| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Upstream changes:
1.300018 2015-05-27 15:28:44-04:00 America/New_York
- stable release of changes from 1.300017
1.300017 2015-05-14 13:17:39-04:00 America/New_York (TRIAL RELEASE)
- cope with a double-encoding but in Net::SMTP
for details, https://rt.cpan.org/Ticket/Display.html?id=104433
|
|
* Sync with thunderbird-31.7.0.
|
|
Changelog:
Fixed in Thunderbird 31.7
2015-57 Privilege escalation through IPC channel messages
2015-54 Buffer overflow when parsing compressed XML
2015-51 Use-after-free during text processing with vertical text enabled
2015-48 Buffer overflow with SVG content and CSS
2015-47 Buffer overflow parsing H.264 video with Linux Gstreamer
2015-46 Miscellaneous memory safety hazards (rv:38.0 / rv:31.7)
|
|
- change rights for the spool, log and tmp directories from 0755 to 0750,
they contain sensitive information depending on configuration;
- fix the default paths of potential mime.types files;
- change config.inc.php to respect pkgsrc paths especially VARBASE;
No regression expected. Bump rev.
ok taca@.
|
|
v0.4.8 15-05-2015 Stephan Bosch <stephan@rename-it.nl>
* LDA Sieve plugin: Dovecot changed the deliver_log_format setting to include
%{delivery_time}. This prompted changes in Pigeonhole that make this release
dependent on Dovecot v2.2.17.
+ Implemented magic to make sieve_default script visible from ManageSieve
under a configurable name. This way, users can see the default rules, edit
them and store a private adjusted version. This could also be achieved by
copying the default script into the user's script storage, but updates to
the global sieve_default script would be ignored that way.
+ ManageSieve: Implemented support for reporting command statistics at
disconnect. Statistics include the number of bytes and scripts uploaded/
downloaded/checked and the number of scripts deleted/renamed.
- Fixed problem in address test: erroneously decoded mime-encoded words in
address headers.
- extprograms plugin: Fixed failure occurring when connecting to script
service without the need to read back the output from the external program.
- Fixed bug in script storage path normalization occurring with relative
symbolic links below root.
- Fixed and updated various parts of the documentation
- ManageSieve: Used "managesieve" rather than "sieve" as login service name,
which means that all managesieve-specific settings where ignored.
- Managesieve: Storage quota was not always enforced properly for scripts
uploaded as quoted string. Nobody uses that, but it is allowed in the
specification and we support it, so it should work properly.
|
|
v2.2.18 2015-05-15 Timo Sirainen <tss@iki.fi>
- director: Login UNIX sockets were normally detected as doveadm or
director ring sockets, causing it to break in existing installations.
- sdbox: When copying a mail in alt storage, place the destination to
alt storage as well.
v2.2.17 2015-05-13 Timo Sirainen <tss@iki.fi>
* Dovecot no longer checks or warns if a mountpoint is removed. This
was causing more trouble than it was worth. Make sure that all the
mountpoints that Dovecot accesses aren't writable by mail processes
when they're unmounted.
* dict server wasn't properly escaping/unescaping data. Fixing this
broke backwards compatibility with data that contains line feeds.
This hopefully affects only very few installations. If you're using
dict to save multiline data (Sieve scripts to SQL), you may be
affected.
* imap: SPECIAL-USE capability is no longer advertised if there are
no special_use flags specified for any mailboxes.
+ lmtp: Added lmtp_hdr_delivery_address setting to specify whether
to include email address in Delivered-To: and Received: headers.
+ Added initial version of full text search library, which includes
language-specific text normalization and filtering. This is still
in development, but it's already possible to use for testing with
fts-lucene and fts-solr.
+ lda, lmtp: deliver_log_format can now include %{delivery_time},
which expands to how many milliseconds it took to deliver the mail.
With LMTP %{session_time} also expands to how many milliseconds the
LMTP session took, not including the delivery time.
+ lmtp proxy: Mail delivery logging includes timing information.
+ imap: Most IMAP commands now include in the tagged reply how many
milliseconds it took to run the command (not counting the time spent
on waiting for the IMAP client to read/write data).
+ director: Implemented director_proxy_maybe passdb extra field to
be able to run director and backend in the same Dovecot instance.
(LMTP doesn't support mixed proxy/non-proxy destinations currently.)
+ doveadm: Added -F <file> parameter to read a list of users from the
given file and run the command for all the users. This is similar to
-A parameter reading the list of users from userdb lookup.
+ Implemented initial Cassandra CQL support as lib-sql backend. It's
only usable as dict backend currently.
+ Added quota-clone plugin to copy current quota usage to a dict.
- auth: If auth_master_user_separator was set, auth process could be
crashed by trying to log in with empty master username.
- imap-login, pop3-login: Fixed crash on handshake failures with new
OpenSSL versions (v1.0.2) when SSLv3 was disabled.
- auth: If one passdb fails allow_nets check, it shouldn't have failed
all the other passdb checks later on.
- imap: Server METADATA couldn't be accessed
- imapc: Fixed \Muted label handling in gmail-migration.
- imapc: Various bugfixes and improvements.
- Trash plugin fixes by Alexei Gradinari
- mbox: Fixed crash/corruption in some situations
|
|
|
|
Bump PKGREVISION.
|
|
5.506 2015-04-22 Dianne Skoll <dfs@roaringpenguin.com>
* VERSION 5.506 RELEASED
* Update maintainer's name to "Dianne Skoll"
|
|
* Fix bug in logic that coalesces multiparts to single-parts if
possible; the bug broke DKIM signing.
