| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
* Sync with thunderbird-38.7.0
|
|
Changelog:
Fixed in Thunderbird 38.7
2016-37 Font vulnerabilities in the Graphite 2 library
2016-35 Buffer overflow during ASN.1 decoding in NSS
2016-34 Out-of-bounds read in HTML parser following a failed allocation
2016-31 Memory corruption with malicious NPAPI plugin
2016-27 Use-after-free during XML transformations
2016-24 Use-after-free in SetBody
2016-23 Use-after-free in HTML5 string parser
2016-20 Memory leak in libstagefright when deleting an array during MP4 processing
2016-17 Local file overwriting and potential privilege escalation through CSP reports
2016-16 Miscellaneous memory safety hazards (rv:45.0 / rv:38.7)
|
|
LIBOPENDKIM: Make strict header checking non-destructive.
The last change to this code resulted in failing signatures.
2.10.2 2015/05/10
Fix bug #221: Report a DKIM result of "policy" if MinimumKeyBits
or UnprotectedKey cause the signature to result in a "pass"
override.
Fix bug #227: Revert removal of SenderHeaders configuration setting.
Document that it is now limited to signature selection.
LIBOPENDKIM: Fix bug #226: Deal with header fields that are
wrapped before there's any content.
CONTRIB: Update to contrib/systemd/opendkim.service.in
|
|
|
|
|
|
version 2.13: Mon 7 Mar 15:48:28 CET 2016
Fixes:
- not all information was extracted from the Apache tables.
[Thomas Eckardt]
|
|
|
|
|
|
|
|
* Add option to select gnupg2 and gnupg21
* Update MASTER_SITES
Changelog:
Enigmail 1.9.1
Released 2016-03-06, works with Thunderbird 38.0 & newer and SeaMonkey 2.35 & newer.
Notable Changes
This is a bugfix release
Important Note
This version requires GnuPG 2.0.7 or newer. GnuPG 1.4.x is not supported anymore.
Bugs fixed
Check the list of fixed defects.
Enigmail 1.9
Released 2016-02-24, works with Thunderbird 38.0 & newer and SeaMonkey 2.35 & newer.
Notable Changes
Added support for GnuPG 2.1
Backup and restore of keys and Enigmail settings
Messages are sent using PGP/MIME by default
Several new dialog windows that improve usability
Added support for protected headers (off by default)
There is no binary component anymore - this version runs on all platforms for which Thunderbird and GnuPG are available.
Important Note
This version requires GnuPG 2.0.7 or newer. GnuPG 1.4.x is not supported anymore.
Bugs fixed
Many bugs were fixed. Check the list of fixed defects.
|
|
|
|
No chnage except version.
|
|
not clear all bits. (Can happen on Linux --
https://bugs.launchpad.net/ubuntu/+source/coreutils/+bug/67583)
|
|
Exim version 4.86.2
-------------------
Portability relase of 4.86.1
Exim version 4.86.1
-------------------
HS/04 Add support for keep_environment and add_environment options.
This fixes CVE-2016-1531.
All installations having Exim set-uid root and using 'perl_startup' are
vulnerable to a local privilege escalation. Any user who can start an
instance of Exim (and this is normally *any* user) can gain root
privileges. If you do not use 'perl_startup' you *should* be safe.
New options
-----------
We had to introduce two new configuration options:
keep_environment =
add_environment =
Both options are empty per default. That is, Exim cleans the complete
environment on startup. This affects Exim itself and any subprocesses,
as transports, that may call other programs via some alias mechanisms,
as routers (queryprogram), lookups, and so on. This may affect used
libraries (e.g. LDAP).
** THIS MAY BREAK your existing installation **
If both options are not used in the configuration, Exim issues a warning
on startup. This warning disappears if at least one of these options is
used (even if set to an empty value).
keep_environment should contain a list of trusted environment variables.
(Do you trust PATH?). This may be a list of names and REs.
keep_environment = ^LDAP_ : FOO_PATH
To add (or override) variables, you can use add_environment:
add_environment = <; PATH=/sbin:/usr/sbin
New behaviour
-------------
Now Exim changes it's working directory to / right after startup,
even before reading it's configuration. (Later Exim changes it's working
directory to $spool_directory, as usual.)
Exim only accepts an absolute configuration file path now, when using
the -C option.
|
|
* Sync with thunderbird 38.6.0
|
|
Changelog:
Fixed Various security fixes.
