Age | Commit message (Collapse) | Author | Files | Lines |
|
Upstream changes:
version 2.22: Wed 27 Oct 16:54:38 CEST 2021
Changes:
- webm keeps on producting unexpected results [issue #11, Даша Федорова]
- iana updates
|
|
Upstream changes:
version 3.011: Tue 27 Jul 13:30:38 CEST 2021
Improvements:
- textAlternativeForHtml can now be configured to actually change
left- and rightmargin [Tristan Miller]
|
|
Upstream changes:
2.20210915 2021-09-15 11:10:20+00:00 UTC
- Fix for older versions of Perl
|
|
This takes advantage of the introduction of the SYSCONFBASE variable.
Tested on NetBSD/amd64.
Bumps PKGREVISION.
|
|
|
|
Requested by jperkin.
|
|
Quote from release announce:
Fixed in Postfix 3.6.3, 3.5.13, 3.4.23, 3.3.20:
* (problem introduced in Postfix 2.4, released in 2007): queue
file corruption after a Milter (for example, MIMEDefang) made
a request to replace the message body with a copy of that message
body plus additional text (for example, a SpamAssassin report).
The most likely impacts were a) the queue manager reporting a
fatal error resulting in email delivery delays, or b) the queue
manager reporting the corruption and moving the message to the
corrupt queue for damaged messages.
However, a determined adversary could craft an email message
that would trigger the bug, and insert into its queue file a
content filter destination or a redirect email address. Postfix
would then deliver the message headers there, in most cases
without delivering the message body. With enough experimentation,
an attacker could make Postfix deliver both the message headers
and body.
Some details of a successful attack depend on the Milter
implementation, and on the Postfix and Milter configuration
details; these can be determined remotely through experimentation.
Failed experiments may be detected when the queue manager
terminates with a fatal error, or when the queue manager moves
damaged files to the "corrupt" queue as evidence.
Technical details: when Postfix executes a "replace body" Milter
request it will reuse queue file storage that was used by the
existing email message body. If the new body is larger, Postfix
will append body content to the end of the queue file. The
corruption happened when a Milter (for example, MIMEDefang)
made a request to replace the body of a message with a new body
that contained a copy of the original body plus some new text,
and the original body contained a line longer than $line_length_limit
bytes (for example, an image encoded in base64 without hard or
soft line breaks). In queue files, Postfix stores a long text
line as multiple records with up to $line_length_limit bytes
each. Unfortunately, Postfix's "replace body" support did not
account for the additional queue file space needed to store the
second etc. record headers. And thus, the last record(s) of a
long text line could overwrite one or more queue file records
immediately after the space that was previously occupied by the
original message body.
Problem report by Benoit Panizzon.
* (problem introduced in Postfix 2.10, released in 2012): The
postconf "-x" option could produce incorrect output, because
multiple functions were implicitly sharing a buffer for
intermediate results. Problem report by raf, root cause analysis
by Viktor Dukhovni.
* (problem introduced in Postfix 2.11, released in 2013): The
check_ccert_access feature worked as expected, but produced a
spurious warning when Postfix was built without SASL support.
Fix by Brad Barden.
* Fix for a compiler warning due to a missing 'const' qualifier
when compiling Postfix with OpenSSL 3. Depending on compiler
settings this could cause the build to fail.
Fixed in Postfix 3.6:
* The known_tcp_ports settings had no effect. It also wasn't fully
implemented. Problem report by Peter.
* Fix for missing space between a hostname and warning text.
|
|
Notmuch 0.34.1 (2021-11-03)
===========================
Library
-------
Fix for deallocation and nulling of output parameter for
notmuch_database_{open_with,create_with,load}_config when errors
occur. This change fixes a potential use-after-free bug that has been
present since 0.32. This release also improves the documentation of
status returns for the same 3 functions.
|
|
|
|
0.5.17:
- duplicate: The Sieve duplicate test is prone to false negatives when
the user receives many e-mails concurrently, meaning that duplicate
deliveries can still occur.
- fileinto: v2.3.16 regression: Sieve delivery crashes if mail is
delivered to non-existing and existing folder.
- imap-filter-sieve: v2.3.15 regression: The CPU limits on Sieve
execution are too easily exceeded in IMAP context (the IMAPSieve and
FILTER=SIEVE capabilities). Changed the default to unlimited CPU time
for IMAP context, since similar excessive resource usage can be caused
by other means as well. The CPU limits on Sieve scripts executed at
LDA/LMTP delivery are still enforced by default.
- redirect: The Sieve redirect action has protections against users
triggering mail loops. Unfortunately, the detection of a redirect mail
loop sometimes causes the message to get lost if no other Sieve action
is applied that delivers the message somewhere else.