MIMEDefang 2.77 RELEASED
* Change old author's name to "Dianne Skoll" in many places.
MIMEDefang 2.76 RELEASED
* mimedefang.pl.in: Get rid of all Perl function prototypes.
Perl prototypes are badly-implemented and consensus among
modern Perl 5 programmers is they shouldn't be used.
https://www.securecoding.cert.org/confluence/display/perl/DCL00-PL.+Do+not+use+subroutine+prototypes
* Add support for filter_wrapup callback. This is called at the
very end and permits header modifications, but not body
modifications. Useful for DKIM-signing.
* mimedefang.pl.in: Fix typo: SOPHOS should have been SAVSCAN
* mimedefang.c: Don't add a MIME-Version header if there is already
one.
* Fix https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=646347
* Minor clarifications to mimedefang-filter man page.
* Add "All / Summary" button to watch-multiple-mimedefangs.tcl
|
|
Fixed a typo in the README file for the OpenSSL "dhparam" command. Thanks to
Eric Shubert for reporting this one.
Removed unused variables from the dns* commands in the utils folder to fix
compiler warnings.
Fixed a bug in read_file() that returned uninitialized pointers if a file
contained blank lines or comments at the top, causing segfaults when they
were free()d. Thanks to Jeffrey Gordon and Quinn Comendant for reporting
this one.
Changed the directory naming scheme in the "generator" program to include the
flowchart step numbers in the name. The old pattern was just too hard to
follow visually and far too difficult to search for a specific test.
Added more steps to the recipient validation flowchart and spamdyke-qrv's
recipient validation filter to correctly handle addresses that are forwarded
to an external address. Thanks to Stephen Marley for reporting this one.
Changed search_file() in spamdyke-qrv to return a "not found" result when the
file does not exist, instead of an error.
Added a delay loop to exec_command_argv() in spamdyke and spamdyke-qrv to work
around a race condition -- sometimes the child process will close its pipes
in preparation for exiting and the parent's waitpid() will fire before the
child has fully exited. This leads to erroneous returns showing the child
has not exited when it really only needed another timeslice or two. This is
fixed by looping with nanosleep() to wait a few tenths of a second after
seeing this return code.
Added a way to stop a test script run by creating a file named "stop". This
allows it to be stopped without killing the process and potentially leaving
the test platform in a partially (mis)configured state.
Fixed the accessor function for the header-blacklist-entry and
header-blacklist-file options to find their data in the filter_settings
object instead of the option_set object. This is because the data is moved
from the option_set immediately after it is set so the blacklist effect is
cumulative when set from configuration directories. Reading from the wrong
location meant the config-test feature was never testing those options at
all. Thanks to Stefan for reporting this one.
Fixed a pair of bugs in process_config_file(): one that would add empty values
to the end of a list of blacklist/whitelist files if a directive was
followed by a blank line and a commented-out directive (causing errors when
the values are used), the other that would throw errors if a line in a
configuration file contained only one space. Thanks to Les Fenison for
reporting these.
Fixed a bug in middleman() that would return an improper greeting when
injecting both AUTH and STARTTLS banners into the EHLO response. Clients
seeing this improper greeting would hang forever and eventually timeout.
Thanks to Elliot Denk for reporting this one and sending a patch!
Fixed a major thinko in smtp_filter that was carrying over the rejection data
between recipients, even if a recipient had a configuration directory file
that altered the overall configuration. This was leading to some
recipients being incorrectly rejected under very specific (and likely very
rare) conditions, which just happened to be met on my own server.
Fixed a bug in copy_base_options that was not copying the "reason" data from
the last rejection.
Fixed an infinite loop in dnsdummy when priorities over 0 are used.
Fixed a typo in dnsdummy that was truncating data when the verbose flags were
used (weird, yes).
Changed dnsdummy to fork a child process to return each query. This was the
easiest solution to implement to allow new queries to be processed while
waiting n seconds to send answers to previous queries. This is a fragile
and wasteful solution -- if dnsdummy were intended for production use, a
queue would be a much better solution.
Changed all of the "verbose"-level error messages to include the name of the
function, file and line that generated it. Every other message prefixed
with "ERROR" already did this, so this makes things more consistent.
Renamed all of the "FILTER" messages and added a new logging macro to print
them named SPAMDYKE_LOG_FILTER(). This way they can continue to be output
without function, file and line information.
Renamed the SPAMDYKE_LOG_CONFIG_TEST() macro to
SPAMDYKE_LOG_CONFIG_TEST_ERROR() and changed it to use LOG_LEVEL_ERROR
instead of having a special LOG_LEVEL_CONFIG_TEST setting. This way the
config-test messages can be changed to emit file, function and lines if
needed (or not).
Added SPAMDYKE_LOG_CONFIG_TEST_INFO() and SPAMDYKE_LOG_CONFIG_TEST_VERBOSE()
as analogs to SPAMDYKE_LOG_CONFIG_TEST_ERROR().
Changed dnsdummy to encode multiple answers in the same response, if its
config file contains multiple matches for the same query.
Fixed a bug in dnsdummy that was adding extra bytes to the end of each
answer. This turned out to be covering a matching (compensating) bug in
spamdyke's DNS parsing code. I really hate it when that happens!
Fixed a serious bug in nihdns_expand() that was causing spamdyke to
incorrectly parse DNS responses with multiple answers; it would use the
first answer, then skip the wrong number of bytes, causing it to conclude
any subsequent answers were corrupted.
