| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
version 1.77: Fri May 11 14:16:01 CEST 2007
- fixed syntax error in qmail.pm, patch by [Alexey Tourbin]
also reported by [Volker Paulsen]
- die if qmail's exec fails.
- require Data::Format
- corrected header field folding according to rfc2822, which
may break some ancient (poor) applications.
Patch by [Christopher Madsen]
|
|
1.2.3
* Fix: queue display transpose bug
1.2.2
* Fix: added deletion routines to handle files in bounce subdirectory
* Fix: added whitespace remove line for pidof output reported by
Charlies (cng-oz)
1.2.1
* Corrected an error in the README, and one in the HISTORY
|
|
20070425
Bugfix: don't falsely report "lost connection from
localhost[127.0.0.1]" when Postfix is being portscanned.
Files: smtpd/smtpd_peer.c, qmqpd/qmqpd_peer.c.
20070430
Robustness: recommend a "0" process limit for policy servers
to avoid "connection refused" problems when the smtpd
process limit exceeds the default process limit. File:
proto/SMTPD_POLICY_README.html.
20070501
Safety: when IPv6 (or IPv4) is turned off, don't treat an
IPv6 (or IPv4) connection from e.g. inetd as if it comes
from localhost[127.0.0.1]. Files: smtpd/smtpd_peer.c,
qmqpd/qmqpd_peer.c.
20070508
Bugfix: Content-Transfer-Encoding: attribute values are
case insensitive. File: src/cleanup/cleanup_message.c.
20070514
Bugfix: mailbox_transport(_maps) and fallback_transport(_maps)
were broken when used with the error(8) or discard(8)
transports. Cause: insufficient documentation. Files:
error/error.c, discard/discard.c.
20070520
Bugfix (problem introduced Postfix 2.3): when DSN support
was introduced it broke "agressive" recipient duplicate
elimination with "enable_original_recipient = no". File:
cleanup/cleanup_out_recipient.c.
20070529
Bugfix (introduced Postfix 2.3): the sendmail/postdrop
commands would hang when trying to submit a message larger
than the per-message size limit. File: postdrop/postdrop.c.
20070530
Sabotage the saboteur who insists on breaking Postfix by
adding gethostbyname() calls that cause maildir delivery
to fail when the machine name is not found in /etc/hosts,
or that cause Postfix processes to hang when the network
is down.
20070531
Portability: Victor helpfully pointed out that change
20070425 broke on non-IPv6 systems. Files: smtpd/smtpd_peer.c,
qmqpd/qmqpd_peer.c.
|
|
stay
on par with Firefox?).
Security fixes in this version:
MFSA 2007-15 Security Vulnerability in APOP Authentication
MFSA 2007-12 Crashes with evidence of memory corruption
For more info, see http://www.mozilla.com/en-US/thunderbird/releases/1.5.0.12.html
|
|
|
|
Lots of bug fixes since 0.90.2. For details, see ChangeLog.
|
|
Lots of changes, see the HISTORY file for details.
|
|
|
|
* Make sure clamd is really running before starting clamsmtpd (pkg/36292)
|
|
Added support for STARTTLS, similar to the way SMTP AUTH is implemented -- if
a server certificate is available, spamdyke takes care of the TLS. If not
but qmail supports TLS, spamdyke passes it through.
Changed the read() and write() calls to the network to use macros named
NETWORK_READ() and NETWORK_WRITE() that are replaced by TLS routines when
TLS support has been compiled in.
Changed the smtp_filter() return codes to use a mask/flag system because the
possible permutations of PASS/INTERCEPT/QUIT with ADD/REMOVE/CAPTURE AUTH
and ADD/REMOVE/CAPTURE TLS and CHILD QUIT/CONTINUE were getting too complex.
Fixed search_file() to match a file entry where the search text matches the
entry completely but the entry has wildcard markers at the start and/or end.
Added TLS support to tests/sendrecv so TLS can be tested from scripts.
Fixed numerous small bugs in tests/sendrecv that were causing inaccurate test
results (false positives and false negatives).
Updated all of the test scripts to make renumbering them easier.
Added a new test script to exercise a small whitelist wildcard bug I found.
Added 10 new test scripts to exercise the new TLS features.