- redirect: v2.3.16 regression: With certain Sieve scripts if redirect
fails due to temporary failure, the lmtp process may crash after the
delivery. Fixes:
Panic: file mail-user.c: line 229 (mail_user_deinit):
assertion failed: ((*user)->refcount == 1).
|
|
2.3.17
* Dovecot now logs a warning if time seems to jump forward at least
100 milliseconds.
* dict: Lines logged by the dict process now contain the dict name as
the prefix.
* lib-index: mail_cache_fields, mail_always_cache_fields and
mail_never_cache_fields now verifies that the listed header names are
valid. Especially the UTF8 "–" character has sometimes been wrongly
used instead of the ASCII "-".
+ *-login: Added login_proxy_rawlog_dir setting to capture
rawlogs between proxy and backend.
+ dict: The server process now keeps the last 10 idle dict backends
cached for maximum of 30 seconds. Practically this acts as a
connection pool for dict-redis and dict-ldap. Note that this doesn't
affect dict-sql, because it already had its own internal cache.
+ doveadm: New stats add/remove commands added to support changing the
metrics configuration on runtime.
+ lazy_expunge: Added lazy_expunge_exclude settings to disable
lazy_expunge for specific folders. \Special-use flags can be used as
folder names.
+ lib-lua: Added a new helper function dovecot.restrict_global_variables()
to disable or enable defining new global variables.
- LAYOUT=index List index rebuild was missing.
- LAYOUT=index: Duplicate GUIDs were not detected.
- acl: When using acl_ignore_namespace Dovecot attempted to access or
create dovecot-acl-list even when the namespace should have been
ignored. For virtual namespaces this could have yielded errors about
"Read-only file system" or "Permission denied".
- auth: Setting the "master" passdb field to empty value would
cause proxying to fail with an authentication error.
Now an empty "master" field is ignored.
- doveadm-server: Duplicate error lines were sent for failed commands.
This didn't normally cause visible problems, except when using
wildcards in usernames or -A parameter to go through multiple users.
- doveadm-server: Logs written by doveadm-server were often missing log
prefixes, especially mail_log_prefix for mail commands. Logs sent to
doveadm TCP client were also missing log prefixes.
- doveadm: v2.3 regression: batch command always crashes.
- doveadm: v2.3.11 regression: Commands failed if ssl_cert or
ssl_key files weren't readable by the user running doveadm, even
though doveadm didn't actually use these settings
- imap-hibernate: Process may crash at deinit:
Panic: file ioloop.c: line 928 (io_loop_destroy): assertion failed:
(ioloop->cur_ctx == NULL).
- imap: Using imap_fetch_failure=no-after can cause assert-crash
with some IMAP commands if reading the mail fails (e.g. wrong cached
mail size). Fixes:
Panic: file index-mail-headers.c: line 198 (index_mail_parse_header_init):
assertion failed: (!mail->data.header_parser_initialized)
- imap: v2.3.10 regression: When using INDEXPVT to enable private
\Seen flags (for shared or public namespaces) the STORE command did
not send untagged replies for the \Seen flag changes.
- imap: v2.3.15 regression: If PREVIEW/SNIPPET is not the final FETCH
option in the command, the IMAP FETCH response is broken.
- imap: v2.3.15 regression: MOVE command leaks mailbox if it can't be
opened and crashes at deinit:
Panic: file mail-user.c: line 229 (mail_user_deinit): assertion failed:
((*user)->refcount == 1).
- imapc: Copying nonexistent mail via imapc could have crashed. Fixes:
Panic: file mail-storage.c: line 2385 (mailbox_transaction_commit_get_changes):
assertion failed: (ret < 0 || seq_range_count(&changes_r->saved_uids) == save_count ||
array_count(&changes_r->saved_uids) == 0).
- indexer: v2.3.15 regression: Process crashes if indexer-client
disconnects while it's waiting for command reply. This happened for
example if IMAP SEARCH triggered long fts indexing and the IMAP
client disconnected while waiting for the reply.
- indexer: v2.3.15 regression: Process may have crashed in some situations.
- indexer: v2.3.15 regression: indexer-worker processes may not have
reached the process_limit in some situations, possibly even using just
one indexer-worker process even though there were many indexing
requests queued.
- lib-compression: Reading lz4 compressed mdbox mails may crash. Fixes:
Panic: file istream.c: line 345 (i_stream_read_memarea):
assertion failed: (!stream->blocking).
- lib-compression: bench-compress crashes due to xz being read-only.
- lib-lua: Fix linking libdict_lua for non-GNU linkers when Lua support
is disabled.