Changed nihdns_expand() to return separate values for the number of bytes in
the decoded string and the number of bytes the string occupies in the DNS
packet. Due to packet compression, the numbers can be very different.
Changed generator to add records to the named configuration so domains will
resolve correctly during testing. Since using port numbers in resolv.conf
is not allowed, there is no easy way to use dnsdummy for these tests.
Discovered qmail-send does not check the percenthack or virtualdomains files
when resolving forward addresses, only locals and assign. Updated
spamdyke-qrv to behave the same way.
Refined the success/failure detection in generator after learning more about
qmail's behavior. If only it had some kind of accurate documentation...
Extended the tests created by generator to also test conditions where
spamdyke-qrv calls vpopmail to look up addresses. This increased the
number of spamdyke-qrv tests more than tenfold!
Added a "diagnostic output" flag to spamdyke-qrv to print the decision path
it used to evaluate the address. Also added a test to the test generator
to compare the diagnostic output with the expected decision path, to
catch tests that may be producing the desired effect for the wrong reason.
Fixed a bug in set_config_value() to make it possible to set
CONFIG_TYPE_NAME_MULTIPLE options to "none" or unset specific values.
Thanks to Konstantin for reporting this one.
Added flags to smtpdummy to advertise STARTTLS support in response to EHLO.
It doesn't actually do TLS, it just advertises it.
Fixed smtp_filter() to block a client's STARTTLS command if tls-level is
"none". Thanks to Les Fenison for reporting this one.
Added a flag to the configure script for both spamdyke and spamdyke-qrv to
compile with the address sanitizer library to catch memory access errors.
Adjusted the version string to show when the sanitizer is in use.
Changed the test scripts to always compile spamdyke with the address
sanitizer (if available) when testing. The tests run a lot slower, but
the sanitizer is too awesome to not use.
Fixed a buffer underrun in examine_entry that was causing segfaults when
searching files where wildcards are allowed at the beginning of the lines.
Thanks to Dirk Kannapinn for reporting this one.
Discovered a horrible problem with snprintf()'s %n format -- it returns the
number of bytes it _would_have_ written *if* there were infinite space, not
the number of bytes *actually* written as the man page states. So using %n
at the end of the format string as a substitute for immediately calling
strlen() is not safe. Good thing I don't ever do that, right? ...wait,
I use that feature EVERYWHERE! (grrrrr) Thanks to the Google Address
Sanitizer team for finding this one. Whoever implemented the %n feature
in glibc can report to me any time for a free punch in the throat.
I want my weekend back.
Reverted the (apparently) useless change from 4.3.0 to use %n in snprintf()
instead of the return value and replaced snprintf() with a macro named
SNPRINTF() that explicitly compares the return value with the size of the
buffer and returns the number of bytes ACTUALLY written.
Fixed a harmless buffer overrun in sub_examine_tcprules_entry() that could
have overwritten one byte of another variable on the stack with a null
byte. Since the address was valid and that other variable is set just
after the overwrite anyway, it wasn't actually a problem. But fixing it
makes the address sanitizer happy, so it's fixed.
Fixed a pair of huge buffer overruns in config_test_file_read() and
config_test_file_read_write() that could load 63K of file contents past
the end of the buffer (on the stack). Fortunately, these functions are
only used by the config-test feature, never during normal operation.
Fixed a buffer overflow in find_address() that would overwrite a single byte
in the caller's stack with a null byte when parsing BATV addresses. From
what I can tell, the effect of this bug would be to either truncate the
parsed address or cause a segfault.
Added undo_softlimit() to try to increase the "soft" limits on address space,
stack size and memory size to maximum if they are less than infinite (and
squawk if they cannot be reset to maximum). This will (hopefully) prevent
problems caused by DJB's "softlimit" program, which is a useless piece of
trash many qmail install guides *still* recommend using.
Fixed a bug in the logging code of tls_read() that was using an "error"
message to log at "verbose" level. The error message had more printf()
format specifiers than the verbose logger was providing, which was leading
to segfaults when the message was printed. Many thanks to Konstanin for
a lot of help tracking this one down.
|
|
Changes:
Version 1.6.2:
- A bug was fixed that prevented consecutive Bcc headers from being removed
properly.
