summaryrefslogtreecommitdiff
path: root/mail
AgeCommit message (Collapse)AuthorFilesLines
2021-02-13py-imapclient: updated to 2.2.0adam2-11/+10
Version 2.2.0 ============= Changed ------- - Performance improvements - 2x faster _maybe_int_to_bytes for Python 2 - Fix _proc_folder_list quadratic runtime - Faster utf7 encode. ~40% faster for input with a mix of unicode and ASCII chars. - Cache regex in _process_select_response - poll() when available to surpass 1024 file descriptor limit with select() - Use next instead of six.next as imapclient doesn't claim Python 2.5 support. - Moved "Logged in/out" traces from INFO to DEBUG level - Run tests on Python 3.8 and 3.9 - Support the Deleted special folder used by Outlook - Clean up timeout handling - Run the Black code formatter over the entire project Added ----- - MULTIAPPEND and LITERAL+ support - Use ptpython for interactive shell if available - Allow any custom SASL mechanism to be provided. This allows mechanisms such as EXTERNAL, GSSAPI or SCRAM-SHA-256 to be used in the same way as with imaplib. - Add SASL OAUTHBEARER support - add optional timeout parameter to IMAP4_TLS.open Fixed ----- - fixed special folder searching - Catch the right exception in folder_status - test_imapclient: Fix LoggerAdapter version check - Fix config file parsing for None attributes - Fix useless ref cycle in lexer - Protocol parsing: Prevent converting numbers with leading zeroes to int. - Prevent UnicodeDecodeError in IMAPlibLoggerAdapter - Fix invalid string escape sequences - Ensure timeout is used on Python 2.7. _create_socket isn't used with the Python 2 version of imaplib so the open method has been overrided to make it consistent across Python version. - Fix IMAP4_TLS for imaplib in Python 3.9+
2021-02-13mail/ruby-mime-types-data: update to 3.2021.0212taca2-7/+7
3.2021.0212 / 2021-02-12 * Updated the IANA media registry entries as of release date. * Added a new rake task (release:automatic) that downloads and converts the data from Apache and IANA; if there are changes detected, it updates the release version, changelog, manifest, and gemspec and commits the changes to git.
2021-02-11www/ruby-rails60: update to 6.0.3.5taca2-10/+10
databases/ruby-activerecord60: ## Rails 6.0.3.5 (February 10, 2021) ## * Fix possible DoS vector in PostgreSQL money type Carefully crafted input can cause a DoS via the regular expressions used for validating the money format in the PostgreSQL adapter. This patch fixes the regexp. Thanks to @dee-see from Hackerone for this patch! [CVE-2021-22880] *Aaron Patterson* www/ruby-actionpack60 ## Rails 6.0.3.5 (February 10, 2021) ## * Prevent open redirect when allowed host starts with a dot [CVE-2021-22881] Thanks to @tktech (https://hackerone.com/tktech) for reporting this issue and the patch! *Aaron Patterson*
2021-02-11www/rails52: update to 5.2.4.5taca1-5/+5
## Rails 5.2.4.5 (February 10, 2021) ## * Fix possible DoS vector in PostgreSQL money type Carefully crafted input can cause a DoS via the regular expressions used for validating the money format in the PostgreSQL adapter. This patch fixes the regexp. Thanks to @dee-see from Hackerone for this patch! [CVE-2021-22880] *Aaron Patterson*
2021-02-09thunderbird-l10n: Update to 78.7.1ryoon2-255/+255
* Sync with mail/thunderbird-78.7.1.
2021-02-09thunderbird: Update to 78.7.1ryoon3-10/+14
Changelog: What's New CardDAV address books now support OAuth2 and Google Contacts. Changes Thunderbird will no longer allow installation of addons that use the legacy API Fixes Send message button sometimes remained enabled when it should be disabled Pressing command+enter to send a message on macOS did not work OpenPGP: Failed to save attachments that contained binary data after decryption Global search UI fixes Various theme and color fixes to improve ease of use
2021-02-09mail/roundcube: update to 1.4.11taca3-12/+12
RELEASE 1.4.11 -------------- - Display a nice error informing about no PHP8 support - Elastic: Fix compatibility with Less v3 and v4 (#7813) - Fix bug with managesieve_domains in Settings > Forwarding form (#7849) - Fix errors in MSSQL database update scripts (#7853) - Security: Fix cross-site scripting (XSS) via HTML messages with malicious CSS content
2021-02-08fetchyahoo: Removedtriaxx1-2/+1
2021-02-08fetchyahoo: Removetriaxx5-85/+0
Fetchmail is a Perl script that fetchs mail from Yahoo! account through HTTP requests. Unfortunately, these requests no longer work and fetchyahoo has not been maintained for a long time. As an alternative for fetching Yahoo! mails, mail/fetchmail works well and is actively developed.