Changed process_command_line() and usage() to print a brief usage message if
no parameters are given.
Changed process_command_line() and usage() to print a brief error message if
a bad parameter is given.
Changed process_command_line() and usage() to print the full usage message if
-h or --help is given.
Changed process_command_line() and usage() to print the version header if -v
or --version is given.
Renamed test_smtpauth_crammd5, test_smtpauth_login and test_smtpauth_plain to
smtpauth_crammd5, smtpauth_login and smtpauth_plain, respectively.
Moved smtpauth_crammd5, smtpauth_login and smtpauth_plain from the utils
folder to tests/smtpauth, since they're only used by the test scripts
anyway.
Added alternate command line options for people who spell "gray" with an "e".
They do the same thing.
Updated the documentation.
|
|
of them apply together cleanly (and thus no PKGREVISION bump). Idea
from wiz.
|
|
Bump PKGREVISION
Use signed arithmetic in mutt_gecos_name to avoid an overflow.
From http://dev.mutt.org/hg/mutt/rev/47d08903b79b
And trac: http://dev.mutt.org/trac/ticket/2885
|
|
security vulnerabilities reported in CVE-2007-1558 and CVE-2007-2683.
|
|
Pkgsrc changes:
- The package supports installation to DESTDIR.
- Shortened COMMENT (hint by pkglint).
- This is purely a Perl module.
Changes since version 0.34:
===========================
1.01 13 Mar 2007
- Increase CPANTS score.
|
|
Pkgsrc changes:
- The package supports installation to DESTDIR.
- This is purely a Perl module.
Changes since version 2.131:
============================
2.132 2007-03-22
packaging improvements
|
|
by kwennoir at hotbox dot ru.
Bump PKGREVISION.
|
|
by kwennoir at hotbox dot ru.
Bump PKGREVISION.
|
|
Pkgsrc changes:
- none
Changes since version 2.83:
===========================
2.84 (May 10, 2007)
Update discovery hostname.
|
|
works well even if define both options or one of the options.
|
|
|
|
|
|
minor problem.
Bump PKGREVISION.
|
|
|
|
|
|
|
|
* The recursive download of remote folders was enabled.
* The quick search condition for each folder now persists between sessions.
* The selection now persists when the quick search condition is updated.
* SSL ports in Advanced tab of the account prefs dialog are now automatically
set when SSL is enabled.
* The '--open' command line option which open messages in new window was added.
* Quoted-printable or base64 encoding is now forced on PGP/MIME signing
instead of stripping trailing spaces
(except for the case of ISO-2022-JP encoding).
* The quoted-pair in From header is now processed correctly when displaying
its name.
* The performance of 'Mark all read' on IMAP folders was improved.
* The bug that the character '+' in address was treated as URI-escaped
space was fixed.
* Unix: the problem that 'Get' and 'Get all' button could not be clicked
after receiving while mouse pointer was over the buttons was fixed.
2.4.1:
* If shift or control key is pressed on address completion, only address
string is inserted now.
|
|
squirrelmail's options.
|
|
|
|
These options supersedes ja-squirrelmail package.
Bump PKGREVISION.
|
|
|
|
packages up to date.
|
|
potential crash on selecting files to attach on some machines
|
|
Pkgsrc changes:
- p5-Net-DNS not needed anymore.
Changes since version 2.82:
===========================
2.83 (May 8, 2007)
* Remove all uses of $' from code. This removes a global regex engine
slowdown. [issues.apache.org #5312]
* Comment out or replace shell commands with Perl equivalents. This
removes the prerequisites of uname(1) and GNU mkdir(1).
|
|
Pkgsrc changes:
- Software does not accept any version of p5-Crypt-OpenSSL-RSA anymore.
Changes since version 0.24:
===========================
* we now only sign headers that IETF recommends for signing
* it's now possible to "prettify" outgoing signatures, but this feature
is not enabled by default. To enable, do a "use Mail::DKIM::TextWrap"
in your program that signs messages. (This may change in a future
release.)
|
|
Suggested by schmonz.
|
|
Solaris again.
