| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
MFSA 2011-16 Directory traversal in resource: protocol
MFSA 2011-12 Miscellaneous memory safety hazards (rv:2.0.1/ 1.9.2.17/ 1.9.1.19)
|
|
|
|
Changelog:
Version 1.4.24:
- Remove the unmaintained pt_BR translation.
- Simplify manual license: use a simple permissive license instead of GNU FDL.
- Replace a call to gnutls_protocol_set_priority(), which is deprecated in
GnuTLS >= 2.12.0. Fixes Debian bug #624048 (reported for mpop).
- Remove gnulib, for simplicity and maintainability.
- Update GNU autotools files, in particular configure.ac.
|
|
|
|
Fix bug #SF3067338: Create a pool of DB handles for SQL operations
so that queries don't all share one serially.
Fix bug #SF3156559: Don't compile Lua scripts anew for each execution.
Fix bug #SF3210385: Fix issue with configuration reload failures
having some side effects on the remaining active configuration
handle. Reported by Andreas Schulze.
Fix bug #SF3235131: Don't report ADSP errors as signature errors
in Authentication-Results header fields.
Fix bug #SF3258459: Don't send progress messages during EOH. Problem
reported by Gary Mills.
Fix bug #SF3276469: When generating "z=" tags, apply omit and sign
header field lists. Problem noted by Todd Lyons.
Add ADSP processing error information to A-R header fields.
LIBOPENDKIM: Use a time_t to store TTL and clock drift options
rather than unsigned long. Patch from Piotr Sikora.
LIBAR: Include class and type in debugging messages. Suggested
by Gary Mills.
LIBAR: Start the dispatcher on the first query, not in ar_init().
Allows ar_init() to be called before a fork() safely.
CONTRIB: Adjust installed path in RedHat start script. Patch
from Naresh V.
CONTRIB: Require the current libopendkim in the opendkim definition
in the RPM spec file. Patch from Naresh V.
2.3.1 2011/03/28
Feature request #SF3196060: Log retrieved reputation values.
Patch from Andreas Schulze.
Feature request #SF3199824: Don't log "no signature data" unless
LogWhy is enabled or the action for unsigned mail is something
other than "accept".
Fix bug #SF3196069: Log more detail when dkimf_config_setlib() fails.
Problem noted by Andreas Schulze.
Fix bug #SF3197890: Update ARF report format for DKIM verification
failures to use what's in draft-ietf-dkim-marf-reporting.
Fix bug #SF3204725: Add "ReplaceHeaders" data set to constrain what
header fields are affected by "ReplaceRules". Problem
noted by Chris Callegari.
Fix bug #SF3211114: Extract "BaseDirectory" from configuration
file properly.
Fix bug #SF3234178: Correct handling of a KeyTable entry for which the
key data is empty. Based on a patch from Yoshiaki Yanagihara.
Patch #SF3205699: Make all header field name and domain name data
sets case insensitive. Submitted by Richard Rognlie.
Add a case-insensitivity flag to odkim.db_open().
Minor correction to DNS function return codes for unbound, which
doesn't have an expired/no-reply distinction like libar does.
LIBOPENDKIM: Fix up timeout handling with a DNS callback is in use.
LIBOPENDKIM: Update for draft-kucherawy-dkim-atps-03.
STATS: Fix bug #SF3195449: Omit data from reporters that are not
currently marked "enabled" in the reporters table.
STATS: Evaluate "i=" against the "d=" domain, not the "From" domain.
Problem noted by Mark Martinec.
STATS: A few more reports.
MILTERTEST: Don't use non-standard printf() conversions.
MILTERTEST: Get the SMFIP_HDR_LEADSPC logic right.
TOOLS: Feature request #SF3200848: Add a backgrounding option
(on by default) to opendkim-spam.
|
|
== [release-1-6-9] 1.6.9: 2011-04-26
A bug fix release of 1.6.8.
=== All
==== Improvements
* autogen.sh supports bash.
[Reported by Kenji Shiono]
=== Document
==== Improvements
* Followed Ruby milter's change.
[Reported by akira yamada]
=== milter manager
==== Improvements
* Added
((<database.extra_options|configuration.rd#database.extra_options>))
configuration item.
* Supported exception handling in callback.
==== Fixes
* Fixed a bug that define_connection_checker raises an
exception.
[Reported by Kenji Shiono]
=== milter-client
==== Improvements
* Supported error report when UNIX domain socket mode
change is failed.
=== milter-performance-check
==== Improvements
* Added --starttls option.
* Added --auth-user option.