2021-02-07*: Recursive revbump from audio/pulseaudio-14.2.nb1ryoon7-13/+14
2021-02-05Update to 0.17.1. From the changelog:schmonz2-8/+7
* fix unit tests in a clean environment * move default database path to ~/.local/share (Closes: GL#16) * default to data directory and add a deprecation warning (Closes: GL#17)
2021-02-03mail/ruby-roadie-rails: update to 2.2.0taca2-7/+7
2.2.0 (2020-12-07) * Support Rails 6.1 - A. Fomera (afomera)
2021-01-28thunderbird-l10n: Update to 78.7.0ryoon2-255/+255
* Sync with mail/thunderbird-78.7.0.
2021-01-28thunderbird: Update to 78.7.0ryoon3-36/+7
Changelog: What's New Extension API: Compose API now supports editing messages and templates as new messages Extension API: composeHtml is now exposed in MailIdentity Extension API: windows.update and windows.create now support titlePreface Extension API: new Accounts API functions: accounts.getDefault() and accounts.getDefaultIdentity(accountId) Changes Extension API: body and plainTextBody are now used as compose mode selectors in setComposeDetails and begin* functions in Compose API Theme: removed the double border around the task description field on the Tasks tab Fixes Account Manager: When deleting the last remaining account, the default account was not getting cleared and still pointed to the no-longer-existing account OpenPGP: Verification of an inline signed message would fail if it contained leading whitespace OpenPGP: Various other minor bug and stability fixes Mail Window: Quickfilter bar buttons disappear when hovered on Windows 10 High Contrast Black theme Theme: folder properties dialog contained black text on a black background in dark mode Theme: recipient pills in compose window were not visible in high contrast dark theme on Windows 10 Extension API: browserAction buttons were not restored after restart if they were moved outside the default toolbar Extension API: browser.compose.beginNew could not override identity plaintext setting Extension API: browser.compose.beginForward was ignoring ComposeDetails Extension API: browser.compose.setComposeDetails did not properly handle Windows-style line endings Various security fixes Security fixes: #CVE-2021-23953: Cross-origin information leakage via redirected PDF requests #CVE-2021-23954: Type confusion when using logical assignment operators in JavaScript switch statements #CVE-2020-15685: IMAP Response Injection when using STARTTLS #CVE-2020-26976: HTTPS pages could have been intercepted by a registered service worker when they should not have been #CVE-2021-23960: Use-after-poison for incorrectly redeclared JavaScript variables during GC #CVE-2021-23964: Memory safety bugs fixed in Thunderbird 78.7
2021-01-28Check whether "default" exists before creating the symlink. Bump PKGREVISION.schmonz2-4/+4
2021-01-27fetchmail: Update to 6.4.15triaxx3-9/+9
upstream changes: ----------------- fetchmail-6.4.15 (released 2021-01-03, 27614 LoC): # BUG FIXES * Fix a typo in the manual page reported by David McKelvie. * Fix cross-compilation with openssl, by Fabrice Fontaine. Merge request !23. * Fix truncation of SMTP PLAIN AUTH with ^ in credentials, by Earl Chew. Gitlab issue #23, merge request !25. fetchmail-6.4.14 (released 2020-11-26, 27608 LoC): # TRANSLATION UPDATES were made by these fine people: * sr: Мирослав Николић (Miroslav Nikolić) [Serbian]
2021-01-23Revbump all Go packages after go115 updatebsiegert1-2/+2
2021-01-23mutt: Update to version 2.0.5tron2-7/+7
This is a bug-fix release, fixing a few memory leaks. One of them was assigned CVE-2021-3181.