On NetBSD, find accepts both "-o" and "-or".
|
|
|
|
as discussed on tech-pkg.
|
|
mail/thunderbird-gtk1 has thunderbird-gtk1-2.0.0.0 now, as discussed
with gdt on tech-pkg.
|
|
thunderbird-2.0.0.0 now, as discussed with gdt on tech-pkg.
|
|
What's New in Thunderbird 2
* Message Tags: Create your own tags for organizing email. Messages can be
assigned any number of tags. Tags can be combined with saved searches and
mail views to make it easier to organize email.
* Visual Theme: Thunderbird 2's theme and user interface have been updated to
improve usability and maximize screen real estate.
* Session History Navigation: Back and Forward buttons allow navigation through
message history.
* Advanced Folder Views: Customize the folder pane to show favorite, unread or
recent folders.
* Easy Access to Popular Web Mail Services: Gmail and .Mac users can access
their accounts in Thunderbird by simply providing their user names and
passwords.
* Improved Support For Extensions: Extensions can now add custom columns to the
message list pane in addition to storing custom message data in the mail
database.
* Improved New Mail Notification Alerts: New mail alerts include information
such as the subject, sender and message preview text.
* Folder Summary Popups: Mouse over a folder with new messages to see a summary
of the new messages in that folder.
* Saved Search Folder Performance: Search results for saved search folders are
now cached, improving folder loading performance.
* Find As You Type: Finds and highlights message text as you type.
* Improved Filing Tools: Recent folder menu items for moving and copying
messages to recently used folders. Move / Copy again functionality.
* Updates to the Extension System: The extension system has been updated to
provide enhanced security and to allow for easier localization of extensions.
The Rumbling Edge has a more detailed list of notable bug fixes:
http://weblogs.mozillazine.org/rumblingedge/archives/2007/03/tb_2.html
|
|
2007/05/01 (thomasb)
----------
- Updated German, Euskara, Hungarian, Romanian and Spanish translation
- Added Hindi and Kurdish localization
2007/04/28 (thomasb)
----------
- LDAP access is back in address book (closes #1484087)
- Added search function for contacts
- New Template parsing and output encoding
- Fixed bugs #1484119 and #1483978
2007/04/08 (thomasb)
----------
- Fixed message moving procedure (closes #1484308)
- Fixed display of multiple attachments (closes #1466563)
- Fixed check for new messages (closes #1484310)
- List attachments without filename
2007/03/27 (thomasb)
----------
- New session authentication: Change sessid cookie when login, authentication with sessauth cookie is now configurable.
Should close bugs #1483951 and #1484299
2007/03/23 (thomasb)
----------
- Correctly translate mailbox names (closes #1484276)
- Quote e-mail address links (closes #1484300)
2007/03/21 (thomasb)
----------
- Updated PEAR::Mail_mime package
- Added Persian localization
- Updated Catalan and Brazilian Portuguese translations
- Updated INSTALL manual with a note about database passwords
- Accept single quotes for HTML attributes when modifying message body (thanks Jason)
- Sanitize input for new users/identities (thanks Colin Alston)
2007/03/19 (thomasb)
----------
- Don't download HTML message parts
- Convert HTML parts to plaintext if 'prefer_html' is off
- Correctly parse message/rfc822 parts (closes #1484045)
- Code cleanup
2007/03/18 (thomasb)
----------
- Also use user_id for unique key in messages table (closes #1484074)
- Hide contacts drop down on blur (closes #1484203)
- Make entries in contacts drop down clickable
- Turn off browser autocompletion on login page
- Quote <? in text/html message parts
- Hide border around radio buttons
- Replaced old JS function calls.
2007/03/13 (thomasb)
----------
- Applied patch for attachment download by crichardson (closes #1484198)
- Fixed bug in Postgres DB handling (closes #1484068)
- Fixed bug of invalid calls to fetchRow() in rcube_db.inc (closes #1484280)
- Fixed array_merge bug (closes #1484281)
- Fixed flag for deletion in list view (closes #1484264)
- Finally support semicolons as recipient separator (closes ##1484251)
- Fixed message headers (subject) encoding
pkgsrc changes:
* Make iconv and mbstring dependencies PKG_OPTIONS ("iconv" and "multibyte")
* Write logs and tempfiles under ${VARBASE}, not ${PREFIX}
* Cosmetic and pkglint-appeasing tweaks
|
|
|
|
|
|
Shortly after the release of SquirrelMail 1.4.10, a regression in the compose
form was discovered. Unfortunately the limited disclosure of security patches
does not allow for public testing, so this regression went unnoticed. We're
sorry for the inconvenience.
|
|
This version, 1.4.10 is a maintenance release, addressing
the following problems since 1.4.9a:
- Some security fixes (see below)
- Small enhancements
- A collection of bugfixes and stability enhancements
(see ChangeLog for a full list)
Security issues
===============
This release addresses security issues found since the release of 1.4.9a:
There's an ongoing battle to further secure the HTML filter against malicious
HTML mail and the browsers that accept almost any malformed piece of HTML.