- lib-mail: There was no limit on how large an email header name could be.
Processable header names are now limited to 1000 bytes.
- lib-oauth2: Dovecot disallowed JWT tokens if their validity time was
older than token creation time (nbf < iat).
- lib-storage: Reduce memory footprint of certain storage operations.
- lib-storage: When listing mailboxes with storage name escape
characters (^ or .) as part of the mailbox name, the listing could
show corrupted mailbox names. Due to an issue in handling escaped
parent folders, the listing of other mailbox names would become
corrupted by prepending parts of the previously listed mailboxes
parent folder as prefix to the actual mailbox names. The corruption
can occur when using LAYOUT=INDEX and maildir or obox, or when using
the listescape plugin.
- mail-crypt: Fix "-O" argument for "doveadm mailbox cryptokey password"
command to be a boolean, and not expect a string.
- submission-login: Add support for not authenticating to next hop in
submission proxying.
- submission-login: EHLO was not sent again after XCLIENT when doing
submission proxying.
- virtual: Mailboxes do not correctly detect underlying mailboxes
getting re-created even though they have a different UIDVALIDITY or
GUID.
|
|
* Buildlink to textproc/sfsexp for S-expression search.
Changelog:
Notmuch 0.34 (2021-10-20)
=========================
General
-------
An optional new s-expression based query parser is available if
notmuch is built with the `sfsexp` library. See
notmuch-sexp-queries(7) for syntax, and use `notmuch config get
built_with.sexpr_queries` to check if notmuch is compiled with
s-expression query support.
CLI
---
Support multiple `Delivered-To` headers in notmuch-reply(1).
Emacs
-----
Functions are now allowed in `notmuch-search-result-format`.
Improvements to unthreaded view on large threads.
Tolerate bad/missing working directory for most commands.
Allow customization of tree drawing symbols in notmuch-tree mode.
|
|
2021-10-29 Richard Russon <rich@flatcap.org>
* Features
- Notmuch: support separate database and mail roots without .notmuch
* Bug Fixes
- fix notmuch crash on open failure
- fix crypto crash handling pgp keys
- fix ncrypt/pgp file_get_size return check
- fix restore case-insensitive header sort
- fix pager redrawing of long lines
- fix notmuch: check database dir for xapian dir
- fix notmuch: update index count after `<entire-thread>`
- fix protect hash table against empty keys
- fix prevent real_subj being set but empty
- fix leak when saving fcc
- fix leak after `<edit-or-view-raw-message>`
- fix leak after trash to hidden mailbox
- fix leak restoring postponed emails
|
|
2.1.35 (19-Oct-2021)
Security
- A potential for for a list member to carry out an off-line brute force
attack to obtain the list admin password has been reported by Andre
Protas, Richard Cloke and Andy Nuttall of Apple. This is fixed.
CVE-2021-42096 (LP:#1947639)
- A CSRF attack via the user options page could allow takeover of a users
account. This is fixed. CVE-2021-42097 (LP:#1947640)
Bug Fixes and other patches
- Fixed an issue where sometimes the wrapper message for DMARC mitigation
Wrap Message has no Subject:. (LP: #1915655)
- Plain text message bodies with Content-Disposition: and no declared
charset are no longer scrubbed. (LP: #1917968)
- CommandRunner now recodes message bodies in the charset of the user's
or list's language to avoid a possible UnicodeError when including the
message body in the reply. (LP: #1921682)
- Delivery disabled by bounce notices to admins now have 'disabled'
properly translated. (LP: #1922843)
- DMARC policy discovery ignores domains with multiple DMARC records per
RFC 7849, (LP: 1931029)
|
|
All checksums have been double-checked against existing RMD160 and
SHA512 hashes
The following distfiles were unfetchable (possibly fetched
conditionally?):
./mail/qmail/distinfo netqmail-1.05-TAI-leapsecs.patch
|
|
Remove slang option, because slang support was removed.
2021-10-22 Richard Russon <rich@flatcap.org>
* Bug Fixes
- fix new mail notifications
- fix pattern compilation error for ~( !~>(~P) )
- fix menu display on window resize
- Stop batch mode emails with no argument or recipients
- Add sanitize call in print mailcap function
- fix `hdr_order` to use the longest match
- fix (un)setenv to not return an error with unset env vars
- fix Imap sync when closing a mailbox
- fix segfault on OpenBSD current
- sidebar: restore `sidebar_spoolfile` colour
- fix assert when displaying a file from the browser
- fix exec command in compose
- fix `check_stats` for Notmuch mailboxes
- Fallback: Open Notmuch database without config
- fix gui hook commands on startup
* Changed Config
- Re-enable `$ssl_force_tls`
* Translations
- 100% Serbian
- 100% Lithuanian
- 100% German
* Build
- Remove Slang from the build
- Warn about deprecated configure options
|
|
The native LDAP isn't compatible with the latest OpenLDAP that this package
expects. This really needs to be handled properly with an option but for
now this fixes the build and avoids inadvertently breaking anyone who
happens to be accidentally using LDAP support via builtin libraries.
|
|
its buildlink3.mk now includes openssl's buildlink3.mk
|
|
* Changes in release 0.8.5
Various changes to make it compile with newer g++ and libcrypto.