|
|
|
|
|
|
|
|
|
|
This is a very large change, and incorporates the 4.8, 4.10, and 4.12 major
Xfce releases since 4.6.2, our previous pkgsrc release. For more information
about the thousands of changes in each major release since then, please see:
Xfce 4.12 announcement:
http://www.xfce.org/about/news
Xfce 4.12 tour:
http://www.xfce.org/about/tour
Xfce 4.10 announcement:
http://www.xfce.org/about/news/?post=1335571200
Xfce 4.10 tour:
http://www.xfce.org/about/tour410
Xfce 4.8 announcement:
http://www.xfce.org/about/news/?post=1295136000
Xfce 4.8 tour:
http://www.xfce.org/about/tour48
The pkgsrc changes since then are:
New packages:
archivers/xfce4-thunar-archive
graphics/elementary-xfce-icon-theme
mail/xfce4-mailwatch-plugin
misc/xfce4-time-out-plugin
multimedia/xfce4-thunar-media-tags
sysutils/xfce4-mount-plugin
sysutils/xfce4-taskmanager
sysutils/xfce4-thunar-vcs
sysutils/xfce4-verve-plugin
x11/xfce4-garcon
x11/xfce4-notifyd
x11/xfce4-tumbler
x11/xfce4-whiskermenu-plugin
Renamed packages:
devel/xfconf to devel/xfce4-conf
x11/libxfce4menu to x11/libxfce4ui
x11/xfce4-screenshooter-plugin to x11/xfce4-screenshooter
Updated packages:
audio/xfce4-mixer
audio/xfce4-xmms-plugin
devel/xfce4-dev-tools
editors/xfce4-mousepad
graphics/ristretto
meta-pkgs/xfce4-extras
meta-pkgs/xfce4
misc/xfce4-weather-plugin
multimedia/xfce4-mpc-plugin
net/xfce4-wavelan-plugin
sysutils/xfce4-appfinder
sysutils/xfce4-battery-plugin
sysutils/xfce4-cpugraph-plugin
sysutils/xfce4-diskperf-plugin
sysutils/xfce4-fsguard-plugin
sysutils/xfce4-genmon-plugin
sysutils/xfce4-netload-plugin
sysutils/xfce4-quicklauncher-plugin
sysutils/xfce4-systemload-plugin
sysutils/xfce4-thunar
sysutils/xfce4-xarchiver
sysutils/xfce4-xkb-plugin
textproc/xfce4-dict-plugin
time/xfce4-datetime-plugin
time/xfce4-orage
time/xfce4-timer-plugin
wm/xfce4-wm-themes
wm/xfce4-wm
x11/libxfce4gui
x11/libxfce4util
x11/xfce4-clipman-plugin
x11/xfce4-desktop
x11/xfce4-exo
x11/xfce4-eyes-plugin
x11/xfce4-gtk2-engine
x11/xfce4-notes-plugin
x11/xfce4-panel
x11/xfce4-places-plugin
x11/xfce4-session
x11/xfce4-settings
x11/xfce4-terminal
Removed packages:
sysutils/xfce4-volman
x11/xfce4-utils
This is based on a huge amount of work by the NetBSDfr team and Youri Mouton,
who takes over as MAINTAINER, and has been tested by Youri on a large number
of platforms prior to commit. A massive thanks to them. Any issues with the
import are mine alone as the committer-by-proxy.
|
|
Fixed in Postfix 3.0 and 2.11:
* Preparation for OpenSSL 1.2 API changes.
Fixed in all supported releases:
* The sender_dependent_relayhost_maps feature ignored the relayhost
setting in the case of a DUNNO lookup result. It would use the
recipient domain instead.
|
|
|
|
|
|
|
|
and remove "bdb" option.
Because Berkeley DB is always mandatory, it does not make sense to
force users to enable "bdb" option to use Berkeley DB.
|
|
--- 2.009 (2013-07-21 03:30)
Mail::SPF:
* Default to querying only TXT type RRs (query_rr_types = Mail::SPF::Server->
query_rr_type_txt). Experience has shown that querying SPF type RRs is
impractical.
--- 2.008 (2012-01-30 08:15)
Mail::SPF:
* Sanitize result local_explanation (as well as result object string
representation) by replacing all non-printable or non-ascii characters
with their hex-escaped representation (e.g., "\x00").
(Addresses: bugs.launchpad.net #806926)
Miscellaneous:
* Change openspf.org URLs to openspf.net because openspf.org is unreachable
indefinitely.
* Change <http://www.ietf.org/rfc/….txt> URLs
to <http://tools.ietf.org/html/…>.
* META.yml: configure_requires: Module::Build 0.2805
* META.yml: requires: Net::DNS 0.62 (was: 0.52) (Closes: rt.cpan.org #28545)
* META.yml: Revert to flat version numbers for perl and Net::DNS::Resolver::
Programmable build requirements to avoid Module::Build::Compat/Makefile.PL
incompatibilities. (Closes: rt.cpan.org #53231)
* Attempt to prevent a cascading failure in t/00.03-class-result.t that seems
to happen under rare, unknown circumstances. (Closes: rt.cpan.org #39099)
Debian:
* Declare Debian source package format as 3.0.
* Standards-Version: 3.9.2 (was: 3.8.3)
* Bump debhelper compatibility level to 7 (was: 5) and simplify debian/rules
using debhelper 7 features.
* debian/control: Simplify depdendencies under the assumption that package
will be installed on Debian Lenny (oldstable at the time of writing) or
later (or the Ubuntu equivalent).
* debian/watch: Use dist-based URL.
|
|
tech-pkg@ and pkgsrc-users@.
|
|
--------------
6.45 2015-04-09
Add bitcoin donation address
|
|
* Sync with thunderbird-31.6.0.
|
|
CHangelog:
Fixed in Thunderbird 31.6
2015-40 Same-origin bypass through anchor navigation
2015-37 CORS requests should not follow 30x redirections after preflight
2015-33 resource:// documents can load privileged pages
2015-31 Use-after-free when using the Fluendo MP3 GStreamer plugin
2015-30 Miscellaneous memory safety hazards (rv:37.0 / rv:31.6)
|
|
|
|
pkgsrc changes:
- gnome-keyring option has changed to secret option to reflect the upstream
change. For more information please read the changelog below.
Changes:
Version 1.6.1:
- The new configure option --with-tls replaces --with-ssl.
- A new configure option --disable-gai-idn was added.
Version 1.6.0:
- Support for SOCKS proxies was added. This allows msmtp to be used with Tor.
- GNOME Keyring support now uses libsecret instead of libgnome-keyring. It is
now documented how to use secret-tool to manage passwords for msmtp; the
obsolete msmtp-gnome-tool script is removed.
- Configuration file security is now only checked if the file actually contains
secrets such as passwords. (If you still store passwords in the configuration
file, consider using the passwordeval command or a key ring instead.)