Fixed Filters ran on a different folder than selected
Fixed For Windows systems on roaming profiles, could not display messages after Thunderbird update (related to Lightning updates)
Fixed in Thunderbird 38.6
2016-14 Vulnerabilities in Graphite 2
2016-03 Buffer overflow in WebGL after out of memory allocation
2016-01 Miscellaneous memory safety hazards (rv:44.0 / rv:38.6)
2015-150 MD5 signatures accepted within TLS 1.2 ServerKeyExchange in server signature
|
|
anyway, leading to build sadness. Add --without-ruby to CONFIGURE_ARGS
to match the current intent.
|
|
|
|
PostSRSd provides the Sender Rewriting Scheme (SRS) via TCP-based
lookup tables for Postfix. SRS is needed if your mail server acts
as forwarder.
|
|
|
|
|
|
While the INSTALLATION_DIRS code actually works fine with directories
that contain PREFIX (by removing it first), the documentation says
that values should be PREFIX-relative.
Pointed out by Petar Bogdanovic ($MAINTAINER).
|
|
For an unknown reason, the package build succeeds often with EGDIR not
explicitly created. However, sometimes it does not. Because a number
of directories are created by pkgsrc anyway, just add the troublesome
directories to the list. No PKGREVISION, since this does not affect
any build that previously succeeded.
|
|
Fixes build with the default settings.
|
|
It is v0.4.12 release of Pigeonhole for Dovecot v2.2.21.
v0.4.12 06-02-2016 Stephan Bosch <stephan@rename-it.nl>
+ Implemented the Sieve extracttext extension (RFC 5703; Section 7). It is now
possible to extract body text from a message into a variable.
* Increased ABI version due to changes in the Sieve interpreter's object
definitions.
- multiscript: Fixed bug in handling of (implicit) keep; final keep action was
always executed as though there was a failure. This caused the keep action
to revert back to the initial message, causing editheader actions to be
ignored.
- managesieve-login: Fixed proxy to allow SASL mechanisms other than PLAIN.
Before, the proxy would fail if the server did not support the PLAIN
mechanism.
- ldap storage: Prevent segfault occurring when assigning certain (global)
configuration options.
v0.4.11 08-01-2016 Stephan Bosch <stephan@rename-it.nl>
- Sieve mime extension: Fixed the header :mime :anychild test to work properly
outside a foreverypart loop.
- Several fixes in message body part handling:
- Fixed assert failure occurring when text extraction is attempted on a
empty or broken text part.
- Fixed assert failure in handling of body parts that are converted to text.
- Fixed header unfolding for (mime) headers parsed from any mime part.
- Fixed trimming for (mime) headers parsed from any mime part.
- Fixed erroneous changes to the message part tree structure performed when
re-parsing the message.
- LDA Sieve plugin: Fixed logging of actions; sometimes the configured log
format was not followed.
- LDA Sieve plugin: Fixed bug in error handling of script storage
initialization.
- Sieve Extprograms plugin: Ignored ENOTCONN error in shutdown(fd, SHUT_WR)
call.
- Fixed duplication of discard actions in the script result. Each discard was
counted as a separate action, which means that action limit would be crossed
too early.
- Made sure that quota errors never get logged as errors in syslog.
- Fixed handling of implicit keep for a partially executed transaction that
yielded a temporary failure.
- Fixed handling of global errors. If master and user error handler were
identical, in some cases the log message could be lost.
- Fixed AIX compile issue in message body parser.
v0.4.10 13-12-2015 Stephan Bosch <stephan@rename-it.nl>
+ Implemented the Sieve mime and foreverypart extensions (RFC 5703). These
are fully implemented. The interaction with the editheader extension needs
some work, but this should not influence most uses; i.e., changes by the
editheader extension are not always visible using foreverypart/mime.
+ Sieve body extension: Properly implemented the `:text' body transform. It
now extracts text for HTML message parts.
+ Sieve enotify extension: mailto method: Implemented the
sieve_notify_mailto_envelope_from setting. This allows configuring the
source of the notification sender address for e-mail notifications. This is
similar to what already can be configured for redirect.
+ Added a sieve_enabled (defaults to 'yes') setting that allows explicitly
disabling Sieve processing for particular users. This used to be possible by
setting `sieve=', but ever since the sieve_before, sieve_after and
sieve_default settings were added, this method was not reliable anymore.
- variables extension: Fixed handling of empty string by the `:length' set
modifier. An empty string yielded an empty string rather than "0".
- Fixed memory leak in the Sieve script byte code dumping facility. Extension
contexts were never actually freed.
- Fixed handling of implicit keep when the last Sieve script is a global one.
In that case the implicit keep action was executed in global context, which
could mean that trivial (quota) errors ended up in the system log file,
rather than the user log file.