Manually parse /etc/resolv.conf, rather than attempting to make use of
the res data structure (which at least on OpenBSD no longer actually
contains the addresses of resolvers).
|
|
v3.4:
* t-prot, t-prot.1: Release as t-prot 3.4.
* t-prot, t-prot.1: Make documentation match Getopt::Long syntax:
e.g. -c=1 is not supported, use -c1 instead.
v3.3:
* t-prot: Release as version 3.3.
* t-prot: Removed trailing whitespace.
* t-prot: Small speedup: Run --pgp-short specific code only with
--pgp-short.
* t-prot: Fixed a bug with -Mmutt and pgp signed and encrypted
MIME/Multipart messages. Thanks to Axel Beckert for reporting!
v3.2:
* t-prot: Release as version 3.2.
* t-prot: Make bigq work when MS Tofu is detected with no text
above the quote, as with ZimbraWebClient.
* t-prot.1: Fix spelling error.
* t-prot.1: Update date string.
v3.1:
* t-prot: Release as t-prot v3.1.
* t-prot, t-prot.1: Support mutt-kz
(https://github.com/karelzak/mutt-kz) using -Mmutt-kz. Many
thanks to Hugo Roy for testing and reporting.
* t-prot: Unicode fix for MS Outlook.
v3.0:
* t-prot: After a very long testing phase, finally the version
update to 3.0.
* t-prot: Umlauts always are so wrong. Hopefully Outlook mails in
German are handled fine now.
* t-prot.1: Make clear that --pgp-move and --pgp-move-vrf also work
on SSL output.
* t-prot: Coding style cleanup in pgp().
* t-prot: Fix detection of unified diffs in the message body when
using --diff.
* t-prot.1: Update year.
* contrib/t-prot.sl: Reflect transition to slang2 in comments.
* contrib/t-prot.sl: Drop support for slang-1, default to slang-2.
* t-prot, contrib/muttrc.t-prot: Drop support for mutt-1.4. Default
to mutt-1.5.x strings.
* t-prot: Fix eYou Webmail Tofu.
* t-prot: Fix text/plain content-type detection with several user
agents.
v2.101:
* t-prot: Release as v2.101.
* t-prot: Add just another of mutt's decryption messages to the
list. This seems not to be translated yet, so no gettext() is
inserted this time.
v2.100:
* t-prot: Release as v2.100.
* t-prot: Add line to make -m filter Lotus Domino Webserver
produced TOFU.
* t-prot: Use uniform syntax notation for parameters in command
line options.
* t-prot.1: Use uniform syntax notation for parameters in command
line options.
v2.99:
* t-prot: Release as v2.99.
* t-prot, t-prot.1: New command line option --fixind to fix broken
quoting (regarding to RFC 3676). Perhaps this should not be
default, as there might be false positives if the message is
already quoted correctly. Quotes with this particular brokenness
are quite common, though. Patch by Simon Ruderich, many thanks.
* t-prot: Use index() instead of regex for $indent. Patch by Simon
Ruderich.
* t-prot: Revert new handling of empty lines at the beginning of
the body, as it removes lines where it should not.
* t-prot: Another bug with -c: Empty lines before the signature
were not handled properly. Patch by Simon Ruderich.
* t-prot: This causes -c1 to not create an empty line at the
beginning of the message if there were empty lines at the start
of the body. Patch by Simon Ruderich.
* t-prot, t-prot.1: Typos and documentation fixes regarding
$indent. Many thanks to Simon Ruderich.
v2.98:
* t-prot: Release as v2.98.
* t-prot.1: Clarify --lax-security description.
* t-prot: Use descriptive temp variable names when parsing command
line.
* t-prot.1: Mention configuration files for Heirloom mailx and
metamail. Avoid false impression with --lax-security.
* t-prot.1: Another Typo.
* t-prot.1: Fix spelling error. Thanks to Gerfried Fuchs!
v2.97:
* t-prot: Release as v2.97.