This release contains fixes for the following:
- HTML attachments containing "data:" URLs;
- Internet Explorer in various versions accepts many permutations of HTML
and JavaScript in many charsets. We now properly canonicalize the incoming
HTML to us-ascii before applying further filters. IE only.
- Request forgery through images. It was possible to include "images" in
HTML mails which were in fact GET requests for the compose.php page sending
mail. These images are now properly detected, and the compose form will only
send mail through a POST request.
Thanks to Mikhail Markin, Tomas Kuliavas and Michael Jordon for reporting
(parts of) these issues and working with us to get them resolved.
These are known as CVE-2007-1262. Further details on SquirrelMail
vulnerabilities can be found at the following address:
http://www.squirrelmail.org/security/
|
|
Moved portions of spamdyke's code from spamdyke.c into new .c and .h files to
make it a little easier to understand and maintain.
Added base64_encode() and base64_decode() to transfer data to/from base64
format.
Added md5() to produce an MD5 digest of a data block. Turns out this wasn't
necessary for spamdyke, only for test_smtpauth_crammd5. Oops.
Renamed the "make openbsd" command to "make bsd" since apparently all *BSD
distributions don't need -lresolv.
Renamed search_ip_file() to search_tcprules_file() and extended it to support
IP ranges, rDNS names and remote info like tcprules does (according to
http://cr.yp.to/ucspi-tcp/tcprules.html). This makes the IP black/
whitelist files much more flexible. This will be much handier in the next
version (AKA The Great Configuration Overhaul).
Modified middleman() and smtp_filter(), added exec_checkpassword() so spamdyke
can do SMTP AUTH, either by offering it itself or observing the qmail
traffic. LOGIN, PLAIN and CRAM-MD5 are supported.
Changed the STRLEN_ macros in spamdyke.h to use a single STRLEN() macro so the
preprocessor will count characters instead of doing it by hand. Much safer
this way.
Removed "-a"'s (max number of recipients per message) dependence on "-d"
(local domains file). With SMTP AUTH, the local access file and whitelists,
this shouldn't be necessary.
Added process_access() to process local access files (e.g. /etc/tcp.smtp) and
export environment variables based on the source of the incoming connection.
Added relay prevention based on the content of the local access file(s) and
the list(s) of local domains. Connections from remote sources that are
granted relay permission in the access file(s) are allowed to relay. Users
who authenticate with SMTP AUTH are allowed to relay. All others must send
to local addresses only.
Added a series of test scripts to exercise all of spamdyke's filters and
options. This should make it easier to regression test new versions.
Changed search_file() and search_tcprules_file() to compare domain names in a
case insensitive manner.
Changed canonicalize_path() to reduce all file paths to lowercase. This was
causing graylisting to be inconsistant. Reported by bcarr@purgatoire.org.
|
|
pkglintification
Remove bdb option (this has been removed from src)
Rename some options as they are (currently) DSPAM specific
Change MASTER_SITES
Fix permissions on installed files
Thanks to xtraeme@ for reviewing the changes
* jonz: removed depricated oracle driver
* jonz: fix for dynamic storage drivers api
* jonz: added connect check for pgsql
* jonz: fix for segfault on undefined DeliveryHost or ClientHost
* jonz: fix for segfault in vsyslog()
* jonz: fix for segfault in dlopen() failure
* jonz: added OSB tokenizer
* jonz: fix for segfault on log write err
* jonz: segfault fix for UIDInSignature
See the CHANGELOG for all the details:
http://dspam.nuclearelephant.com/text/CHANGELOG-3.8.0.txt
|
|
pick up the new dependencies properly
|
|
|