* Added --auth-password option.
* Added --auth-mechanism option.
* Added --auth-map option.
==== Fixes
* Fixed a bug that --smtp-port is ignored.
|
|
* TinyMCE 3.4.2 now compatible with IE9
* PEAR::Net_SMTP 1.5.2, fixed timeout issue
* Fix bug where template name without plugin prefix was used in render_page hook
* Support 'abort' and 'result' response in 'preferences_save' hook, add error
handling
* Fix bug where some content would cause hang on html2text conversion
* Improve space-stuffing handling in format=flowed messages
* Fix bug where some dates would produce SQL error in MySQL
* Added workaround for some IMAP server with broken STATUS response
* Fix bug where default_charset was not used for text messages
* Stateless request tokens. No keep-alive necessary on login page
* Force names of unique constraints in PostgreSQL DDL
* Add code for prevention from IMAP connection hangs when server closes socket
unexpectedly
* Remove redundant DELETE query (for old session deletion) on login
* Get around unreliable rand() and mt_rand() in session ID generation
* Fix some emails are not shown using Cyrus IMAP
* Fix handling of mime-encoded words with non-integral number of octets in
a word
* Fix parsing links with non-printable characters inside
* Fixed de_CH/de_DE localization bugs
* Add variable for 'Today' label in date_today option
* Applied plugin changes since 0.5-stable release
* Fix SQL query in rcube_user::query() so it uses index on MySQL again
* Use only one from IMAP authentication methods to prevent login delays
* Fix strftime format support in date_today option
* Removed redundant </form> tags from contact add/edit pages
* Fix CSS error in contact details screen on IE7
|
|
|
|
|
|
|
|
|
|
== [release-1-6-8] 1.6.8: 2011-04-15
A bug fix release of 1.6.7.
=== All
==== Improvements
* Don't create needless directories on install.
[Reported by OBATA Akio]
=== Document
==== Improvements
* Changed target CentOS version to 5.6.
==== Fixes
* Fixed wrong internal links.
=== milter-manager
==== Improvements
* Added
((<manager.event_loop_created|configuration.rd#manager.event_loop_created>))
configuration item.
=== Ruby milter
==== Improvements
* Added
((<milter.event_loop_created|ruby-milter-configuration.rd#milter.event_loop_created>))
configuration item.
* Added Milter::ClientSession#worker_id.
* Added Milter::ClientSession#[].
=== milter-core
==== Improvements
* Followed the Sendmail behavior rather than Postfix
behavior on adding a header.
=== milter-server
==== Improvements
* Don't require Ruby's header files until they are needed.
==== Fixes
* Fixed a bug that milter-test-server can't be detected.
|
|
* Sieve filter tool: finished implementing basic functionality. It is not
quite ready yet, but it is available for those willing to experiment
with it (needs --with-unfinished-features config to compile). Also
includes man page.
* Vacation extension now inhibits replies to messages from sender listed
in :addresses, thus preventing replies to one of the user's other known
addresses.
* Vacation extension: implemented the (draft) vacation-seconds extension.
This also adds min/max period configuration settings. Refer to
doc/vacation.txt for configuration information.
* ManageSieve: fixed bug in UTF-8 checking of string values. This is done
by discarding the original implementation and migrating to the Dovecot
API's UTF-8 functionality.
* Sieve command line tools now avoid initializing the mail store unless
necessary. This prevents sievec and sieve-dump from failing when
executed by root for example.
* Enotify extension: fixed inappropriate return type in mailto URI parse
function, also fixing ARM compiler warning.
* Vacation extension: fixed handling of sendmail errors. It produced an
additional confusing success message in case of error.
* Removed header MIME-decoding to fix erroneous address parsing. Applies to
address test and vacation command.
* Fixed segfault bug in extension configuration, triggered when unknown
extension is mentioned in sieve_extensions setting.
|
|
* doveadm: Added "move" command for moving mails between mailboxes.
* virtual: Added support for "+mailbox" entries that clear \Recent
flag from messages (default is to preserve them).
