| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
- Fix the default USER and GROUP substitution in the config file.
- Bump PKGREVISION for this.
|
|
|
|
PAM. Bump PKGREVISION.
|
|
Pkgsrc changes:
- patch-bb for no longer necessary (integrated upstream).
Changes since version 3.1.2:
============================
- bug 4926: given a certain set of parameters to spamd and a specially
formatted input message, users could cause spamd to execute arbitrary
commands as the spamd user
- bug 4932: the userstate dir and userprefs file would not be created
under certain conditions.
|
|
3.6.7 is a maintenance release
BUGFIX: Using UIDInSignature, wrong UID is written to message when using groups
BUGFIX: PostgreSQL driver does not reconnect on failure in daemon mode
BUGFIX: X-DSPAM-Probability sometimes misreported when multiple algorithms used
BUGFIX: Agent segfaults when DeliveryHost or ClientHost not specified, --client
BUGFIX: Agent segfaults on some systems when syslog is used
BUGFIX: Agent segfaults when dlopen() to storage library fails
BUGFIX: Infinite loop created when deleting preference, not using extensions
BUGFIX: ATX (agent context) does not hold enough bits for 'flags' variable
3.6.6 is a maintenance release
MAINT: Phased out deprecated Berkeley DB drivers
MAINT: Phased out legacy tools (dspam_corpus, dspam_genaliases)
BUGFIX: When using logfile, write errors result in segfault
BUGFIX: Compiler warnings with sqlite_drv and sqlite3_drv
BUGFIX: MySQLUIDInSignature causes segfault on retrain
BUGFIX: trainPristine preference "off" does not override default
|
|
While going through the tree, fix some more packages which had similiar
issues with too strict conflicts, bump the revisions of those.
|
|
|
|
Bump package revision.
|
|
from mailer.conf. Bump version.
|
|
mail/thunderbird-gtk1 to 1.5.0.4, and www/seamonkey, www/seamonkey-gtk1
and www/seamonkey-bin to 1.0.2 (salo has already updated www/firefox-bin).
Note that thunderbird skipped one release number (again) to stay on par
with firefox.
These updates provide:
* improvements to product stability,
* several important security fixes (see below).
Fixed in Firefox 1.5.0.4:
MFSA 2006-43 Privilege escalation using addSelectionListener
MFSA 2006-42 Web site XSS using BOM on UTF-8 pages
MFSA 2006-41 File stealing by changing input type (variant)
MFSA 2006-39 "View Image" local resource linking (Windows)
MFSA 2006-38 Buffer overflow in crypto.signText()
MFSA 2006-37 Remote compromise via content-defined setter on object prototypes
MFSA 2006-36 PLUGINSPAGE privileged JavaScript execution 2
MFSA 2006-35 Privilege escalation through XUL persist
MFSA 2006-34 XSS viewing javascript: frames or images from context menu
MFSA 2006-33 HTTP response smuggling
MFSA 2006-32 Fixes for crashes with potential memory corruption
MFSA 2006-31 EvalInSandbox escape (Proxy Autoconfig, Greasemonkey)
Fixed in Thunderbird 1.5.0.4:
MFSA 2006-42 Web site XSS using BOM on UTF-8 pages
MFSA 2006-40 Double-free on malformed VCard
MFSA 2006-38 Buffer overflow in crypto.signText()
MFSA 2006-37 Remote compromise via content-defined setter on object prototypes
MFSA 2006-35 Privilege escalation through XUL persist
MFSA 2006-33 HTTP response smuggling
MFSA 2006-32 Fixes for crashes with potential memory corruption
MFSA 2006-31 EvalInSandbox escape (Proxy Autoconfig, Greasemonkey)
Fixed in SeaMonkey 1.0.2:
MFSA 2006-43 Privilege escalation using addSelectionListener
MFSA 2006-42 Web site XSS using BOM on UTF-8 pages
MFSA 2006-41 File stealing by changing input type (variant)
MFSA 2006-40 Double-free on malformed VCard
MFSA 2006-39 "View Image" local resource linking (Windows)
MFSA 2006-38 Buffer overflow in crypto.signText()
MFSA 2006-37 Remote compromise via content-defined setter on object prototypes
MFSA 2006-35 Privilege escalation through XUL persist
MFSA 2006-34 XSS viewing javascript: frames or images from context menu
MFSA 2006-33 HTTP response smuggling
MFSA 2006-32 Fixes for crashes with potential memory corruption
MFSA 2006-31 EvalInSandbox escape (Proxy Autoconfig, Greasemonkey)
|
|
|
|
at configure time.
|
|
all PEAR packages to php?-pear-* and all Apache packages to ap13-* or
ap2-* respectively. Add new variables to simplify the Makefile
handling. Add CONFLICTS on the old names. Reset revisions of bumped
packages. ap-php will now depend on the default Apache and PHP version.
All programs using it have an implicit option of the Apache version
as well.