* t-prot, t-prot.1: Standard diff(1) output now is protected by
--diff, too. Many thanks to Martin Neitzel and Matthias Kilian.
v2.96:
* t-prot: Release as v2.96.
* t-prot: Allow -o /dev/null without bitching around.
* t-prot.1: Give some emergency help how to write to /dev/null. You
never know.
* t-prot.1: Remove repetition.
* t-prot: More syntax help fixes.
* t-prot.1: Update date string.
* t-prot.1: Fix --version description.
* t-prot.1: More syntax fixes.
* t-prot.1: Change option order for footer options.
* t-prot.1: More grouping: Footers.
* t-prot.1: Fix typo.
* t-prot, t-prot.1: Special output to "NONE" is not required. You
can use /dev/null.
* t-prot.1: Improve word flow.
* t-prot.1: Fix -i and -o syntax.
* t-prot.1: Improve MIME handling description.
* t-prot.1: Explain grouping of options and what happens if none
are specified. Be specific how MIME is handled.
* contrib/: mailcap.t-prot, nailrc.t-prot: New files: configuration
samples for metamail and Heirloom mailx (a.k.a. nail). Many
thanks to Martin Neitzel!
* t-prot.1: Fix -S syntax.
* t-prot: Fix -S syntax help.
* t-prot.1: Group options by meaning, rather than alphabetically.
Thanks to Martin Neitzel for suggesting.
* t-prot: Fix --help output order.
* t-prot: Fix -c syntax in --help, too.
* t-prot.1: Precisify wording for --ms-smart.
* t-prot.1: Be a little more specific as to what --ms-smart really
does.
* t-prot.1: Specify more clearly what locale to specify with
--locale. Thanks to Martin Neitzel for suggesting.
* t-prot.1: Fix -c syntax help.
* t-prot: Fix bad typo. Thanks to Martin Neitzel.
v2.95:
* t-prot: Big changes, we step a great deal towards the next major
version number. Release as v2.95.
* t-prot: Since Getopt::Mixed would break existing configurations
with the new -c command line switch behaviour, the migration to
Getopt::Long has been finished by now: This commit merges the big
bad Getopt::Long patch. Hope the performance issue does not turn
out to be too grave. Thanks to everyone for testing and providing
feedback.
* t-prot, t-prot.1, contrib/muttrc.t-prot, contrib/t-prot.sl: The
command line option -c now accepts an optional parameter
specifying the number of empty lines to remain. Thanks to Simon
Ruderich.
|
|
LibPST 0.6.76 (2021-03-27)
* Stuart C. Naifeh - fix rfc2231 encoding when saving messages
to both .eml and .msg formats.
|
|
* 2016-09-22: version 1.37
- added initial test suite
- testing using travis-ci (https://travis-ci.org/schweikert/postgrey)
- removed IP pool-detection code for --lookup-by-net, because it matched
also the naming of some big hosters like facebook (#32, Michal Petrucha,
Andrew Ayer, Jon Sailor)
- fix early logging of errors and warnings to syslog
- simplified IP matching code
- added support for IPv6 whitelists with netmask
- add network-range based whitelist for Office 365 (Holger Stember)
- updated whitelist
|
|
|
|
IMAPFilter 2.7.5 - 5 Dec 2020
- New "hostnames" option can be used to disable hostname validation.
- Bug fix; "certificates" option incorrectly controlled hostname validation.