- The GSSAPI authentication method is not chosen automatically anymore, you have
to request it manually if you really want to use it.
- From: and Date: headers are now added to mails if necessary, for compatibility
with sendmail, postfix, exim, and other MTAs. This can be disabled with the
add_missing_from_header and add_missing_date_header commands.
- Libidn is not required for IDN support anymore on systems where getaddrinfo()
supports the AI_IDN flag and the GnuTLS version is >= 3.4.0.
- The new remove_bcc_headers command replaces the old keepbcc command (but the
old command is still supported for compatibility).
- SSLv3 is disabled, and the obsolete tls_force_sslv3 command and
--tls-force-sslv3 option have no effect anymore.
|
|
|
|
Upstream changes:
3.008 2014-12-27 18:36:19-05:00 America/New_York
- make results of get_body be the same on Email::{Simple,MIME}
- ...but this method is a mess, so maybe avoid using Abstract for body
work
3.007 2013-12-31 10:39:14 America/New_York
fix skip count when MIME::Entity is not present
|
|
|
|
version 3.11.1.
Changlog:
3.11.1:
~~~~~~~~~~~~~~~~~~~~
* Use 'gnutls_priority' hidden account preference for POP3 and
STARTTLS connections, in addition to SMTP.
* RSSyl plugin: Enable use of .netrc to store network credentials.
* Remove dependency on intltool.
* Remove appdata.
* Updated translations: Norwegian Bokmål.
* Bug fixes:
o bug 3306, 'HTML tag is not always rendered in error
dialog'
o bug 3308, 'build ignores --localedir'
3.11.0:
~~~~~~~~~~~~~~~~~~~~
* SSLv3 server connections are now disabled by default, in response
to the POODLE vulnerability, see
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566.
* Several PGP/Core plugin improvements
Indicate when a key has been revoked or has expired when displaying
signature status. For example,
"Good signature from %s, but the key has expired."
"Good signature from %s, but the key has been revoked."
When displaying the full information, show the Validity, and the
Owner Trust level. Also indicate expired and revoked keys, and
revoked UIDs.
The "Content-Disposition: attachment" flag in PGP/MIME signed
messages has been removed. It was confusing for cetain MUAs.
* A new version of the RSSyl plugin, completely redesigned and
rewritten. Migration from the previous version is automatic,
it has a new storage format in ~/.claws-mail/RSSyl/ (hierarchical
directories instead of flat file format). It uses the expat
library instead of libxml2 for parsing feed data.
* The results of TAB address completion in the Compose window have
improved ordering.
Order of results:
1. Match beginning of name
2. Match beginning of additional names
3. Match complete email address before @
4. Match beginning of email address
5. Compare relative position of match
6. Compare name alphabetically
7. Compare address alphabetically.
* Due to popular demand, use of the Up key in the message body in the
Compose window stops at the top of the message body and does not
continue up to the header fields. This reverts the behaviour
introduced in version 3.10.0.
* In the Compose window, when navigating with the arrow keys,
selecting, and thus modifying, the Account selector is now
prevented.
* In the Compose window, a mnemonic (s) has been added to the Subject
line.
* The Queue folder is highlighted if there are messages in its sub-
folders and the tree is collapsed.
* When sorting messages by 'thread date', clicking the 'Date' column
header will now toggle between ascending/descending and will not
switch to 'date' sorting.
* A new QuickSearch filter has been added that searches a header's
content only.
H S : messages which contain S in the value of any header.
* A Reply-To field has been added to the main Template configuration.
* The menubar can now be hidden, default hotkey: F12.
* Fancy plugin: A user-controlled stylesheet can now be used.
* Python plugin: Add flag attributes to MessageInfo object.
* Python plugin: Make 'account' property of ComposeWindow read/write.
* Libravatar plugin: a network timeout option has been added.
* appdata has been added for package managers, it must be
specifically enabled, using ./configure --enable-appdata
See http://people.freedesktop.org/~hughsient/appdata/ for further
information.
* The tbird2claws.py script, for converting a Thunderbird mailbox to
a Claws Mail mailbox, now handles sub-directory recursion.
* Updated translations: Brazilian Portuguese, Bulgarian, Dutch,
Esperanto, Finnish, German, Hebrew, Lithuanian, Slovak, Spanish,
and Swedish
* Bug fixes:
o bug 3173, 'quick search ignores trailing blank'
o bug 3211, 'Fails to build in Debian hurd-i386 architecture'
o bug 3212, 'When msgnum matches a sub-folder name, fetch
fails'
o bug 3221, 'IMAP: Claws Mail has issues with Yahoo IMAP
server/folders'
o bug 3235, 'Extraneous double quotes inside base64-encoded
From header confuse 'Reply' action'
o bug 3236, 'sc_html_parse_tag() does not recognize '
'
as line break'
o bug 3246, 'attachment open: "remember this" ignored if
~/.mailcap does not exist'
o bug 3265, 'procmime.c: unbalanced flockfile() /
funlockfile()'
o bug 3300, 'Cannot send/receive mail when SSL 3.0 is not
supported on the server'
o Debian bug 755022, '[claws-mail-spam-report] likely useless
to report to Debian because of the use of http
instead of https'
o Disable SSL3.0 entirely as a Poodle fix.
o fix msg display when utf8_instead_of_locale_for_broken_mail
is turned off and you use a UTF-8 locale
o fix building without gnuTLS support
o Don't differentiate the protocols used when using direct
SSL/TLS versus STARTTLS
o disallow editing any account (even current account) when at
least one compose window is open
o Actually display "(No From)" in messageview's From column
when appropriate.
o When changing focus in folderview, make sure the newly
focused folder is visible first.
o various fixes to flaws reported by Coverity scan
o PGP/Core plugin: Don't automatically re-check signatures
o PGP/Core plugin: fix erroneous 'untrusted' msg based on
validity not trust
o Make INBOX case-insensitive (as RFC states)
o Python plugin: Fix ComposeWindow.get_account_selection
3.10.1:
* Add an account preference to allow automatically accepting
unknown and changed SSL certificates, if they're valid (that is,
if the root CA is trusted by the distro).