2021-01-21rspamd: Update to 2.7triaxx3-10/+14
upstream changes: ----------------- * Fixed issues with DKIM and ARC verification It was possible for some DKIM checks to fail where multiple signatures are present due to a canonicalisation bug. This issue has now been fixed. Arc plugin has also been fixed to support certain CV values. * Added support for S/MIME containers From this version, Rspamd supports .p7 containers and extracting signed parts during the checks. For details see the following issue. * Several important rules rework Anton Yuzhaninov has reworked many old rules in Rspamd improving their quality and has removed several outdated rules as well. * Support of caching for regexp multimaps Regexp maps can now be cached on disk which should improve loading speed of large maps on reload/restart of Rspamd if they are unchanged. * Neural plugin offline learning In this mode, Rspamd can train neural network from Clickhouse so it is possible to define better training conditions and manage learning for large systems with more fine grained control. Please refer to the corresponding documentation section for more details. Thanks to Andrew Lewis for implementing this functionality. * Other changes Here is the list of the important changes: [Conf] Add R_DKIM_PERMFAIL to the metric [CritFix] Dkim: Fix simple canonicalisation if multiple signatures are presented [CritFix] Fix controller paths normalisation [Feature] Add INVALID_DATE rule [Feature] Add controller endpoint for training neural [Feature] Add sanity checks for actions thresholds [Feature] Add support of ‘==’ and ‘!=’ in Rspamd expressions [Feature] Composites: Improve composite atoms parser [Feature] Docker: use Debian slim variant [Feature] Elastic: Add some missing fields [Feature] Extract text from img alt attributes [Feature] Improve charset detection logic [Feature] Lua_clickhouse: Add optional row callback for large selections [Feature] Lua_dns_resolver: Add idna_convert_utf8 method [Feature] Lua_mime: Add ability to do multipattern replacement [Feature] Lua_trie: Allow to report start of the match [Feature] Multimap: support adding map values as extra options [Feature] Neural: Move PCA learning to a subprocess [Feature] RBL: support matching content/image URLs only [Feature] RBL: support use of multiple selectors [Feature] Reputation: Allow to specify ip masks [Feature] Support SMIME signed messages container [Feature] Support multiple conditions for symbols [Feature] Support ping in milter mode [Feature] Support rspamd_text in selector regexps [Feature] Use own daemonization routine [Feature] Vadesecure: Implement settings_outbound feature as recommended by Vade [Feature] rspamadm clickhouse command [Feature] allow hyperscan for aarch64 [Fix] Allow to set priorities between post init scripts [Fix] Allow to use maps for strings that are not zero terminated [Fix] Apply max_lua_urls limit for emails as well [Fix] Arc: Fix CV check on signing [Fix] Arc: Fix signing of the broken ARC chains [Fix] Clickhouse: escape carriage return [Fix] Composites: Allow partial match [Fix] Deduct type of a table methods [Fix] Do not load errored hyperscan database [Fix] Do not process links in ignored html tags [Fix] Fix ClamAV result for cached encrypted file (#3395) [Fix] Fix canonicalisation when l= tag is presented [Fix] Fix flag shift [Fix] Fix handling of skip/skip_process http flags [Fix] Fix html attachments checks [Fix] Fix issue with pushing binary formats to Lua strings [Fix] Fix logging for rspamadm [Fix] Fix off-by-one with init check [Fix] Fix parsing of escape characters in quoted pairs [Fix] Fix pushing ucl strings with \0 inside [Fix] Fix quoted-printable soft newlines bugged case [Fix] Fix settings in case actions are set to null (#3415) [Fix] Fix several issues with auth results producing [Fix] Fix smtp comments exclusion [Fix] Fix smtp date syntax definition [Fix] Fix substring search in case if srchlen == inlen [Fix] Fix text selectors [Fix] Honour systemd setting when logging to console (#3514) [Fix] Html: Add entities collisions prevention logic (e.g. for mathml entities) [Fix] Lua_auth_results: Quote potentially bad values in AR header [Fix] Multimap: Fix flags usage [Fix] Multimap: Fix scoring for combined maps [Fix] Plug GList * leak in redis pool [Fix] RBL: allow for multiple matches of the same label if types are different [Fix] Rely on libev checks for file maps [Fix] Restore simple dkim canonicalisation mode [Fix] Return MimeCharset as we work with emails… [Fix] Spamassassin: Fix pcre_only flags [Fix] Spamassassin: Preserve ‘pcre_only’ flag when dealing with regexp replacements [Fix] Try to fix GError leak [Fix] Try to fix a mess with settings loading by adding priorities [Fix] Try to move setings initialisation to a later stage [Fix] Use dup fd in milter handler to avoid races with the proxy [Fix] Use message pointer to avoid obsolete data to be cached [Project] Rbl: Migrate to checks [Project] Rbl: Move config code outside of the plugin [Project] Ressurect empty prefilters as connection filters [Project] Support connection filters registration from Lua [Rework] Add final cleanup logic [Rework] Add preliminary support of hyperscan caching for re maps [Rework] Add stale cache removal [Rework] Clickhouse: Improve performance [Rework] Distinguish between strict config test mode [Rework] Furhter logging improvements [Rework] Milter_headers: improve extended_headers_rcpt support [Rework] Move parsers to a separate lua library [Rework] Neural: Skip composite symbols [Rework] Rbl: Rework defaults logic [Rework] Some tunes to cache saving [Rework] Track maps origins [Rework] Use full crypto hash for regexp maps [Rules] Remove broken rule