* dbox: Fixes to handling external attachments
* dsync: More fixes to avoid hanging with remote syncs
* dsync: Many other syncing/correctness fixes
* doveconf: v2.0.10 and v2.0.11 didn't output plugin {} section right
|
|
|
|
|
|
Changes to the Cyrus IMAP Server since 2.4.7
* Bug #3428 - allow charset argument to "thread" to be quoted
* Bug #3429 - fixed mupdate crash
* Bug #3404 - had crept back in! Fix LIST "" user properly
* Bug #3388 - fix reconstruct internaldate flap when file hardlinked
with different internaldates
* Bug #3410 - don't require a partition on murder frontends
* Bug #3406 - fix compile on FreeBSD
* Bug #3415 - fix nntpd
* Bug #3390 - add 'proc_path' config variable
* Bug #3364 - allow setting unlimited quota through a proxy server
* Bug #3433 - append '0.' file rather than deleting in reconstruct
* Fixed bug in reconstruct where a record rewrite lost the cache
pointer until you did a SECOND reconstruct (no bug number)
* Bug #3440 - fixed cyr_expire crash if run with -x
|
|
-further changes to the Received: header construction to handle IPv6 better.
Thanks: Frederic Perrin.
|
|
-ensure correct remote address and port is included in the Received: trace
headers generated by getmail. Previously the first address found for the
server was used even if another address was actually used to connect to the
server. Thanks: Frederic Perrin.
|
|
|
|
|
|
ships with Sendmail but does not get installed.
|
|
== [release-1-6-7] 1.6.7: 2011-04-08
A bug fix release of 1.6.6.
=== All
==== Improvements
* Don't create needless directories on install.
[Reported by OBATA Akio]
==== Fixes
* Fixed a bug that Ruby/GLib2 in system can't be found.
[Reported by OBATA Akio]
=== Package
==== Fixes
* [RPM] Fixed dependencies.
* [Debian] Fixed dependencies.
* [Debian] Don't use deprecated option in init script.
* [RPM] Don't use deprecated option in init script.
=== milter-manager
==== Fixes
* [S25R] Fixed a bug that milter is always run.
=== milter-core
==== Improvements
* Added "+LEVEL1|LEVEL2|..." syntax to add log levels.
* Added "-LEVEL1|LEVEL2|..." syntax to remove log levels.
=== milter-client
==== Improvements
* Added --log-level option.
* Added --quiet option.
=== Thanks
* OBATA Akio
== [release-1-6-6] 1.6.6: 2011-04-07
This release improves Ruby support and Solaris support.
=== All
==== Improvements
* Added --with-bundled-ruby-glib2 configure option for
using bundled Ruby/GLib2 anytime.
* Supported Solaris.
=== Document
==== Fixes
* [Debian] add missing GROUP=postfix in configuration.
[Reported by Jordao]
=== Package
==== Improvements
* Supported Solaris.
* Fedora 13 -> 14.
=== milter-core
==== Improvements
* Set 'warning' log level by default.
* Set 'statistics' log level by default.
* Set 'message' log level by default.
* Changed syslog level for statistics log to LOG_NOTICE
level from LOG_INFO level .
==== Fixes
* Fixed a memory leak on read error.
=== milter-manager
==== Improvements
* Supported database connection.
* Disabled S25R applicable condition for IPv6 connection
by default. It's customizable by s25r.check_only_ipv4=.
* Added --n-workers option.
* Added --event-loop-backend option.
* Supported log configuration in configuration file.
==== Fixes
* Fixed a crash bug on reloading.
[Reported by Kenji Shiono]
=== libmilter-compatible
==== Improvements
* Supported event loop backend customize by environment
variable:
* MILTER_EVENT_LOOP_BACKEND=libev -> libev is used
* MILTER_EVENT_LOOP_BACKEND=glib -> GLib is used (default)
=== milter-test-client
==== Improvements
* Added --pid-file option.
* Supported shutdown by SIGTERM.
=== milter-test-server
==== Improvements
* Added --envelope-from option.
* Deprecated --from option.
* Added --envelope-recipient option.
* Deprecated --recipient option.
* Added --connect-macro option.
* Added --helo-macro option.
* Added --envelope-from-macro option.
* Added --envelope-recipient-macro option.
* Added --data-macro option.
* Added --end-of-header-macro option.
* Added --end-of-message-macro option.
* Supported result body output in non-ASCII encoding.
=== milter-report-statistics
==== Improvements
* Supported Solaris.
* Added --pid option.
* Added --pid-directory option.
=== Ruby milter
==== Improvements
* Added --maintenance-interval option.
* Added --run-gc-on-maintain option.
* Added --environment option.
* Added --max-file-descriptors option.
* Added --pid-file option.
* Added Milter::ClientSession#delete_header.
* Added Milter::ClientSession#insert_header.
* Added Milter::ClientSession#replace_body.
* Added Milter::ClientSession#change_from.
* Added. Milter::ClientSession#add_recipient.
* Added Milter::ClientSession#delete_recipient.