* RFE 3196, 'When changing quicksearch Search Type, set focus to
search input box'
* PGP/Core plugin: Generate 2048 bit RSA keys.
* Major code cleanup.
* Extended claws-mail.desktop with Compose and Receive actions.
* Updated Bulgarian, Brazilian Portuguese, Czech, Dutch, Esperanto,
Finnish, French, German,Hebrew, Hungarian, Indonesian, Lithuanian,
Slovak, Spanish, and Swedish translations.
* Bug fixes:
o bug 2728, 'erroneous switching from one to three column
view'
o bug 2981, 'claws-mail-3.9.3 compilation warnings'
o bug 3170, 'QuickSearch fights with View/Hide read threads
menu option'
o bug 3179, 'Win32: Please add 'gtk-auto-mnemonics = 1' to
GTK+ setting'
o bug 3201, 'Fix memory corruption in sc_html_read_line()'
o Debian bug 730050, 'vcalendar plugin crash'
o Fix GCond use with newer Glib
o Fix the race fix, now preventing the compose window to be
closed.
o Fix "File (null) doesn't exist" error dialog, when
attaching a non-existing file via --attach
o Fix spacing in Folderview if the font is far from the
system font
o RSSyl: When parsing RSS 2.0, ignore <link> tags with a
namespace prefix.
o RSSyl: Check for existence of xmlNode namespace, to prevent
NULL pointer crashes.
3.10.0:
* Complete SSL certificate chains are now saved, and if built with
Libetpan 1.4.1, the IMAP SSL connection's certificate chain is made
available. Both of these allow correct certificate verification
instead of a bogus 'No certificate issuer found' status.
* Auto-configuration of account email servers, based on SRV records,
is now possible. (GLib >= 2.22 is required.)
* Added a preference to avoid automatically drafting emails that are
to be sent encrypted, (Configuration/Preferences/Compose/Writing).
* Messages saved as Drafts are now saved as New, highlighting the
Drafts folder, in order to draw the attention to unfinished mails
there.
* It is now possible to add a 'Replace signature' button to the
Compose window toolbar.
* Quotation wrapping and undo/redo in the Compose window has been
improved.
* 'Reply to all' now excludes your own address.
* The 'Generate X-Mailer header' option has been renamed 'Add user
agent header' and applies to both X-Mailer and X-Newsreader
headers.
* Added hidden preferences, 'address_search_wildcard' and
'folder_search_wildcard', to choose between matching from start of
the folder name/address or any part of the name. (Activating these
options restores the previous behaviour.)
* Added hidden preference 'enable_avatars' to control the internal
capture/render process, and which allows disabling it by external
plugins for example.
* 'Check for new folders' now only updates the folder list, not
updating the contents of folders. If needed, it can be followed by
'Check for new messages'
* When using Redirect, the redirecting account's address is used in
the SMTP MAIL FROM instead of the original sender's address.
* NEW: Libravatar plugin, which displays avatars from
https://www.libravatar.org/
* Added support for an arbitrary number and sources of 'avatars' and
images for email senders, and migrated Face and X-Face headers.
* Avatars are now included when printing mails.
* The GPG keyring can now be used as the source for address auto-
completion.
* The vCalendar and RSSyl plugins now have an option to disable SSL
certificate verification (and check them by default).
* The ClamAV plugin now pops up an error message only once instead of
repeatedly
* Updated the man page and the manual.
* Updated Brazilian Portuguese, British English, Czech, Dutch,
Finnish, French, Hebrew, Hungarian, Indonesian, Lithuanian, Slovak,
Spanish, and Swedish translations.
* Added Esperanto translation.
* Bug fixes:
o bug 1644, 'race condition between message move and mark as
read after timeout'
o bug 2119, 'Check for new folders on remote mailboxes is
very slow'
o bug 2145, 'Claws becomes unresponsive and gets Killed while
moving messages between imap folders'
o bug 2179, 'Improve quotation wrapping support'
0 bug 2238, 'Incorrect undo/redo operations after paste with
replace from context menu'
o bug 2389, 'GnuPG: invalid/revoked user IDs accepted'
o bug 2398, 'Race when closing compose during drafting'
o bug 2447, 'Compose window crashes if moving a folder that
is being replied to'
o bug 2643, 'claws crash when accessing imap folder'
o bug 2875, 'SMTP session disconnects before recieving'
o bug 2991, 'POP3 sessions duplicated" on race conditions'
o bug 3020, 'Use theme doesn't change some icons until
restart'
o bug 3055, 'Claws segfaults when cancelling a sticky search
after changing folder'
o bug 3038, 'Select a folder incorrectly matches on number in
parentheses'
o bug 3039, 'displaying one specific html email lead in 100%
CPU usage'
o bug 3040, 'Handle revoked GPG private keys'
o bug 3050, 'Claws segfaults when attempting to delete a tag'
o bug 3094, 'OK or Yes to create new directory ?'