2021-01-21postfix: Update to 3.5.9triaxx3-24/+21
upstream changes: ----------------- This update improves the reporting of DNSSEC problems that may affect DANE security. DNSSEC support may unavailable because of local configuration, libc incompatibility, or other infrastructure issues. This was backported from Postfix 3.6. Background: DNSSEC validation is needed for Postfix DANE support; this ensures that Postfix receives TLSA records with secure TLS server certificate info. When DNSSEC validation is unavailable, mail deliveries using opportunistic DANE (security level 'dane') will not be protected by server certificate info in TLSA records, and mail deliveries using mandatory DANE (security level 'dane-only') will not be made at all. This update introduces the following behavior: when a process requests DNSSEC support (typically, for Postfix DANE support), the process may now do a runtime test to determine if DNSSEC validation is available. The new dnssec_probe parameter specifies a DNS query type (default: "ns") and DNS query name (default: ".") that Postfix may use to determine whether DNSSEC validation is available. Specify an empty value to disable this feature. When dnssec_probe is enabled, a Postfix process will send a DNSSEC probe after 1) the process made a DNS query that requested DNSSEC validation, 2) the process did not receive a DNSSEC validated response to this query or to an earlier query, and 3) the process did not already send a DNSSEC probe. When the DNSSEC probe has no response, or when the response is not DNSSEC validated, Postfix logs a warning that DNSSEC validation may be unavailable. Examples: warning: DNSSEC validation may be unavailable warning: reason: dnssec_probe 'ns:.' received a response that is not DNSSEC validated warning: reason: dnssec_probe 'ns:.' received no response: Server failure With this update, the Postfix build system will no longer automatically disable DNSSEC support when it determines that Postfix will use libc-musl. This removes the earlier libc-musl workaround introduced with Postfix 3.2.15, 3.3.10, 3.4.12, and 3.5.2.
2021-01-17mail/pear-Mail_Mime: update to 1.10.10taca2-7/+7
1.10.10 (2021-01-17 03:34 UTC) Changelog: * Compatibility fixes for PHP 5.2 and 5.3 [alec] * Corrected soft line breaks handling to be RFC compliant [ixs] * Corrected line breaks for lines ending in dots and length more than 74 [ixs]
2021-01-15Fix build on at least FreeBSD, CentOS, NetBSD, and Tribblix.schmonz4-4/+54
2021-01-15Add and enable bincimap.schmonz1-1/+2
2021-01-15Add bincimap, an IMAP server for Maildir.schmonz12-0/+283
Binc IMAP strives to be stable, fast, flexible, and RFC compliant. Like qmail-pop3d, it authenticates via a checkpassword program.
2021-01-14Take steps toward running under other UCSPI-TLS server implementations:schmonz5-30/+27
- Set CADIR in the environment. - Prefer a separate keyfile for TLS. If it's not present, attempt to generate it by copying out the private key from the certfile. - Don't provide an affordance for overriding the compiled-in cipherlist. - Be willing to enable TLS without a DH params file. While here, invent control/localfilters. If it exists, it's a sequence of filters for SMTP connections on localhost. Bump version.
2021-01-14Improve TLS setup instructions. Bump PKGREVISION.schmonz4-23/+28
2021-01-11mail/ruby-mime-types-data: update to 3.2020.1104taca2-7/+7
## 3.2020.1104 / 2020-11-04 - Updated the IANA media registry entries as of release date. - Added `application/x-zip-compressed`. [#36][]. - Updated the contributing guide to include information about the release process as described in [#18][]. - Corrected a misspelling of Yoran Brondsema's name. Sorry, Yoran. [#35][].
2021-01-09Add missing ifdef guard to fix OpenBSD build.schmonz2-1/+24
2021-01-04mail/dovecot2-pigeonhole: update to 0.5.13taca2-8/+7
Update dovecot2-pigeonhole package to 0.5.13. v0.5.13 2021-01-04 Aki Tuomi <aki.tuomi@open-xchange.com> - duplicate: The test was handled badly in a multiscript (sieve_before, sieve_after) scenario in which an earlier script in the sequence with a duplicate test succeeded, while a later script caused a runtime failure. In that case, the message is recorded for duplicate tracking, while the message may not actually have been delivered in the end. - editheader: Sieve interpreter entered infinite loop at startup when the "editheader" configuration listed an invalid header name. This problem can only be triggered by the administrator. - relational: The Sieve relational extension can cause a segfault at compile time. This is triggered by invalid script syntax. The segfault happens when this match type is the last argument of the test command. This situation is not possible in a valid script; positional arguments are normally present after that, which would prevent the segfault. - sieve: For some Sieve commands the provided mailbox name is not properly checked for UTF-8 validity, which can cause assert crashes at runtime when an invalid mailbox name is encountered. This can be caused by the user by writing a bad Sieve script involving the affected commands ("mailboxexists", "specialuse_exists"). This can be triggered by the remote sender only when the user has written a Sieve script that passes message content to one of the affected commands. - sieve: Large sequences of 8-bit octets passed to certain Sieve commands that create or modify message headers that allow UTF-8 text (vacation, notify and addheader) can cause the delivery or IMAP process (when IMAPSieve is used) to enter a memory-consuming semi-infinite loop that ends when the process exceeds its memory limits. Logged in users can cause these hangs only for their own processes.