|
|
v7.3.4 (2021-08-03)
Fixes
- folder: IMAP: fix issue when the response of searchforheaders is
the same UID multiple times. [Nicolas Sebrecht]
- Fix hooks for IDLE sync. [Reto Schnyder]
- Changed wrong comparison equal. [Rodolfo García Peñas (kix)]
- Comparison error. [Rodolfo García Peñas (kix)]
- remove outdated links to travis. [Nicolas Sebrecht]
- ui init is lintian clean. [Rodolfo García Peñas (kix)]
- Require the minimal dependencies in python package. [Martin Di Paola]
Changes
- README: update regarding the offlineimap3 fork. [Nicolas Sebrecht]
- redirect the users to offlineimap3. [Nicolas Sebrecht]
- threadutil imports not used. [Rodolfo García Peñas (kix)]
- Move out pkg attributes from __init__.py. [Martin Di Paola]
v7.3.3 (2020-04-11)
Features
- export env. variables when running account hooks. [Frank LENORMAND]
Fixes
- Fix stale gss api authentication security context. [Herton R. Krzesinski]
- Handle [ALREADYEXISTS] and Mailbox already exists!. [Chris Coleman]
Changes
- exec() the tunnel command. [martin f. krafft]
v7.3.2 (2019-12-17)
Fixes
- Revert "fix check for unsupported sep character". [Nicolas Sebrecht]
- Fixing the Arch Linux name. [Jaroslav Lichtblau]
v7.3.1 (2019-12-15)
Features
- Additional address for sysloghandler to handle mac. [Chris Coutinho]
- Added financial contributors to the README. [Jess]
- Introduce FUNDING.yml for opencollective. [Nicolas Sebrecht]
Fixes
- Fix check for unsupported sep character. [Nicolas Sebrecht]
- Contrib: use yaml.safe_load() instead of load(). [Nicolas Sebrecht]
- Ensure python2 in the release workflow. [Nicolas Sebrecht]
- Make docs: ensure py2 when running sphinx. [Nicolas Sebrecht]
Changes
- Update README.md. [Chris Coleman]
v7.3.0 (2019-08-19)
Features
- Implement Happy Eyeballs. [Olivier Mehani]
- imaplib2 v2.101. [Nicolas Sebrecht]
- imaplib2 v2.100. [Nicolas Sebrecht]
Changes
- Update readme to give an hint about Linux distros. [Dario Maiocchi]
- travis: remove python3.6. [Nicolas Sebrecht]
- README: add required dependency to rfc6555. [Nicolas Sebrecht]
imaplib2
- Do not use TIMEOUT_MAX for Condition.wait(). [Ilias Tsitsimpis]
- Use SSLContext if available so we send SNI. [Julien Cristau]
- Don't expect trailing space on command completion. [Ben Cotterell]
v7.2.4 (2019-06-08)
Features
- mkdir -p alike folder creation. [Kyle Altendorf]
Fixes
- Use portable locker to support cygwin in Windows. [kimim]
- contrib/release.py: don't break if sphinx-build is missing. [Nicolas Sebrecht]
Changes
- Update FSF postal address. [Jelmer Vernooij]
- repository/IMAP: update copyright header date. [Nicolas Sebrecht]
- PULL_REQUEST_TEMPLATE: add space between brackets to enable the edition
in the gui. [Nicolas Sebrecht]
|
|
- limit maildir nesting depth
- enable embedding arbitrarily long strings into IMAP commands
- CVE-2021-3578: fix handling of unexpected APPENDUID response code
- don't crash on malformed CAPABILITY responses
- tolerate INBOX mis-casing in Path
- make UIDVALIDITY recovery more strict about vanished messages
- improve error messages about irrecoverably changed UIDVALIDITY
- CVE-2021-20247: reject funny mailbox names from IMAP LIST/LSUB
- be more tolerant of formally malformed response codes
- fix bogus continuation of IMAP list parsing
- accept unsolicited FETCH responses (without payload) after all
- use correct <poll.h> header
|
|
0.90: minor cleanups
- Update various regular expressions to not break under a future
Perl 5.30 release
- Use a .sieve filename extension for temporary files, to assist
text-editors with mode selection.
|
|
This fixes the STARTTLS-related crash bugs mentioned here:
https://nostarttls.secvuln.info/
* Balsa-2.6.3 release. Release date 2021-08-18
- Improve Autocrypt-related error messages.
- Improvements to communication with GnuPG key servers.
- Create standard-compatible HTML messages.
- Implement sender-dependent HTML message preferences.
- Reuse HTTP connections when rendering HTML messages.
- Do not send empty Reply-To, Cc, etc headers.
- More robust IMAP parser and response handling.
- Code cleanups, platform-dependent build fixes
|
|
pkgsrc changes and notes:
- According to the release notes, this fixes CVE-2021-38370 by
Damian Poddebniak.
- I have added the maildir patch, as FreeBSD does, because it seems
useful.
- I have removed the non-trivial patch for OpenBSD, because going by
OpenBSD's ports repository it's no longer necessary at all.
Version 2.25 includes several new features and bug fixes.
Additions include:
* Unix Alpine: New configuration variable ssl-ciphers that allows users
to list the ciphers to use when connecting to a SSL server. Based on a
collaboration with Professor Martin Trusler.
* New hidden feature enable-delete-before-writing to add support for
terminals that need lines to be deleted before being written. Based on
a collaboration with Professor Martin Trusler.
* Experimental: The instruction to remove the double quotes from the
processing of customized headers existed in pine, but it was removed
in alpine. Restoring old Alpine behavior. See this
* Add the capability to record http debug. This is necessary to debug
XOAUTH2 authentication, and records sensitive login information. Do
not share your debug file if you use this form of debug.
* Remove the ability to choose between the device and authorize methods
to login to outlook, since the original client-id can only be used for
the device method. One needs a special client-id and client-secret to
use the authorize method in Outlook.