o bug 3100, 'Automatic account selection on reply fails if
name is quoted and contains a comma'
o bug 3105, 'vCal plugin via https does not check SSL peer
certificates or host'
o bug 3106, 'rssyl plugin does not verify SSL peer at all'
o bug 3107, 'Height of row in message list does not reflect
font size - three columns, small screen layout'
o bug 3116, 'invalid DTSTART in ics subscription makes claws
crash'
o bug 3117, 'full-day event shown from 01:00 to 01:00 next
day'
o bug 3120, '"Error - File is empty" when redirecting mail
with empty parts'
o bug 3131, 'Crash on reccurent events with no DTSTART'
o bug 3138, 'PGP/Inline crashes on signature check if gpgme
failed to init'
o bug 3139, 'Mainwindow unresponsive due to a busy loop'
o bug 3145, 'Memory corruption in imap_disconnect_all'
o bug 3146, 'Memory corruption when deleting a message from
folder'
o bug 3147, 'verify_folderlist_xml() leaks memory'
o bug 3148, 'Logic error in claws_get_socket_name()'
o bug 3150, 'etpan_certificate_check() leaks memory'
o bug 3155, 'Memory leaks found by Valgrind in
a9065aec26499a0e1294c73b6d9e6f039976521e'
o bug 3169, 'threaded message list performance issue'
o bug 3964, 'headers in wrong order -- file src/common/ssl.c'
o Fix lots of memory leaks
o Fix interference from liboverlay-scrollbar
o Fix some typos
o Fix some layout issues when user has large GTK font
o Fix message search starting from end
o Fix disappearing MIME icon highlight in mails with PGP
signatures
o When autoselecting account for a new message, quoted
recipient names are handled better.
o Python plugin: Also check for _PyGtk_API being a PyCapsule
o MailMBOX plugin: Fix parsing UTC dates
o vCalendar plugin: recognition of quoted parameter values,
which are legal.
o ClamAV plugin: Fix a format string error.
|
|
|
|
Update homepage.
changelog:
1.6:
Improved RFC822 and MIME parser
Implemented SEARCH using LITERAL+ for Gmail
Fixed SSL connections (don't force SSLv3)
1.5:
Gmail search features: X-GM-MSGID, X-GM-THRID, X-GM-RAW
Added POP stat
Various fixes for Windows
Fixed OpenSSL / GnuTLS implementation of retrieval of certificates
Fixed IMAP IDLE in case of COMPRESS-ed streams
Fixed base64 encoding
1.4:
Gmail search features: X-GM-MSGID, X-GM-THRID, X-GM-RAW
Added POP stat
Various fixes for Windows
Fixed OpenSSL / GnuTLS implementation of retrieval of certificates
Fixed IMAP IDLE in case of COMPRESS-ed streams
Fixed base64 encoding
|
|
|
|
|
|
1.02 2015-03-26
- make it work again under blead; thanks to Zefram for the patch
|
|
Sync with upstream version.
|
|
Try harder to avoid smtp_code values that are not three digits
1.537 2015-03-17
Recognize the standard Postfix "rejected by rbl" as spam
|
|
|
|
|
|
|
|
needed to dovecot2-pigeonhole compatible with Dovecot 2.2.16.
v0.4.7 19-03-2015 Stephan Bosch <stephan@rename-it.nl>
* editheader extension: Made protection against addition and deletion of
headers configurable separately. Also, the `Received' and `Auto-Submitted'
headers are no longer protected against addition by default.
* Turned message envelope address parse errors into warnings.
* The interpreter now accepts non-standard domain names, e.g. containing '_'.
+ Implemented the Sieve index extension (RFC 5260).
+ Implemented support for the mboxmetadata and servermetadata extensions
(RFC 5490).
+ Implemented new sieve commands for the doveadm command line utility. These
commands are currently limited to ManageSieve operations, but the other
current sieve tools will be migrated to doveadm in the near future as well.
+ Added more debug output about binary up-to-date checking.
+ Added script metadata to binary dump output.
- Fixed Sieve script binary up-to-date checking by normalizing the script
location.
- The Sieve interpreter now flushes the duplicate database during start phase
of result execution rather than commit phase. This makes sure locks on the
duplicate database are released as soon as possible, preventing contention.
- Performed a few optimizations in the lexical scanner of the language.
- Fixed bug in `:matches' match-type that made a pattern without
wildcards match as if there were a '*' at the beginning.
- Fixed crash in validation of the string parameter of the comparator tag.
- extprograms extension: Made sure supplemental group privileges are also
dropped. This was a problem reported by Debian lintian.
- Fixed bug in handling of binary errors for action side-effects and message
overrides.
- file script storage: Restructured storage initialization to address
backwards compatibility issues.
- dict script storage: Fixed small memory allocation bug.