2021-01-04mail/dovecot2: update to 2.3.13taca8-37/+19
Update mail/dovecot2 pacakge to 2.3.13, including security fixes. v2.3.13 2021-01-04 Aki Tuomi <aki.tuomi@open-xchange.com> * CVE-2020-24386: Specially crafted command can cause IMAP hibernate to allow logged in user to access other people's emails and filesystem information. * Metric filter and global event filter variable syntax changed to a SQL-like format. See https://doc.dovecot.org/configuration_manual/event_filter/ * auth: Added new aliases for %{variables}. Usage of the old ones is possible, but discouraged. * auth: Removed RPA auth mechanism, SKEY auth mechanism, NTLM auth mechanism and related password schemes. * auth: Removed passdb-sia, passdb-vpopmail and userdb-vpopmail. * auth: Removed postfix postmap socket + auth: Added new fields for auth server events. These fields are now also available for all auth events. See https://doc.dovecot.org/admin_manual/list_of_events/#authentication-server for details. + imap-hibernate: Added imap_client_hibernated, imap_client_unhibernated and imap_client_unhibernate_retried events. See https://doc.dovecot.org/admin_manual/list_of_events/ for details. + lib-index: Added new mail_index_recreated event. See https://doc.dovecot.org/admin_manual/list_of_events/#mail-index-recreated + lib-sql: Support TLS options for cassandra driver. This requires cpp-driver v2.15 (or later) to work reliably. + lib-storage: Missing $HasAttachment / $HasNoAttachment flags are now added to existing mails if mail_attachment_detection_option=add-flags and it can be done inexpensively. + login proxy: Added login_proxy_max_reconnects setting (default 3) to control how many reconnections are attempted. + login proxy: imap/pop3/submission/managesieve proxying now supports reconnection retrying on more than just connect() failure. Any error except a non-temporary authentication failure will result in reconnect attempts. - auth: Lua passdb/userdb leaks stack elements per call, eventually causing the stack to become too deep and crashing the auth or auth-worker process. - auth: SASL authentication PLAIN mechanism could be used to trigger read buffer overflow. However, this doesn't seem to be exploitable in any way. - auth: v2.3.11 regression: GSSAPI authentication fails because dovecot disallows NUL bytes for it. - dict: Process used too much CPU when iterating keys, because each key used a separate write() syscall. - doveadm-server: Crash could occur if logging was done outside command handling. For example http-client could have done debug logging afterwards, resulting in either segfault or Panic: file http-client.c: line 642 (http_client_context_close): assertion failed: (cctx->clients_list == NULL). - doveadm-server: v2.3.11 regression: Trying to connect to doveadm server process via starttls assert-crashed if there were no ssl=yes listeners: Panic: file master-service-ssl.c: line 22 (master_service_ssl_init): assertion failed: (service->ssl_ctx_initialized). - fts-solr: HTTP requests may have assert-crashed: Panic: file http-client-request.c: line 1232 (http_client_request_send_more): assertion failed: (req->payload_input != NULL) - imap: IMAP NOTIFY could crash with a segmentation fault due to a bad configuration that causes errors. Sending the error responses to the client can cause the segmentation fault. This can for example happen when several namespaces use the same mail storage location. - imap: IMAP NOTIFY used on a shared namespace that doesn't actually exist (e.g. public namespace for a nonexistent user) can crash with a panic: Panic: Leaked view for index /tmp/home/asdf/mdbox/dovecot.list.index: Opened in (null):0 - imap: IMAP session can crash with QRESYNC extension if many changes are done before asking for expunged mails since last sync. - imap: Process might hang indefinitely if client disconnects after sending some long-running commands pipelined, for example FETCH+LOGOUT. - lib-compress: Mitigate crashes when configuring a not compiled in compression. Errors with compression configuration now distinguish between not supported and unknown. - lib-compression: Using xz/lzma compression in v2.3.11 could have written truncated output in some situations. This would result in "Broken pipe" read errors when trying to read it back. - lib-compression: zstd compression could have crashed in some situations: Panic: file ostream.c: line 287 (o_stream_sendv_int): assertion