* Added Milter::ClientSession#delay_response.
* Added Milter::ClientSession#progress.
* Added Milter::ClientSession#discard.
* Added Milter::EventLoop.
* Supported configuration file.
* Added Milter::SocketAddress#ipv4?.
* Added Milter::SocketAddress#ipv6?.
* Added Milter::SocketAddress#unix?.
==== Fixes
* Fixed a crash bug.
=== Thanks
* Jordao
* Kenji Shiono
|
|
Partly addresses pkg/25165.
From the package's NEWS file:
2.1.14 (20-Sep-2010)
Security
- Two potential XSS vulnerabilities have been identified and fixed.
New Features
- A new feature for controlling the addition/replacement of the Sender:
header in outgoing mail has been implemented. This allows a list owner
to set include_sender_header on the list's General Options page in the
admin GUI. The default for this setting is Yes which preserves the prior
behavior of removing any pre-existing Sender: and setting it to the
list's -bounces address. Setting this to No stops Mailman from adding or
modifying the Sender: at all.
Additionally, there is a new Defaults.py/mm_cfg.py setting
ALLOW_SENDER_OVERRIDES which defaults to Yes but which can be set to No
to remove the include_sender_header setting from General Options, and
thus preserve the prior behavior completely.
- Bounce processing has been enhanced so that if a bounce is returned to a
list from a non-member who is a member of a regular_include_list, the
bounce will be processed as a bounce for the included list.
i18n
- Fixed a missing format character in the German bin/mailmanctl docstring.
- Updated Dutch translation from Jan Veuger.
- Updated Japanese Translation from Tokio Kikuchi.
- Updated Finnish translation from Joni Töyrylä.
- Made a few corrections to some Polish templates. Bug #566731.
- Made a minor change to the Chinese (China) message catalog. Bug #545772.
- Changed a few DOCTYPE directives in templates for compliance.
Bug #500952 and Bug #500955.
Bug Fixes and other patches
- Made minor wording improvements and typo corrections in some messages.
Bug #426979.
- Fixed i18n._() to catch exceptions due to bad formats. Bug #632660.
- Fixed admindb interface to decode base64 and quoted-printable encoded
message body excerpts for display. Bug #629738.
- Fixed web CGI tracebacks to properly report sys.path. Bug #615114.
- Changed the member options login page unsubscribe request to include the
requesters IP address in the confirmation request. Bug #610527.
- Changed fix_url to lock the list if not locked. Bug #610364.
- Made a minor change to the English subscribeack.txt (welcome message)
template to emphasize that a password is only required to unsubscribe
*without confirmation*.
- Fixed an issue in admindb that could result in a KeyError and "we hit a
bug" response when a moderator acts on a post that had been handled by
someone else after the first moderator had retrieved it. Bug #598671.
- Fixed a bug which would fail to show a list on the admin and listinfo
overview pages if its web_page_url contained a :port. Bug # 597741.
- Fixed bin/genaliases to not throw TypeError when MTA = None.
Bug #587657.
- Provided the ability to specify in mm_cfg.py a local domain (e.g.
'localhost') for the local addresses in the generated virtual-mailman
when MTA = 'Postfix'. See VIRTUAL_MAILMAN_LOCAL_DOMAIN in Defaults.py.
Bug #328907.
- Made a minor change to the removal of an Approved: pseudo-header from
a text/html alternative to allow for an inserted '\xA0' before the
password.
- Fixed Content Filtering collapse_alternatives to work on deeply nested
multipart/alternative parts. Bug #576675.
- We now accept/remove X-Approved: and X-Approve: headers in addition to
Approved: and Approve: for pre-approving posts. Bug #557750.
- Reordered the 'cancel' and 'subscribe' buttons on the subscription
confirmation web page so the default action upon 'enter' will be the
subscribe button in browsers that pick the first button. Bug #530654.
- Fixed a bug in the admindb interface that could apply a moderator
action to a message not displayed. Bug #533468.
- Added a traceback to the log message produced when processing the
digest.mbox throws an exception.
- Added a urlhost argument to the MailList.MailList.Create() method to
allow bin/newlist and the the create CGI to pass urlhost so the host
will be correct in the listinfo link on the emptyarchive page.
Bug #529100.
- Added the List-Post header to the default list of headers retained in
messages in the MIME digest. Bug #526143.
- When daemonizing mailmanctl, we now ensure terminal files are closed.
- Fixed a bug in pipermail archiving that caused fallback threading by
subject to fail. Bug #266572.