- doveadm sieve plugin: Fixed crashes caused by incorrect context allocation
in the sieve command implementations.
|
|
# HG changeset patch
# User Kevin McCarthy <kevin@8t8.us>
# Date 1449022827 28800
# Tue Dec 01 18:20:27 2015 -0800
# Node ID 5e5aff1782dc62044197c2230d346bd492706fbf
# Parent 428a92464d5bccccda818bed598610db212fcf7c
Loosen mutt_signed_handler() protocol value consistency check. (closes #3639)
Apparently, for S/MIME, some MUAs mismatch the protocol value of
the multipart/signed and the content-type of the signature: putting
"pkcs7-signature" in one and "x-pkcs7-signature" in the other.
Change mutt_signed_handler() to independently verify the values of the
protocol and the content-type. This still checks for correct values but
doesn't ensure they match between the two (for S/MIME).
|
|
This release brings:
- support for the latest libSystem
- support for Gtk+ 3
|
|
Make sure
${PREFIX}/share/roundcube/temp/
exists and is writable by the web server user.
|
|
Bump PKGREVISION.
|
|
* Sync with thuderbird-38.5.1
|
|
* Add workaround for binutils 2.26 from NetBSD current
Changelog:
For Microsoft Windows only.
|
|
http://bz.apache.org/SpamAssassin/show_bug.cgi?id=6937
|
|
|
|
Changes:
Version 1.6.4:
- The system default policy is used with GnuTLS instead of a hardcoded one.
|
|
|
|
* No change except version.
|
|
external graphite. Add all the graphite headers to the magic wrapper
list to avoid future fun. Remove manual unwind.h header where it still
exists.
|
|
The patches were from upstream and are included in the version of
claws-mail-vcalendar currently in pkgsrc.
|
|
Pkgsrc changes:
patch-ae, patch-cb and parts of patch-ca has been filed upstream by
people from the OpenBSD project.
Changelog (from NEWS):
* 3.13.2
--------
* Bug fixes:
o bug 2358, '"Disposition-Notification-To:" should default
to same value as "From:'
o bug 3557, 'Remotely exploitable bug.'
o bug 3584, 'After 3.13.1, characters in some Japanese codec
are never correctly converted to internal ones'
* 3.13.1
--------
* When attaching files with no suffix, e.g. Makefile, the correct
mime type is now found.
* Added support for a whole range of extra TLDs.
* '➜' is used instead of '-->' in the Message List when sender is
yourself. (Only visible if the hidden pref 'enable_swap_from' is
set to 0.)
* An external editor can now be embedded in the Compose window.
This depends upon the 'Text editor' option (/Configuration/
Preferences/Message View/External Programs) having a suitable
value, such as 'gvim -f --socketid %w %s'.
* Address Book: address books can now be searched.
* A hidden pref has been added, 'next_on_delete'. This controls the
message selection when a message is deleted. A setting of '0'
which cause the previous, older message to be selected, a setting
of '1' will cause the next, newer message to be selected.
* PDF Viewer plugin: Support for encrypted (password protected) PDFs.
* RSSyl plugin: The feed preferences window appearance has been
improved.
* The --enable-new-addrbook configure option has been renamed to
--enable-alternate-addressbook.
* Windows: Re-enabled regexps.
* updated man page.
* Updated translations: British English, Czech, Dutch, Finnish,
French, German, Hebrew, Hungarian, Italian, Lithuanian,
Norwegian Bokmål, Slovak, Swedish, Traditional Chinese.
* New translations: Russian.
* Removed translations: Bulgarian, Esperanto.
* Bug fixes:
o bug 1959, 'Selection selects too many under expanded view'
o bug 2490, 'Selecting mails through Shift-Home/End doesn't
work properly'
o bug 3151, 'loaded vCalendar plugin "disables" gnome-shells
calendar view entries'
o bug 3375, 'Crash (SEGV) at gtkcmctree.c:4514 after deleting
an unread message'
o bug 3557, 'Remotely exploitable bug.'
o bug 3454, (windows) 'Attachments containing certain special
characters in filename are not opened'
o bug 3480, 'No valid feed found when channel title is
missing'
o bug 3513, 'Can't delete multiple selected e-mails'
o bug 3541, 'Selecting a leaf folder with keyboard no longer
opens it'
o bug 3559, 'Opening preferences window causes out of bounds
read'
o bug 3561, 'HTML <a> tag with no href makes message display
incorrectly.'
o bug 3562, 'Hyperlink Errors URI XMPP, SIP, SIPS and Skype'
o bug 3563, 'URL parser will read out of bounds when closing
bracket is missing in get_url_part'
o bug 3566, 'Missing locales in Eastern name order'
o Debian bug 801375, 'Segfault when activating ... the plugin
with the Code from Google'
o better fix for crash after broken pgp keyring update, and
bogus EOF message on verifying sigs of missing keys
o building on OpenBSD
o libetpan version test
o folder renaming for IMAP on Windows.
|
|
when the user logged out of the graphical desktop environment, and
e-calendar-factory thus redundantly consumed system resources.