failed: (!stream->blocking) - lib-dict: dict client could have crashed in some rare situations when iterating keys. - lib-http: Fix several assert-crashes in HTTP client. - lib-index: v2.3.11 regression: When mails were expunged at the same time as lots of new content was being saved to the cache (e.g. cache file was lost and is being re-filled) a deadlock could occur with dovecot.index.cache / dovecot.index.log. - lib-index: v2.3.11 regression: dovecot.index.cache file was being purged (rewritten) too often when it had a field that hadn't been accessed for over 1 month, but less than 2 months. Every cache file change caused a purging in this situation. - lib-mail: MIME parts were not returned correctly by Dovecot MIME parser. Regression caused by fixing CVE-2020-12100. - lib-mail: When max nested MIME parts were reached, IMAP BODYSTRUCTURE was written in a way that may have caused confusion for both IMAP clients and Dovecot itself when parsing it. The truncated part is now written out using application/octet-stream MIME type. - lib-mail: v2.3.11 regression: Mail delivery / parsing crashed when the 10000th MIME part was message/rfc822 (or if parent was multipart/digest): Panic: file message-parser.c: line 167 (message_part_append): assertion failed: (ctx->total_parts_count <= ctx->max_total_mime_parts). - lib-oauth2: Dovecot incorrectly required oauth2 server introspection reply to contain username with invalid token. - lib-ssl-iostream, lib-dcrypt: Fix building with OpenSSL that has deprecated APIs disabled. - lib-storage: When mail's size is different from the cached one (in dovecot.index.cache or Maildir S=size in the filename), this is handled by logging "Cached message size smaller/larger than expected" error. However, in some situations this also ended up crashing with: Panic: file istream.c: line 315 (i_stream_read_memarea): assertion failed: (old_size <= _stream->pos - _stream->skip). - lib-storage: v2.3 regression: Copying/moving mails was taking much more memory than before. This was mainly visible when copying/moving thousands of mails in a single transaction. - lib-storage: v2.3.11 regression: Searching messages assert-crashed (without FTS): Panic: file message-parser.c: line 174 (message_part_finish): assertion failed: (ctx->nested_parts_count > 0). - lib: Dovecot v2.3 moved signal handlers around in ioloops, causing more CPU usage than in v2.2. - lib: Fixed JSON parsing: '\' escape sequence may have wrongly resulted in error if it happened to be at read boundary. Any NUL characters and '\u0000' will now result in parsing error instead of silently truncating the data. - lmtp, submission: Server may hang if SSL client connection disconnects during the delivery. If this happened repeated, it could have ended up reaching process_limit and preventing any further lmtp/submission deliveries. - lmtp: Proxy does not always properly log TLS connection problems as errors; in some cases, only a debug message is logged if enabled. - lmtp: The LMTP service can hang when commands are pipelined. This can particularly occur when one command in the middle of the pipeline fails. One example of this occurs for proxied LMTP transactions in which the final DATA or BDAT command is pipelined after a failing RCPT command. - login-proxy: The login_source_ips setting has no effect, and therefore the proxy source IPs are not cycled through as they should be. - master: Process was using 100% CPU in some situations when a broken service was being throttled. - pop3-login: POP3 login would fail with "Input buffer full" if the initial response for SASL was too long. - stats: Crash would occur when generating openmetrics data for metrics using aggregating functions.
2021-01-03mail/php-mailparse: update to 3.1.1taca2-7/+7
3.1.1 (2020-09-16) - Fixed bug #74215: Memory leaks with mailparse (cmb) - Fixed bug #76498: Unable to use callable as callback (cmb) - Compatibility with 8.0.0beta4
2021-01-02notmuch: Update to 0.31.3ryoon2-8/+7
Changelog: What's new in notmuch 0.31.3 ========================= Bindings -------- Fix for exclude tags in notmuch2 bindings. Build ----- Portability update for T360-symbol-hiding Library ------- Fix for memory error in notmuch_database_get_config_list
2021-01-01Remove unneeded bglibs dependency. Bump PKGREVISION.schmonz4-19/+42
2021-01-01thunderbird-l10n: Update to 78.6.0ryoon2-255/+255
* Sync with mail/thunderbird-78.6.0.