- We now give an HTTP 401 status for authentication failures from admin,
admindb, private, options and roster CGIs, and an HTTP 404 status from
all the CGIs for an invalid list name.
- Backported the listinfo template change from the 2.2 branch to fix
Bug #514050.
- Fixed a bug where going to an archives/private/list.mbox/list.mbox URL
would result in a munged URL if authentication was required. Bug #266164.
- Fixed a bug where check_perms would throw an OSError if an entry in
Mailman's lists/ directory was not a directory. Bug #265613.
- Fixed a bug where a message with an Approved: header held by a handler
that precedes Approve (SpamDetect by default) would not have the
Approved: header removed if the held message was approved. Bug #501739.
2.1.13 (22-Dec-2009)
i18n
- Updated Dutch message catalog from Jan Veuger.
- Added Asturian translation from Marcos Costales and the Asturian
Language Team.
Bug Fixes and other patches
- Added "white-space: pre-wrap" style for <pre> tag in archives.
Bug #266467.
- Added vette logging for rejected and discarded (un)subscribe requests.
- Fixed a bug in admindb.py that could erroneously discard an unsubscribe
request as a duplicate.
- Decoded RFC 2047 encoded message subjects for a few reports.
Bug #266428.
- Fixed the French, Spanish and Hebrew translations which improperly
translated the 'coding:' line in bin/config_list output.
- Fixed the auto-responder to treat messages to -confirm, -join, -leave,
-subscribe and -unsubscribe as requests rather than posts. Bug #427962.
- Configure/make no longer builds Japanese and Korean codecs in
pythonlib if Python already has them.
- Inadvertently setting a null site or list password allowed access
to a list's web admin interface without authentication. Fixed by
not accepting null passwords.
- Changed VERP_CONFIRM_REGEXP in Defaults.py to work if the replying
MUA folds the To: header and in cases where the list name includes '+'.
- Fixed some paths in contrib/check_perms_grsecurity.py. Bug #411192.
- Replies to commands sent to list-request now come From: list-owner
instead of list-bounces.
- Mailman no longer folds long sub-part headers in multipart messages.
In addition, Mailman no longer escapes From_ lines in the body of
messages sent to regular list members, although MTA's may do it anyway.
This is to avoid breaking signatures per Bug #265967.
- XSS protection in the web interface went too far in escaping HTML
entities. Fixed.
- Removed or anonymized additional headers in posts to anonymous lists.
- Fixed a bug that could cause incorrect threading of replies to archived
messages that arrive with timestamps in the same second.
- Scrubbed HTML attachments containing tab characters would get the tabs
replaced by a string of ' ' without a semicolon. Fixed.
- Caught a TypeError in content filtering, collapse alternatives that
occurred with a malformed message if a multipart/alternative part
wasn't multi-part. Reported in comments to bug #266230.
- Fixed a few things in bin/update:
- Changed some old messages for more current meaning.
- Fixed qfiles update to not lose metadata from 2.1.5+ format entries.
- Fixed 2.0.x template migration to not die if the templates/ tree
contains subdirectories from a version control system.
- Fixed a bug that would show a list on the admin and listinfo overview
pages if its web_page_url host contained the current host as a
substring. Bug #342162.
- Fixed a bug in Utils.canonstr() that would throw a UnicodeDecodeError
if the string contained an HTML entity > 255 and also characters in the
128-255 range. Bug #341594.
- Added recognition for more bounces.
- Updated contrib/mmdsr to report preserved messages and to use mktemp to
create temp files.
|
|
upgrade an existing mailman installation.
Relevant for pkg/25165
|
|
*Rails 3.0.6 (April 5, 2011)
* Don't allow i18n to change the minor version, version now set to ~>
0.5.0 [Santiago Pastorino]
|
|
|
|
Version 1.0.23:
- No significant changes.
Version 1.0.22:
- A new command 'received_header' with a corresponding '--received-header'
option allows to disable the default Received header if required.
- A new command 'passwordeval' with a corresponding '--passwordeval' option
allows to set the password to the output of a command.
Version 1.0.21:
- No significant changes.
Version 1.0.20:
- Added support for authentication mechanism SCRAM-SHA-1 via GNU SASL.
- The new command tls_fingerprint allows one to trust one particular TLS
certificate, in case tls_trust_file cannot be used for some reason.
- The new script mpop-gnome-tool.py manages Gnome Keyring passwords for mpop.
Version 1.0.19:
- When using OpenSSL, mpop now correctly handles NUL characters in the Common
Name and Subject Alternative Name fields of certificates. This fixes a
security problem. Note that mpop is not affected by this problem if GnuTLS is
used.
