (feedback and patches appreciated).
- number of bugs fixed.
* Balsa-2.0.13 release. Release date 2003-07-27
- more flexible printing configuration.
- l10n improvements.
- number of bug fixes.
|
|
directories too, and having both will cause the directories to be created with
the wrong owner/mode.
Thanks to Marc Recht for giving me details on this.
|
|
doesn't exist. It's apparently only mapped in the FTP server configuration.
|
|
|
|
- Emergency fix: When you were using 'discard', and it was the last verb
affecting a message, the mbox spool files in the scan directory were not
cleaned up. This is fixed now.
|
|
|
|
Changes:
* The size, the position, and the visibility of separated views are
now remembered.
* The per-folder settings are now preserved even if a folder tree is
rebuilt.
* The receive dialog's option to display the dialog only on manual
receiving has been added.
* 'Top' and 'Bottom' button has been added on the filter setting
dialog.
* The UIDPLUS extension of IMAP4rev1 has been supported.
* The folder system has been cleaned up a bit.
* The sylpheed.spec file bundled in the source package has been
improved.
* The format of MIME boundary has been modified.
* A memory leak and a buffer overrun have been fixed.
|
|
Please review ChangeLog.claws to see the changes between 0.9.2 to
0.9.4, mostly those are bugfixes.
* 0.9.2
* The bug that removed messages from server if "Don't receive" action is
specified by the filter rule has been fixed.
* The bug that caused abort when a button is double-clicked on some
dialogs has been fixed.
* A warning that was displayed when address book was empty has been fixed.
* 0.9.1
* The bug in handling folder names which include '+' in IMAP4 modified
UTF-7 conversion has been fixed.
* The parsing of message/rfc822 parts in multipart messages has been
fixed.
* Several bugs of auto signature replacement has been fixed.
* A bug that didn't hide user string in the Action dialog has been fixed.
* Socket I/O timeout interval is now configurable.
* 0.9.0
* The multi-process network I/O has been implemented for POP3 and SMTP.
* The Action feature has been improved.
* The automatic signature replacement on account change has been
implemented.
* Hyperlinks of HTML messages are now correctly handled.
* The separated message view now has a menubar.
* Original messages' headers are now included as the preset keywords
on automatic filter creation.
* The verbose error messages are now displayed on POP3 and SMTP.
* The lines of the log window is now restricted to reduce the memory
usage.
* The Shift_JIS locale has been supported.
* The internal MIME structure has been cleaned up.
* Address names which have special characters are now correctly quoted.
* Slovak message catalog has been added.
* The header corruption bug on reediting has been fixed.
* The bug of UTF-7 encoding conversion has been fixed.
* A workaround for unknown timezones has been made.
* A workaround for wrapping problem on UTF-8 locale has been made.
* More workaround for crashes by illegal characters has been made.
* The crash bug in IMAP4 parser has been fixed.
* The crash bug of the composition window has been fixed.
* The colormap / visual problem on Solaris has been fixed.
* Other bugfixes have been made.
|
|
spamassassin. These patches remove all references to osirusoft from
the rules files (perhaps leaving some of the comments a tad stale),
but leaving information about them in the stats files.
This bumps us to 2.55nb2.
|
|
Should fix PR pkg/22663
|
|
Based on pr pkg/22650 by Adrian Portelli.
Changes since 6.2.3:
* Updated German, Spanish, Catalan, and Turkish translations.
* IDLE is now supported using no-ops even if the server doesn't support
the IMAP IDLE extension.
* Sunil Shetye's patch to do better password shrouding.
* Sunil Shetye's bug-fix rollup patch.
* Introduce a translation item for the word "seen".
* Back out the hack to deal with lack of byte stuffing on some POP3 servers.
* Thomas Steudten's patch to improve SMTP handling of 550 errors.
|
|
Update exim-exiscan to 4.22-11nb1
Include exiqgrep in PLIST, and commit distinfo from previous exim-exiscan
change. Whole exim update was overly hurried due to security announcement.
|
|
|
|
11 - Fixed "permits" table in acl.c, so you can't "use"
exiscans conditions in the RCPT ACL any more. This
was causing a crash, not you get a proper warning.
- Fixed recursive unpacking when the MIME boundary of
the "parent" message contains spaces.
- Put in a fix for tnef.c that allows clean compile
on AIX. Thanks to David Kreindler
<david@govnet.state.vt.us>.
- Added some proper prototypes for some functions,
beautifying the compiler output with -Wall.
- Added exiscan patch version output to 'exim -bV'.
- Removed demime errors from the panic log.
|
|
package, so will let this ride on the update made a few minutes ago.
|
|
|
|
|
|
exim-exiscan adds email content scanning to the exim MTA
It can hook into spamassassin, virus scanning, and to filter on mime type
|
|
Package changes include addition of Makefile.common (to be used by
Upcoming exim-exiscan-acl package), and exim.8
|
|
|