2021-01-01thunderbird: Update to 78.6.0ryoon4-11/+37
* Fix build with devel/cbindgen-0.16.0. Changelog: New MailExtensions: Added browser.windows.openDefaultBrowser() Changes Thunderbird now only shows quota exceeded indications on the main window MailExtensions: menus API enabled in messages being composed MailExtensions: Honor allowScriptsToClose argument in windows.create API function MailExtensions: APIs that returned an accountId will reflect the account the message belongs to, not what is stored in message headers Fixes Keyboard shortcut for toggling message "read" status not shown in menus OpenPGP: After importing a secret key, Key Manager displayed properties of the wrong key OpenPGP: Inline PGP parsing improvements OpenPGP: Discovering keys online via Key Manager sometimes failed on Linux OpenPGP: Encrypted attachment "Decrypt and Open/Save As" did not work OpenPGP: Importing keys failed on macOS OpenPGP: Verification of clear signed UTF-8 text failed Address book: Some columns incorrectly displayed no data Address book: The address book view did not update after changing the name format in the menu Calendar: Could not import an ICS file into a CalDAV calendar Calendar: Two "Home" calendars were visible on a new profile Calendar: Dark theme was incomplete on Linux Dark theme did not apply to new mail notification popups Folder icon, message list, and contact side bar visual improvements MailExtensions: HTTP refresh in browser content tabs did not work MailExtensions: messageDisplayScripts failed to run in main window Various security fixes Security fixes: #CVE-2020-16042: Operations on a BigInt could have caused uninitialized memory to be exposed #CVE-2020-26971: Heap buffer overflow in WebGL #CVE-2020-26973: CSS Sanitizer performed incorrect sanitization #CVE-2020-26974: Incorrect cast of StyleGenericFlexBasis resulted in a heap use-after-free #CVE-2020-26978: Internal network hosts could have been probed by a malicious webpage #CVE-2020-35111: The proxy.onRequest API did not catch view-source URLs #CVE-2020-35112: Opening an extension-less download may have inadvertently launched an executable instead #CVE-2020-35113: Memory safety bugs fixed in Thunderbird 78.6
2021-01-01*: Recursive revbump from audio/pulseaudio-14.0ryoon7-12/+14
2021-01-01mutt: Update to version 2.0.4tron2-7/+7
This release fixes a few assorted bugs. Unfortunately, one of those (for large-file support) required a change to the header cache structures; so your header cache files will need to regenerate when opening each mailbox.
2021-01-01*: Recursive revbump from boost-1.75.0ryoon1-2/+2
2020-12-28newspipe: mark as python 2.x onlywiz1-2/+3
Errors immediately on startup. File "/usr/pkg/share/newspipe/newspipe.py", line 496 except HTTPError, e: ^ SyntaxError: invalid syntax Bump PKGREVISION.
2020-12-28mail/roundcube-plugin-enigma: reset PKGREVISIONtaca1-2/+1
Reset PKGREVISION by updating to 1.4.10.
2020-12-28mail/roundcube: update to 1.4.10taca5-16/+14
Update roundcube to 1.4.10, including security fix. RELEASE 1.4.10 -------------- - Fix extra angle brackets in In-Reply-To header derived from mailto: params (#7655) - Fix folder list issue whan special folder is a subfolder (#7647) - Fix Elastic's folder subscription toggle in search result (#7653) - Fix state of subscription toggle on folders list after changing folder state from the search result (#7653) - Security: Fix cross-site scripting (XSS) via HTML or Plain text messages with malicious content [CVE-2020-35730]
2020-12-26Remove now-actively-harmful 32-bit ARM hack from Mozilla packages.nia2-6/+2
2020-12-24Updated mail/opendmarc to 1.4.0beta1manu8-271/+97
Change since 1.3.1 from RELEASE_NOTES 1.4.0 2018/06/?? Add ARC support. Extensive work contributed by ValiMail. Add "DomainWhitelist" and "DomainWhitelistFile" config options. Extract client IP address for ARC reports when provided via Authentication-Results. Update SQL schema to support new reporting functionality for DKIM selectors and ARC local policy overrides (refer to the example schema.mysql file). Add experimental support for reporting of ARC local policy overrides. Add support for recording and reporting of DKIM selectors. Override a DMARC "fail" if an ARC "pass" is recorded in conjunction with an ARC policy pass. Fix bug #137: Handle base64 inside AR tokens that are values. Problem reported by Joseph Coffland. LIBOPENDMARC: Fix bug #203: Reject DMARC records that have duplicate tags in them. Reported by Dirk Stoecker. REPORTS: Feature request #146: Add option to pull input from a file. REPORTS: Fix bug #153: Suppress duplicate results from the same domain. Patch from Tomki Camp. 1.3.2 2017/03/04 Feature request #86: Change meaning of "RequiredHeaders" such that header validity is always checked, but