* PC-Alpine only: Some service providers produce access tokens that are
too long to save in the Windows Credentials, so the access tokens will
be split and saved as several pieces. This means that old versions of
Alpine will NOT be able to use saved passwords once this new version
of Alpine is used.
* PC-Alpine: Debug files used to be created with extension .txt1, .txt2,
etc. Rename those files so that they have extension .txt.
* Always follow â**suppress-asterisks-in-password-promptâ** setting in
the various password prompts. Submitted by Étienne Deparis.
* Use 'alpine -F' instead of 'pine -F' as the browser default pager.
Submitted by Étienne Deparis.
* Introduction of OTHER CMDS menu for the browser/pilot to let people
discover the two new commands: "1" is a toggle that switches between 1
column and multicolumn mode. The "." command toggles between hiding or
showing hidden files, and the "G" command to travel between
directories. Contributed by Étienne Deparis.
* Add option -xoauth2-flow to the command line, so that users can
specify the parameters to set up an xoauth2 connection through the
command line.
* Alpine deletes, from its internal memory and external cache, passwords
that do not work, even if they were saved by the user.
* New format for saving passwords in the windows credential manager for
PC-Alpine. Upon starting this new version of Alpine the passwords
saved in the credential manager are converted to the new format and
they will not be recognized by old versions of Alpine, but only by
this and newer versions of Alpine.
* Enabled encryption protocols in PC-Alpine are based on those enabled
in the system, unless one is specified directly.
Bugs that have been addressed include:
* The c-client library parses information from an IMAP server during
non-authenticated state which could lead to denial of service.
Reported by Damian Poddebniak from Münster University of Applied
Sciences.
* Memory corruption when alpine searches for a string that is an
incomplete utf8 string in a local folder. This could happen by
chopping a string to make it fit a buffer without regard to its
content. We fix the string so that chopping it does not damage it.
Reported by Andrew.
* Crash in the ntlm authenticator when the user name does not include a
domain. Reported and fixed by Anders Skargren.
* When forwarding a message, replacing an attachment might make Alpine
re-attach the original attachment. Reported by Michael Traxler.
* When an attachment is deleted, the saved message with the deleted
attachment contains extra null characters after the end of the
attachment boundary.
* Tcp and http debug information is not printed unless the default debug
level is set to 1. Print this if requested, regardless of what the
default debug level is.
* When trying to select a folder for saving a message, one can only
enter a subfolder by pressing the ">" command, rather than the normal
navigation by pressing "Return". Reported by Ulf-Dietrich Braunmann.
* Crash when attempting to remove a configuration for a XOAUTH2 server
that has no usernames configured.
* Crash caused by saving (and resaving) XOAUTH2 refresh and access
tokens in PC-Alpine. Reported by Karl Lindauer.
|
|
Added:
-Add forward mail option
-Add url_launcher config setting
-Add add_addresses_to_contacts command
-Add show_date_in_my_timezone pager config flag
-docs: add pager filter documentation
-mail/view: respect per-folder/account pager filter override
-pager: add filter command, esc to clear filter
-Show compile time features in with command argument
Fixed:
-melib/email/address: quote display_name if it contains ","
-melib/smtp: fix Cc and Bcc ignored when sending mail
-melib/email/address: quote display_name if it contains "."
|
|
* Security
- Fix CVE-2021-32055
* Features
- threads: implement the `$use_threads` feature
https://neomutt.org/feature/use-threads
- hooks: allow a -noregex param to folder and mbox hooks
- mailing lists: implement list-(un)subscribe using RFC2369 headers
- mailcap: implement x-neomutt-nowrap flag
- pager: add `$local_date_header` option
- imap, smtp: add support for authenticating using XOAUTH2
- Allow `<sync-mailbox`> to fail quietly
- imap: speed up server-side searches
- pager: improve skip-quoted and skip-headers
- notmuch: open database with user's configuration
- notmuch: implement `<vfolder-window-reset>`
- config: allow += modification of my_ variables
- notmuch: tolerate file renames behind neomutt's back
- pager: implement `$pager_read_delay`
- notmuch: validate `nm_query_window_timebase`
- notmuch: make $nm_record work in non-notmuch mailboxes
- compose: add `$greeting` - a welcome message on top of emails
- notmuch: show additional mail in query windows
* Changed Config
- Renamed lots of config, e.g. `askbcc` to `ask_bcc`.