- Mpop can now handle mail boxes larger than 2 GiB on 32bit systems. Previously,
this only worked on 64bit systems.
Version 1.0.18:
- Delivery to MS Exchange pickup directories is now supported, thanks to Julien
Larigaldie.
Version 1.0.17:
- No significant changes.
Version 1.0.16:
- Mpop now also reads SYSCONFDIR/netrc if the password was not found in
~/.netrc.
- Support for the GNOME keyring was added by Satoru SATOH.
Version 1.0.15:
- This version fixes two bad bugs that prevented mpop from correctly retrieving
mails under certain cicumstances.
Version 1.0.14:
- The configuration command tls_crl_file was added. This allows to use
certificate revocation lists (CRLs) during certificate verification.
- The configuration command tls_min_dh_prime_bits was added. This is needed to
use TLS/SSL with servers that use a small Diffie-Hellman (DH) prime size.
- The configuration command tls_priorities was added. This allows to fine tune
TLS/SSL session parameters.
Version 1.0.13:
- Support for the Mac OS X keychain was added by Jay Soffian.
|
|
|
|
bugs and security fix release.
Changes to the Cyrus IMAP Server since 2.4.6
* Fixed Bug #3357 - lmtpd offering STARTTLS in pre-authorized mode.
* Fixed Bug #3392 - allowing INBOX.INBOX to be created if the case
didn't match
* Fixed Bug #3404 - incorrect LIST "" "user" response
* Fixed Bug #3417 - crash on zero-byte quota file
* Fixed numberous bugs with mailbox upgrades
* Fixed replication errors, which have been reported many times on
the mailing list, but don't have bug numbers.
* Increated "paranoia" about record ordering in mailbox, which would
have detected some bad bugs in replication that caused the infinite
runaway mailbox filling reported in 2.4.6 and below
* Increased syslogging detail about replication issues
* Fixed reconstruct crash with zero-byte index file
* Fixed cyradm perl library path finding
* Fixed incorrect use of LITERAL+ formats in our responses to
clients. Unreported, but could be causing wierd hard-to-track-down
bugs out there
* Fixed append immediately on create
* Upgraded Unicode database to version 6.0
* Fixed reconstruct crash on folder names with many digits (i.e. ebay
auction numbers)
* Fixed reconstruct crash with file called '0.'
* Made reconstruct '-n' option actually exist, as advertised in the
man page
* Fixed bug #3423 - STARTTLS plaintext command injection
vulnerability
* Bug #3382 Added "failedloginpause" config option
* Bugs #3383/3385 Removed some obsolete config options
* Bug #3389 $confdir/proc not created on the fly
* Bug #3394 fix imtest parsing of MECHLIST
* Bug #3399 fix with_ldap option default
* Bug #3307 fix mbpath crash on remote mailbox
* Bug #3420 use getpassphrase on Solaris, now passwords over 8
characters long work with cyrus tools
* Bug #3400 and others - lots of bugs with XFER between different
versions in murder clusters fixed, including a bug that caused only
mailboxes with zero messages to be rejected for upgrade
* Bug #3391 fix rename which just moves between partitions
* Bug #3103 fix imtest using plain authentication when it must not
* Bug #3426 fix TLS on sockets other than stdin
* Added support for BDB versions 5 and above
|
|
|
|
No functional change.
|
|
Version update only.
|
|
|
|
|
|
1. In addition to the existing LDAP and LDAP/SSL ("ldaps") support, there
is now LDAP/TLS support, given sufficiently modern OpenLDAP client
libraries. The following global options have been added in support of
this: ldap_ca_cert_dir, ldap_ca_cert_file, ldap_cert_file, ldap_cert_key,
ldap_cipher_suite, ldap_require_cert, ldap_start_tls.
2. The pipe transport now takes a boolean option, "freeze_signal", default
false. When true, if the external delivery command exits on a signal then
Exim will freeze the message in the queue, instead of generating a bounce.
3. Log filenames may now use %M as an escape, instead of %D (still available).
The %M pattern expands to yyyymm, providing month-level resolution.
4. The $message_linecount variable is now updated for the maildir_tag option,
in the same way as $message_size, to reflect the real number of lines,
including any header additions or removals from transport.
5. When contacting a pool of SpamAssassin servers configured in spamd_address,
Exim now selects entries randomly, to better scale in a cluster setup.
|
|
Postfix stable release 2.8.2 is available. This release has minor
fixes that are already in the experimental (2.9) release.