messages are only rejected on that basis when the flag is set. Based on a patch from Andreas Schulze. Feature request #127: Log SPF results when rejecting. Requested by Patrick Wagner; patch from Andreas Schulze, follow-up patch from Juri Haberland. Feature request #138: Inculde policy and disposition information in an Authentication-Results comment. Based on a patch from Juri Haberland. Feature request #139: Include the client host name if known in failure reports. Suggested by Roland Turner; patch by Andreas Schulze. Fix bug #95: Assume IPv6 for SPF operations. Patch from Juri Haberland. Fix bug #120: Fix control logic around the SPF result. Reported by Christophe Wolfhugel; patch from Andreas Schulze. Fix bug #122: Don't skip the HELO milter phase when SPF is enabled. Reported by Christophe Wolfhugel. Fix bug #157: Fix logging of implicit authserv-ids. Reported by Andreas Schulze; patch from Juri Haberland. Fix bug #158: Log ignored connections. Patch from Andreas Schulze. Fix bug #160: Fix "SyslogFacility" handling. Patch from Juri Haberland. Fix bug #163: Use a larger buffer for the raw MAIL FROM value. Based on a patch from Andreas Schulze. Fix bug #174: Trim "!" suffixes from reporting addresses. Problem noted by Juri Haberland. Fix bug #186: When reloading the configuration file, the public suffix list was read in with the wrong comment indicator. Patch from Federico Omoto. Fix bug #194: Fix inappropriate DMARC status when "p=none" is discovered. Patch from Juri Haberland. Fix bug #195: When parsing Received-SPF, use the correct constants in the history file entries. Patch from Juri Haberland. LIBOPENDMARC: Fix bug #115: Fix type mismatch. Patch from Sebastian A. Siewior via Scott Kitterman. LIBOPENDMARC: Fix bug #121: Fix IPv6 CIDR matching in SPF code. Patch from Christophe Wolfhugel. LIBOPENDMARC: Fix bug #125: Compile time IPv6 fix. Reported by Christophe Wolfhugel. LIBOPENDMARC: Fix bug #131: Fix alignment bug. Patch from Andreas Schulze. LIBOPENDMARC: Fix bug #147: Fix stripping of whitespace from DMARC DNS records. Based on a patch from Job Noorman. LIBOPENDMARC: Fix bug #149: Apply "sp" setting, if present and applicable. Patch from Petr Novak. LIBOPENDMARC: Fix bug #154: Fix "rf" and "fo" processing logic. LIBOPENDMARC: Fix bug #156: Fix variable name. Patch by Andreas Schulze. LIBOPENDMARC: Fix bug #165: Fix logic in checking which SPF identifier was used. Patches from Marco Favero and Juri Haberland. LIBOPENDMARC: Fix bug #167: Don't return "fail" when we should return "none". Patch from Marco Favero. REPORTS: Fix bug #134: Handle SMTP errors correctly. Patch from Andreas Schulze. REPORTS: Fix bug #141: Set the HELO parameter correctly. Reported by Alan Smith; patch from Andreas Schulze. REPORTS: Fix bug #143: Fix logic in table truncation. Reported by Wayne Andersen; patch from Juri Haberland. REPORTS: Fix bug #162: Always report "sp" in aggregate reports. Patch from Juri Haberland. REPORTS: Fix bug #166: Fix report start/end time logic. Patch from Juri Haberland. REPORTS: Fix bug #188: Don't delete inputs too early in opendmarc-reports. Patch from Juri Haberland. TOOLS: Fix bug #161: "Forensic" reports were renamed "Failure" reports. Patch from Andreas Schulze. TOOLS: Fix bug #164: Handle IPv6 test addresses. Reported by Andreas Schulze; patch from Juri Haberland. DOCS: Patch #189: Replace the DMARC RFC with an HTML page referencing the relevant specs, since Debian doesn't consider RFCs to be "free". Patch from Scott Kitterman via Juri Haberland.
2020-12-20majordomo: make the List-Id header RFC2919 compliantspz3-7/+9
2020-12-16Update to 5.15. From the changelog:schmonz2-8/+7
- fix example spamc arguments in FAQ. Thanks: Christoph Scholzen. - document exit codes in manpages. Thanks: Langenxx Feld.
2020-12-15Define QMAIL_QUEUE_CUSTOM_ERROR. Ride recent update.schmonz1-1/+3
2020-12-15Update to 20201215. From the changelog:schmonz2-8/+7
- qmail-qfilter-{ofmipd,smtpd}-queue: Remove after 2 years' deprecation. If you're using these, please switch to qmail-qfilter-queue. - qmail-qfilter-viruscan: Optionally build with qmail-queue-custom-error support, returning the same error message as Russ Nelson's original viruscan patch. - qmail-qfilter-queue.8, qmail-rcptcheck.8: Add an ERRORS section.
2020-12-14Depend on qmail-acceptutils 20201214 for fixsmtpio(8) segfault fix.schmonz1-3/+3
Bump version.
2020-12-14Update to 20201214. From the changelog:schmonz2-7/+7
- fixsmtpio: Fix segfault by making sure eventq_get() returns a free()-able string.
2020-12-14mail/fetchmail: fix build on Darwin with gssapi or kerberos optionsdbj4-2/+64
Darwin doesn't install include files in ${KRB5BASE} (They are in the SDK instead) therefore let fetchmail use krb5-config to determine how to link against kerberos