(https://bugzilla.redhat.com/show_bug.cgi?id=1141760 and upstream
https://bugzilla.gnome.org/show_bug.cgi?id=646117)
bump PKGREVISION
|
|
BUILD_DEPENDS+= p5-MooX-Types-MooseLike-[0-9]*:../../devel/p5-MooX-Types-Moose
|
|
---------------
1.204 2015-11-29 22:28:08-05:00 America/New_York
update repo and bugtracker
|
|
---------------
1.406 2015-08-10 12:08:52-04:00 America/New_York
- when Sys::Hostname::Long is available, use hostname_long, not
hostname()
|
|
---------------
1.937 2016-01-28 13:31:06-05:00 America/New_York
- eliminate memory leak in walk_parts (again, rjbs)
|
|
BUILD_DEPENDS+= p5-Capture-Tiny-[0-9]*:../../devel/p5-Capture-Tiny
|
|
* 3.5.0 (stable)
* A fix for ARM architecture was made.
* TLSv1.1 and TLSv1.2 will be enabled for STARTTLS when OpenSSL 1.0.1 or
above is used.
* Some bugfixes and stability improvements were made.
* Win32: more fix for the crash when linked with newer MSVCRT was made.
* Win32: irresponsibe text entries on the first display of the filter
edit dialog were fixed.
* Win32: libpng was updated to 1.4.19.
* Win32: OpenSSL was updated to v0.9.8zh.
* 3.5.0beta3 (development)
* A bug that reorder of filter runes by DnD was not saved was fixed.
* The original file names of attachments are kept when opening them,
and shorter suffixes are added in the case they conflict.
* The crash when displaying HTML messages was fixed (#215).
* The bug that column sizes of the address book were not properly set was
fixed.
* Win32: the bug that maximized state was unset on minimize was fixed.
* Win32: the crash when linked with newer MSVCRT was fixed.
* Win32: dependency on libtiff was removed (GDI+ is used).
* Win32: libjpeg was updated.
* Win32: libpng was updated to 1.4.16.
* Win32: OpenSSL was updated to v0.9.8zg.
* Win32: included SSL certificates were updated.
* 3.5.0beta2 (development)
* Windows / widgets are now adjusted to their optimal sizes by reference
to system DPI value.
* The option to specify startup online mode was added.
* The bug that wrote the first part of data if the message body in the
IMAP4 responses didn't end with CR+LF was fixed (#84).
* The bug that previously selected folder on the file selection dialog
was not remembered with GTK+ 2.24.x was fixed.
* Hebrew translation was added.
* Win32: The bug that 'Minimize to tray icon' didn't work with 3.5.0beta1
was fixed.
* Win32: 'Toggle window on trayicon click' now works.
* Win32: sylpheed.exe executable became DPI-Aware.
* Win32: OpenSSL was updated to 0.9.8zc.
* Win32: included SSL certificates were updated.
* 3.5.0beta1 (development)
* Mbox locking became NFS-safe (#202).
* Configure: silent rules are enabled by default.
* Configure.in was renamed to configure.ac.
* Fade effect was added to the notification window.
* Sylpheed.desktop file was updated.
* Win32: build fix for newer MinGW was made.
* Win32: 32-bit time_t is always used on win32 for backward compatibility.
* Win32: included third-party libraries were updated:
- GTK+ 2.24.23
- GLib 2.38.2
- GDK-Pixbuf 2.30.7
- Pango 1.36.3
- Cairo 1.10.2
- libpng 1.14.13
- GPGME 1.4.3
* Win32: the following issues were fixed because of GTK+ update:
- System Icon issue when ran on Windows 7 (#13, #85)
- Scroll jumping issue on text views when using Japanese IME
- Menus became more native-looking
- File dialogs were improved
|
|
PKGREVISION++
|
|
|
|
- Add ${PERL5_LICENSE}
(upstream)
- Update 0.09 to 1.04
-------------------
1.04 Mon Dec 22 2014
- Removed the locked sub attributes because they seem to have no
gain(no object acces/modification is done)
- Enhanced the POD
- Enhanced the test so they skip if /usr/sbin/makemap is not
insTALLED(might be needed to bundle a .db again)
- In 2012: Enhanced the lookup function so it does correctly check all
variations of an email address
1.01 Tue Nov 10 2009
- Fixed a permissions issue where a test file didn't exist prior
to testing.
|
|
---------------
1.908 2015-09-19 22:53:38-04:00 America/New_York
- default to 1 level of nested comments to avoid pathological behaviors
|