* Bug Fixes
- imap: fix crash on external IMAP events
- notmuch: handle missing libnotmuch version bumps
- imap: add sanity check for qresync
- notmuch: allow windows with 0 duration
- index: fix index selection on `<collapse-all>`
- imap: fix crash when sync'ing labels
- search: fix searching by Message-Id in `<mark-message>`
- threads: fix double sorting of threads
- stats: don't check mailbox stats unless told
- alias: fix crash on empty query
- pager: honor mid-message config changes
- mailbox: don't propagate read-only state across reopens
- hcache: fix caching new labels in the header cache
- crypto: set invalidity flags for gpgme/smime keys
- notmuch: fix parsing of multiple `type=`
- notmuch: validate $nm_default_url
- messages: avoid unnecessary opening of messages
- imap: fix seqset iterator when it ends in a comma
- build: refuse to build without pcre2 when pcre2 is linked in ncurses
* Translation updates
|
|
|
|
|
|
|
|
|
|
If this is here, the build on NetBSD breaks with
In file included from gmime-filter-reply.c:21:
gmime-filter-reply.h:22:10: fatal error: gmime/gmime-filter.h: No such file or directory
22 | #include <gmime/gmime-filter.h>
| ^~~~~~~~~~~~~~~~~~~~~~
compilation terminated.
after
Checking for available C compiler warning flags...
-Wall -Wextra -Wwrite-strings -Wmissing-declarations
./configure: perl_absolute: parameter not set
./configure: perl_absolute: parameter not set
Disable test target as well.
|
|
Fix a build issue on SunOS (or likely any host that is already running a
gpg-agent which confuses the gpgme configure tests), and fix test target.
Notmuch 0.33.2 (2021-09-30)
===========================
Tests
-----
Improve reliability of T355-smime by changing gpgsm initialization.
|
|
Fixes various behaviour due to not correctly detecting GNU iconv during
configure. Test suite is now clean. Bump PKGREVISION.
|
|
|
|
2021-02-05 Richard Russon <rich@flatcap.org>
* Features
- Add <skip-headers> to skip past message headers in pager
- Add <view-pager> function to attachment menu
* Bug Fixes
- Fix detection of mbox files with new mail
- Fix crash on collapsed thread
- Fix group-chat-reply
- Clear the message window on resize
- Do not crash on return from shell-exec if there's no open mailbox
- Abort IMAP open if condstore/qresync updates fetch fails
- Fix smtp crash on invalid $smtp_authenticators list
- Fix pager dropped input on screen resize
- Fix mime forwarding
- Check config after hooks
- Always recreate a mailbox after folder-hook
* Translations
- 88% Slovakian
* Docs
- Adjust doc to explicitly mention $count_alternative
- Restore correct "$sort_re" documentation
- Clarify pattern completion
- Man pages: Clear up "-H" and "-O"
* Build
- Update to latest acutest
- Update to latest autosetup
- Make the location of /tmp configurable
|
|
|
|
|
|
inetd-like mail servers.
smtpd-starttls-proxy is a chainloading program that runs right before
the SMTP server on your command line. It interposes itself between the
client commands and the server, and implements STARTTLS on behalf of
the server.
|
|
3.2021.0901 (2021-09-01)
* Updated the Apache and IANA media registry entries as of release date.
* Added file extension for WebVTT text format. #46.
|
|
|
|
Notmuch 0.33.1 (2021-09-10)
===========================
General
-------
Replace the fully-qualified-domain-name of the host with "localhost"
in the default email address. This should fix two flaky subtests in
T590-libconfig.
|
|
This is a bug-fix release, fixing some of the fixes in last release. IMAP
users (and especially QRESYNC users) are again advised to upgrade.
|
|
This moves the configuration files for Roundcube plug-ins to $PKG_SYSCONFDIR,
where they should belong instead of $RC_DIR/$PLUGIN_DIR.
This works without any further patches, because Roundcube falls back to
RCUBE_CONFIG_DIR.'/'.$this->ID . '.inc.php' for plug-ins basically.
Bumps PKGREVISION for the plug-ins using ../../mail/roundcube/plugins.mk
(enigma, password, and zipdownload).
Tested on NetBSD/amd64.
OK taca@
|
|
|
|
meli aims for configurability and extensibility with sane defaults.
It seeks to be a mail client for both new and power users of the terminal, but
built today.
A variety of email workflows and software stacks should be usable with meli.
Integrate e-mail storage, sync, tagging system, SMTP client, contact management
and editor of your choice to replace the defaults.
features:
-email threads
-multithreaded
-embed your own editor
-plain text configuration
-multi-tasking with UI tabs
-IMAP, Maildir, notmuch, JMAP, mbox
-optional sqlite3 index search
-fast and minimal account configuration
-contact list (+read-only vCard support)
-forced UTF-8 - other encodings are read-only
|