- Bugfix: postscreen DNSBL scoring error. When a client disconnected
and then reconnected before all DNSBL results for the earlier
session arrived, DNSBL results for the earlier session would be
added to the score for the later session. This is very unlikely
to have affected any legitimate mail.
- Workaround: the SMTP client did not support mail to [ipv6:ipv6addr].
- Portability: FreeBSD closefrom() was back-ported to FreeBSD 7,
breaking FreeBSD 7.x support retroactively.
- Portability: the SUN compiler had trouble with a pointer expression
of the form ``("text1" "text2") + constant'' so we don't try to
be so clever.
|
|
|
|
|
|
Upstream changes:
* Bug fixes:
- rfe 2309, 'Shortcuts should not be modifiable by default'
- bug 2313, 'CLI quicksearch sometimes returns the same
messages twice'
- bug 2317, 'Action results in "Bad file descriptor"
- PGP/Core: Win32 build fix
- NNTP: fix replying (broken in corner case)
- fix configure option --disable-manual
- One more GTK+ 2.22 build fix
- Debian bug 599547, 'Please re-introduce quick shortcut for
marking as spam'
|
|
changes: bugfixes
|
|
spamass-milter forks, allocates memory and then execs, violating
locking rules. This commit adds a patch from Juergen Hannken-Illjes
that moves the allocation above the fork.
TODO: upstream is recently alive again, after 5 years with no
releases. Push these fixes upstream.
|
|
|
|
|
|
a followup to PR pkg/44723 by Stefano Marinelli
|
|
changes:
-bugfixes
-translation updates
|
|
by Stefano Marinelli per PR pkg/44723
being here, update to 2.32.2, changes are bugfixes
|
|
Feature request #SF2964396: Allow SignHeaders, OmitHeaders and
SenderHeaders to be specified as deltas to the default lists.
Feature request #SF3053094: Correct documentation and improve function
of the AuthservID configuration setting. Requested by
Andreas Schulze.
Feature request #SF3060152: Add odkim.replace_header() function.
Feature request #SF3060161: Add odkim.del_header() function.
Feature request #SF3061189: Add new "quarantine" option to all the
various "On-" settings.
Feature request #SF3066104: Add "AnonymousDomains" configuration
option.
Feature request #SF3074290: Add _FFR_ATPS, experimental support for
draft-kucherawy-dkim-atps.
Feature request #SF3076684: Add "VBR-TrustedCertifiersOnly" flag.
Feature request #SF3080604: Add odkim.parse_field() function.
Requested by Todd Lyons.
Feature request #SF3081697: Add "OversignHeaders" configuration
option.
Feature request #SF3085536: Activate _FFR_STATS_I, providing
statistics reporting about use of "i=" in signatures.
Feature request #SF3096630: Add odkim.rbl_check() function.
Feature request #SF3097083: Make SigningTable accessible from Lua.
Feature request #SF3103095: Allow "%" in a KeyTable entry's filename
component as well as the domain name.
Feature request #SF3105480: Improved VBR correctness; don't conduct
VBR checks at all if there are disagreeing "mc" values in
multiple VBR-Info header fields.
Feature request #SF3106132: Allow "%" in a SigningTable's value.
Feature request #SF3109963: Add "MaximumSignaturesToVerify" setting.
Suggested by John Wood.
Feature request #SF3110593: Add compile-time support for GnuTLS as
an alternative to OpenSSL. Suggested by Alessandro Vesely.
Feature request #SF3136772: Sign the VBR-Info header field, if added.
Requested by Frederik Pettai.
Fix bug #SF3134119: With AutoRestart enabled, arrange to relay
SIGUSR1 from the parent to the child rather than terminating.
Reported by Yoshiaki Yanagihara.
Fix bug #SF3141313: Trim whitespace from values in in-core data
sets. Reported by Todd Lyons.
Fix bug #SF3156124: More robust handling of database disconnects.
Also add _FFR_POSTGRESQL_RECONNECT_HACK, which will hopefully
be temporary. Reported by Miha Vrhovnik.
Fix bug #SF3181180: Correct handling of quoted strings containing
parentheses (and the opposite) when parsing
Authentication-Results header fields. Reported by
Mark Martinec.
Fix back-compatibility with very old implementations of milter in MTAs.
Fix case-insensitive matching for domain names when doing signing
selection. Problem noted by John Espiro.