OK from jlam@ and adrianp@.
|
|
|
|
|
|
|
|
|
|
packages. Convert LDAP-based applications to depend on openldap-client, and
bump PKGREVISION for those that depend on it by default.
|
|
packages. Convert LDAP-based applications to depend on openldap-client, and
bump PKGREVISION for those that depend on it by default.
|
|
- fix attribute deletion error with Filter_classifier when
strip_delivered_to is set. Thanks: ?.
- do not consider qmail-local writing to stderr a delivery error.
Thanks: ?.
Remove nearly 2-year-old MESSAGE about upgrading from version 3.
|
|
Version 1.2.1 - 9 March 2006
----------------------------
- Buf fix; program fault when using the fetch*() family of functions.
Version 1.2 - 2 March 2006
--------------------------
- IPv6 support.
- Lua 5.1 compatibility.
- Bug fix; handle messages containing binary data.
- Bug fix; problems with CPU utilisation when the inactivity timeout timer was
set.
|
|
|
|
|
|
Pkgsrc changes:
- The updates for rule files go into $VARBASE/spamassassin/.
- This above directory and the directory sa-update-keys for the GPG keys
are now handled automatically by OWN_DIRS.
- The growing number of *.pre files are managed in a loop in the Makefile.
They are no longer contained in the static PLIST.
- Removed some unnecessary trailing slashes.
- Patching init.pre in order to disable the SPF plugin broke the spf.t
test. This is now fixed, although in a rather ugly way :-/.
- patch-ab no longer needs to use BSD_INSTALL_DATA_DIR because we create
the directories through INSTALLATION_DIRS.
- patch-ad and patch-az were removed (changes integrated upstream).
- patch-bb fixes a small documentation error.
- Fixed some warnings by pkglint about the SUBST framework in Makefile
and options.mk.
Relevant changes since version 3.1.1:
=====================================
- bug 4802: implement DKIM plugin, including whitelist_from_dkim support
- bug 3838: work around Perl bug causing captured RE variables to become
tainted -- thanks to Mark Martinec for pointing out the bug with
Perl itself
- bug 4850: re-enable the Razor2 plugin by default due to a service
policy change
- bug 4826: Razor2 plugin needs to load Mail::SpamAssassin::Timeout module
- bug 4827: M::SA::first_existing_path() would return the last array
entry passed in if none of the paths were found. Now return undef
instead and handle the error when it happens.
- bug 4813: generally open RE causes sendmail received header get read
in as qmail in error
- bug 4839: Logger.pm converts control chars including tab into
underscores which confuses a bunch of users when checking debug output.
Convert tab into space instead, etc.
- bug 4884: if a null message is passed in, there are several variables
which end up undefined causing warnings. fake an empty message if no
input is given.
- bug 4793: when replacing tags in a message (_TAG_), leave the tags
that don't exist alone instead of just removing them
- bug 4861, 4760: handle dccifd and dccproc failover properly, backport
relays_internal and relays_external code, backport bug 4760 fix so
that it's not possible to be in internal_networks without being in
trusted_networks as well
- bug 4901: deal more properly with failures in bgsend(). also, use
the proper variable to show when errors occur.
- bug 4867: fetchmail changed header formats at some point making Received
parsing fail in certain conditions
- bug 4699: use M::SA::Timeout for spamd copy_config call and allow for
empty $@ values
- bug 3754: if there's a problem opening a file via sa-learn or
spamassassin, return an error exit value.
|
|
non-tabs; else make(1) interprets it as a command line.
Fixes the following message on NetBSD 2.1:
make: "/export/SRC/netbsd/pkgsrc/mail/mailman/Makefile" line 31: Unassociated shell command "# use 'postfix' for postfix"
|
|
and add a commend what to change for postfix.
Before, this used group 'guest', which didn't work with any mailer,
so that's not perfect, but a step in the right direction.
|
|
|
|
|
|
|
|
MESSAGE_SUBST properly. No package should be setting MESSAGE anyway.
|
|
|
|
Solaris). The patch is from dovecot CVS (see the thread following
http://www.dovecot.org/list/dovecot/2006-May/013389.html), via PR
pkg/33489. Bump PKGREVISION.
|
|
|
|
2006-03-17 David F. Skoll
* VERSION 5.420 RELEASED
* Fix regression introduced in 5.419 -- quoted-printable
encoding would sometimes fail on "textual" MIME parts.
|
|
version 1.74: Tue Feb 28 08:39:14 CET 2006
- Help from [Jun Kuriyama]
|
|
|
|
> 8.13.6/8.13.6 2006/03/22
> SECURITY: Replace unsafe use of setjmp(3)/longjmp(3) in the server
> and client side of sendmail with timeouts in the libsm I/O
> layer and fix problems in that code. Also fix handling of
> a buffer in sm_syslog() which could have been used as an
> attack vector to exploit the unsafe handling of
> setjmp(3)/longjmp(3) in combination with signals.
> Problem detected by Mark Dowd of ISS X-Force.