|
|
RELEASE 1.1.1
-------------
- ACL: Allow other plugins to adjust the list of permissions and groups to edit
- Add possibility to print contact information (of a single contact)
- Add possibility to configure max_allowed_packet value for all database engines (#1490283)
- Improved handling of storage errors after message is sent
- Update to TinyMCE 4.1.9
- Unified request* event arguments handling, added support for _unlock and _action parameters
- Security: Generate random hash for the per-user local storage prefix (#1490279)
- Fix refreshing of drafts list when sending a message which was saved in meantime (#1490238)
- Fix saving/sending emoticon images when assets_dir is set
- Fix PHP fatal error when visiting Vacation interface and there's no sieve script yet (#1490292)
- Fix setting max packet size for DB caches and check packet size also in shared cache
- Fix needless security warning on BMP attachments display (#1490282)
- Fix handling of some improper constructs in format=flowed text as per the RFC3676[4.5] (#1490284)
- Fix performance of rcube_db_mysql::get_variable()
- Fix missing or not up-to-date CATEGORIES entry in vCard export (#1490277)
- Fix fatal errors on systems without mbstring extension or mb_regex_encoding() function (#1490280)
- Fix cursor position on reply below the quote in HTML mode (#1490263)
- Fix so "over quota" errors are displayed also in message compose page
- Fix duplicate entries supression in autocomplete result (#1490290)
- Fix "Non-static method PEAR::isError() should not be called statically" errors (#1490281)
- Fix parsing invalid HTML messages with BOM after <!DOCTYPE> (#1490291)
- Fix duplicate entry on timezones list in rcube_config::timezone_name_from_abbr() (#1490293)
- Fix so localized folder name is displayed in multi-folder search result (#1490243)
- Fix javascript error after creating a folder which is a subfolder of another one (#1490297)
- Fix bug where subject of sent/saved message was removed if mbstring wasn't installed (#1490295)
- Fix missing vcard_attachment icon on messages list (#1490303)
- Fix storing signatures with big images in MySQL database (#1490306)
- Fix Opera browser detection in javascript (#1490307)
- Fix so search filter, scope and fields are reset on folder change
- Fix rows count when messages search fails (#1490266)
- Fix bug where spellchecking in HTML editor do not work after switching editor type more than once (#1490311)
- Fix bug where TinyMCE area height was too small on slow network connection (#1490310)
- Fix backtick character handling in sql queries (#1490312)
- Fix redirct URL for attachments loaded in an iframe when behind proxy (#1490191)
- Fix menu container references to point to the actual <ul> element (#1490313)
- Fix javascripts errors in IE8 - lack of Event.which, focusing a hidden element (#1490318)
|
|
Make DB_SIGNINGTABLE symbol available in Lua scripts.
Fix bug #214: Handle arbitrarily large From: fields.
LIBOPENDKIM: Fix bug #213: Remove "dkim_default_senderhdrs" from
dkim.h.
LIBOPENDKIM: Fix bug #219: Unresolved CNAMEs are not failures,
according to the DNS (see RFC6604), so report them as
NXDOMAIN or similar.
2.10.0 2014/12/27
Feature request #182: Remove "AddAllSignatureResults". All signature
results will now be added via Authentication-Results header
fields.
Feature request #180: Rename "LDAPSoftStart" to "SoftStart" and apply
it to SQL connections as well.
Feature request #179: Add "IgnoreMalformedMail" option.
Fix bug #183: Discontinue support for ADSP. This removes the
following configuration file items:
AddAllSignatureResults LocalADSP
ADSPAction NoDiscardableMailTo
ADSPNoSuchDomain On-PolicyError
BogusPolicy SendADSPReports
DisableADSP SenderHeaders
LDAPSoftStart UnprotectedPolicy
Make "rrvs" and "smime" recognized Authentication-Results methods.
LIBOPENDKIM: Feature request #157: Add dkim_mail_parse_multi().
LIBOPENDKIM: Feature request #185: Add dkim_set_dnssec().
LIBOPENDKIM: Fix bug #183: Discontinue support for ADSP. This
means all of the following:
- the dkim_policy_t type has been removed
- the DKIM_POLICY_* constants have been removed
- the DKIM_PRESULT_* constants have been removed
- passing DKIM_OPTS_SENDERHDRS to dkim_options() now
results in an error
- the DKIM_PSTATE structure has been removed
- all of the following functions have been removed:
dkim_policy(), dkim_policy_dnssec(),
dkim_policy_getqueries(), dkim_policy_getreportinfo(),
dkim_policy_state_free(), dkim_policy_state_new(),
dkim_policy_syntax(), dkim_getpolicystr(),
dkim_getpresult(), dkim_getpresultstr(),
dkim_set_policy_lookup(), dkim_test_adsp()
LIBOPENDKIM: DKIM_LIBFLAGS_STRICTHDRS now also confirms syntactical
validity of the From field before proceeding with a signing or
verifying operation.
CONTRIB: Fix bug #207: Clean up the "stats" directory.
CONTRIB: Add "repute" directory which could eventually replace the
PHP implementation.
CONTRIB: Patches to systemd and init/redhat.
|
|
Fix bug #97: Add ability to change envelope sender, client IP
address, client hostname, and HELO value used in test
mode, via environment variables. This can be turned
into something more formal in a later release.
Fix bug #102: Don't lose SPF results and output the "-1" default.
Fix bug #103: Fix IgnoreAuthenticatedClients by requesting the
right macro value from the MTA.
Fix bug #113: Remove "TemporaryDirectory" (unused).
LIBOPENDMARC: Fix bug #104: Include <sys/param.h> and <resolv.h>
in <opendmarc/dmarc.h> so that MAXPATHLEN and MAXNS get
defined consistently.
LIBOPENDMARC: Fix bug #105: Get the h_errno definition from
<netdb.h> rather than declaring it.
LIBOPENDMARC: Fix bug #106: Clean up issues with the types passed
to opendmarc_policy_library_dns_hook().
DOCS: Fix bug #99: Update list of constraints on
opendmarc_policy_fetch_alignment().
REPORTS: Fix bug #108: Handle malformed mailto URIs in DMARC
records (e.g., just "mailto:").
REPORTS: Fix bug #110: Support SQL backend selection in
opendmarc-expire.
|
|
|
|
|
|
|