New configuration file options:
- "CaptureUnknownErrors", replacing the FFR of the same name
- "DNSConnect", requesting the resolver use TCP mode
- "KeepAuthResults", suppressing required removal of
Authentication-Results header fields
- "ResolverTracing", adding detailed logging of libar activity
- "StrictHeaders", requesing libopendkim to assert header
field counts according to the standards
- "UnboundConfigFile", passing a configuration file name to
libunbound (suggested by Andreas Schulze)
- "VBR-PurgeFields", removing "X-VBR-*" fields after using them
Trim whitespace from the end of all values in a config file, not just
strings. Problem noted by Reuben Farrelly.
Assume a default location for opendkim.conf. Suggested by Andreas
Schulze.
Don't needlessly demand milter features, causing aborts when they're
not available. Problem noted by Todd Lyons.
Make odkim.get_clienthost(), odkim.get_clientip() and
odkim.get_fromdomain() available in the final script.
When "SyslogSuccess" is active, log the selector and domain used.
Suggested by Miha Vrhovnik.
LIBAR: Feature request #SF3115073: Add flag for fine-grained activity
logging for debugging purposes.
LIBAR: Add support for using poll() instead of socket().
LIBOPENDKIM: Feature request #SF3087029: Add DKIM_LIBFLAGS_STRICTHDRS.
LIBOPENDKIM: Feature request #SF3089990: Add dkim_sig_getsignedhdrs().
LIBOPENDKIM: Fix bug #SF3079094: Have dkim_diffheaders() take
canonicalization into account when generating its results
to avoid false positives.
LIBOPENDKIM: Fix bug #SF3184670: Add error codes for missing and empty
"v=" tags, thus avoiding a possible assertion failure when
DKIM_LIBFLAGS_BADSIGHANDLES is in use. Reported by J. Coloos.
LIBOPENDKIM: Fix up handling of multi-TXT DNS replies inside
dkim_get_policy_dns().
LIBOPENDKIM: Add dkim_getid().
LIBOPENDKIM: Treat no answers as an NXDOMAIN with respect to
retrieving ADSP records.
LIBOPENDKIM: When an unexpected DNS type or class is received,
log the received values.
LIBVBR: Feature request #SF3105477: Copy the generic DNS work from
libopendkim.
STATS: Feature request #SF3085536: Activate _FFR_STATS_I, providing
statistics reporting about use of "i=" in signatures.
STATS: Feature request #SF3125701: Add "s=" key value tracking.
STATS: Feature request #SF3137445: Track key sizes. Suggested by
Todd Lyons.
MILTERTEST: When asserting negotiation state, don't forget to capture
what was negotiated.
TOOLS: Feature request #SF3106876: Amend opendkim-testkey to return
the DNSSEC results as well.
TOOLS: Fix bug #SF3143922: Command line parameters to opendkim-testkey
now override their configuration file counterparts.
TOOLS: Experimental new "opendkim-spam" tool to let users update a
stats database to indicate a message is spam, for possible
later correlation use.
BUILD: opendkim-genzone needs LIBCRYPTO_LDFLAGS. Reported by
John Smith.
Activate _FFR_CAPTURE_UNKNOWN_ERRORS.
|
|
* dotlock_use_excl setting's default was accidentally "no" in all
v2.0.x releases, instead of "yes" as in v1.1 and v1.2. Changed it
back to "yes".
- v2.0.10: LDAP support was broken
- v2.0.10: dsyncing to remote often hanged (timed out in 15 mins)
Chamges 2.0.10:
* LMTP: For user+detail at domain deliveries, the +detail is again written
to Delivered-To: header.
* Skip auth penalty checks from IPs in login_trusted_networks.
+ Added import_environment setting.
+ Added submission_host setting to send mails via SMTP instead of
via sendmail binary.
+ Added doveadm acl get/set/delete commands for ACL manipulation,
similar to how IMAP ACL extension works.
+ Added doveadm acl debug command to help debug and fix problems
with why shared mailboxes aren't working as expected.
- IMAP: Fixed hangs with COMPRESS extension
- IMAP: Fixed a hang when trying to COPY to a nonexistent mailbox.
- IMAP: Fixed hang/crash with SEARCHRES + pipelining $.
- IMAP: Fixed assert-crash if IDLE+DONE is sent in same TCP packet.
- LMTP: Fixed sending multiple messages in a session.
- doveadm: Fixed giving parameters to mail commands.
- doveadm import: Settings weren't correctly used for the
import storage.
- dsync: Fixed somewhat random failures with saving messages to
remote dsync.
- v2.0.9: Config reload didn't notify running processes with
shutdown_clients=no, so they could have kept serving new clients
with old settings.
|
|
with new gtk2 reported by wiz
|