> Handle theoretical integer overflows that could triggered if
> the server accepted headers larger than the maximum
> (signed) integer value. This is prevented in the default
> configuration by restricting the size of a header, and on
> most machines memory allocations would fail before reaching
> those values. Problems found by Phil Brass of ISS.
> If a server returns 421 for an RSET command when trying to start
> another transaction in a session while sending mail, do
> not trigger an internal consistency check. Problem found
> by Allan E Johannesen of Worcester Polytechnic Institute.
> If a server returns a 5xy error code (other than 501) in response
> to a STARTTLS command despite the fact that it advertised
> STARTTLS and that the code is not valid according to RFC
> 2487 treat it nevertheless as a permanent failure instead
> of a protocol error (which has been changed to a
> temporary error in 8.13.5). Problem reported by Jeff
> A. Earickson of Colby College.
> Clear SMTP state after a HELO/EHLO command. Patch from John
> Myers of Proofpoint.
> Observe MinQueueAge option when gathering entries from the queue
> for sorting etc instead of waiting until the entries are
> processed. Patch from Brian Fundakowski Feldman.
> Set up TLS session cache to properly handle clients that try to
> resume a stored TLS session.
> Properly count the number of (direct) child processes such that
> a configured value (MaxDaemonChildren) is not exceeded.
> Based on patch from Attila Bruncsak.
> LIBMILTER: Remove superfluous backslash in macro definition
> (libmilter.h). Based on patch from Mike Kupfer of
> Sun Microsystems.
> LIBMILTER: Don't try to set SO_REUSEADDR on UNIX domain sockets.
> This generates an error message from libmilter on
> Solaris, though other systems appear to just discard the
> request silently.
> LIBMILTER: Deal with sigwait(2) implementations that return
> -1 and set errno instead of returning an error code
> directly. Patch from Chris Adams of HiWAAY Informations
> Services.
> Portability:
> Fix compilation checks for closefrom(3) and statvfs(2)
> in NetBSD. Problem noted by S. Moonesamy, patch from
> Andrew Brown.
|
|
> Major changes compared to the Turba H3 (2.1) version are:
> * Fixed losing sessions when editing address books.
> * Added upgrade script for Oracle to upgrade from 1.2 to 2.x.
> * Fixes and improvements to the create_default_histories.php and
> public_to_horde_share.php scripts.
> * Updated Danish, Dutch, German, Greek, Estonian and Japanese translations.
> * Small bugfixes and improvements.
>
> The full list of changes (from version H3 (2.1)) can be viewed here:
>
> http://cvs.horde.org/diff.php/turba/docs/CHANGES?r1=1.181.2.68&r2=1.181.2.80&ty=h
|
|
>
> Major changes compared to the Ingo H3 (1.1) version are:
> * Restored backward compatibility with Horde 3.0.x.
> * Enabled the filter setting to stop further filtering by default.
> * Small bug fixes and improvements.
> * New translations: Estonian, Greek.
> * Updated translations: Danish, Dutch, German.
>
> The full list of changes (from version H3 (1.1)) can be viewed here:
>
> http://cvs.horde.org/diff.php/ingo/docs/CHANGES?r1=1.55.2.39&r2=1.55.2.49&ty=h
|
|
|
|
|
|
|
|
changes since 1.0beta7:
* Fixed a security hole with mbox: "1 LIST .. *" command could
list all directories and files under the mbox root directory, so
if your mails were stored in eg. /var/mail/%u/ directory, the
command would list everything under /var/mail.
+ Unless nfs_check=no or mmap_disable=yes, check for the first login
if the user's index directory exists in NFS mount. If so, refuse to
run. This is done only on first login to avoid constant extra
overhead.
+ If we have plugins set and imap_capability unset, figure out the
IMAP capabilities automatically by running imap binary at startup.
The generated capability list isn't updated until Dovecot is
restarted completely, so if you add or remove IMAP plugins you
should restart. If you have problems related to this, set
imap_capabilities setting manually to work around it.
+ Added auth_username_format setting
- pop3_lock_session setting wasn't really working
- Lots of fixes related to quota handling. It's still not working
perfectly though.
- Lots of index handling fixes, especially with mmap_disable=yes
- Maildir: saving mails could have sometimes caused "Append with UID
n, but next_uid = m" errors
- flock() locking never timeouted because ignoring SIGALRM caused the
system call just to be restarted when SIGALRM occurred (probably not
with all OSes though?)
- kqueue: Fixed "Unrecognized event". Patch by Vaclav Haisman
|
|
update checksums.
|
|
e.g. bin/paths.py wasn't always compiled before. Bump revision.
|
|
|
|
Make configure work with non sh shells
Fixes from Jukka Salmi and Lubomir Sedlacik on tech-pkg@
|
|
|
|
|
|
general idea is that the client should never know that it's not talking to
the real IMAP server. The only thing that makes this a slightly unique Imap
Proxy server is that it caches server connections.
|
