| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
* doveadm: Added support for running mail commands by proxying to
another doveadm server.
* Added "doveadm proxy list" and "doveadm proxy kick" commands to
list/kick proxy connections (via a new "ipc" service).
* Added "doveadm director move" to assign user from one server to
another, killing any existing connections.
* Added "doveadm director ring status" command.
* userdb extra fields can now return name+=value to append to an
existing name, e.g. "mail_plugins+= quota".
* script-login attempted an unnecessary config lookup, which usually
failed with "Permission denied".
* lmtp: Fixed parsing quoted strings with spaces as local-part for
MAIL FROM and RCPT TO.
* imap: FETCH BODY[HEADER.FIELDS (..)] may have crashed or not
returned all data sometimes.
* ldap: Fixed random assert-crashing with with sasl_bind=yes.
* Fixes to handling mail chroots
* Fixed renaming mailboxes under different parent with FS layout when
using separate ALT, INDEX or CONTROL paths.
* zlib: Fixed reading concatenated .gz files.
|
|
|
|
From upstream.
Closes PR pkg/45291.
|
|
Changes since version 6.3.20:
- The IMAP client no longer inserts NUL bytes into the last line of a
message when it is not closed with a LF or CRLF sequence. Reported
by Antoine Levitt. As a side effect of the fix, and in order to
avoid a full rewrite, fetchmail will now CRLF-terminate the last
line fetched through IMAP, even if it is originally not terminated
by LF or CRLF. This bears no relevance if your messages end up in
mbox, but adds line termination for storages (like Maildir) that do
not require that the last line be LF- or CRLF-terminated.
|
|
|
|
|
|
|
|
Mail_Mime 1.8.2
Release date: 2011-08-10 09:56 UTC
Release state: stable
Changelog:
Bugs Fixed:
* #18426: Fixed backward compatibility for "dfilename" parameter [alec]
* Removed xmail.dtd, xmail.xsl from the package [alec]
* Fixed handling of email addresses with quoted local part [alec]
|
|
|
|
Release notes for 6.0:
Thunderbird is based on the new Mozilla Gecko 6 engine
Several theme improvements for Windows 7
Support for Windows 7 Jump lists
Several fixes when importing email from Microsoft Outlook
Default mail client check now works with newer Linux distributions
Various other user interface fixes and improvements
Numerous platform fixes that improve speed, performance, stability and security
Release notes for 5.0:
More responsive and faster to start up and use
Thunderbird is based on the new Mozilla Gecko 5 engine
New Add-ons Manager
Revised account creation wizard to improve email setup
New Troubleshooting Information page
Tabs can now be reordered and dragged to different windows
Attachment sizes now displayed along with attachments
Plugins can now be loaded in RSS feeds by default
There are several theme fixes for Windows Vista and Windows 7
Support for Mac 32/64 bit Universal builds (Thunderbird no longer supports PowerPC on Mac)
Over 390 platform fixes that improve speed, performance, stability and security
|
|
Bump version only.
|
|
Bump version only.
|
|
* Fixes XSS vulnerability
|
|
|
|
|
|
|
|
|
|
- Fix parsing bug: https://rt.cpan.org/Ticket/Display.html?id=66025
- Fix typo: https://rt.cpan.org/Ticket/Display.html?id=65387
- Fix unit tests on Perl 5.8.x: https://rt.cpan.org/Ticket/Display.html?id=66188
- Fix unit test failure on Win32: (https://rt.cpan.org/Ticket/Display.html?id=66286)
- Add build_requires 'Test::Deep'; to Makefile (rt.cpan.org #64659)
- Fix spelling errors (rt.cpan.org #64610)
- Fix double-decoding bug when decoding RFC-2231-encoded parameters
(rt.cpan.org #65162)
- Fix inappropriate inclusion of CR characters in parsed headers
(rt.cpan.org #65681)
- Document that MIME::WordDecoder is mostly deprecated.
- Document that MIME::Head->get(...) can include a trailing newline.
- Increase buffer size from 2kB to 8kB in MIME::Entity and MIME::Body
(part of rt.cpan.org #65162)
- (cleanup) IO-Stringy (specifically, IO::ScalarArray, IO::Lines, and
IO::InnerFile) is no longer used
- (ticket 22684) Fix deadlock in filter() when invoking external
programs such as gzip. (Alexey Tourbin <at -at- altlinux.ru>)
- Remove auto_install from Makefile.PL
- (ticket 60931) If preamble is empty, make sure it's still empty after roundtripping through MIME::Entity
- (ticket 63739) Properly decude RFC2231 encodings in attachment filenames
|
|
- respect errors on closing an Mail::Mailer::smtp/::smtps connection.
[Tristam Fenton-May]
- Mail::Internet should accept Net::SMTP::SSL as well.
rt.cpan.org#68590 [Jonathan Kamens]
Improvements:
- document that Mail::Mailer::smtps needs Authen::SASL
[Marcin WMP Janowski]
|
|
This is a minor release, primarily to support perl-5.12 and later.
Additionally several other minor bugs are fixed.
|
|
path and delays an e-mail message encounted.
|
|
|
|
|
|
Postfix stable release 2.8.4 is available. This contains fixes and
workarounds that were already included with the Postfix 2.9
experimental release. Where applicable these fixes will also be
made available for the legacy releases Postfix 2.5..2.7.
* Performance: a high load of DSN success notification requests
could slow down the queue manager. Solution: make the trace
client asynchronous, just like the bounce and defer clients.
* The local(8) delivery agent ignored table lookup errors in
mailbox_command_maps, mailbox_transport_maps, fallback_transport_maps
and (while bouncing mail to alias) alias owner lookup.
* Workaround: dbl.spamhaus.org rejects lookups with "No IP
queries" even if the name has an alphanumerical prefix. We
play safe, and skip both RHSBL and RHSWL queries for names
ending in a numerical suffix.
* The "sendmail -t" command reported "protocol error" instead
of "file too large", "no space left on device" etc.
* The Postfix Milter client reported a temporary error instead
of "file too large" in three cases.
* Linux kernel version 3 support. Linus Torvalds has reset the
counters for reasons not related to changes in code.
You can find the updated Postfix source code at the mirrors listed
at http://www.postfix.org/.
|
|
* In mimedefang.c, truncate overlong responses from the multiplexor. Also sanitize replies so "\r" doesn't get fed to smfi_setmlreply.
* If a slave process replies with a very long reply, have the multiplexor consume (and discard) the excess input so the multiplexor-to-slave protocol does not become de-synchronized.
* When mimedefang becomes a daemon, have it wait for a "go/no-go" message from the child before exiting. This should eliminate race conditions whereby the MTA starts before the milter socket is present.
* Avoid run-time errors from Unix::Syslog on some platforms.
|
|
MFSA 2011-24 Cookie isolation error
MFSA 2011-23 Multiple dangling pointer vulnerabilities
MFSA 2011-22 Integer overflow and arbitrary code execution in
Array.reduceRight()
MFSA 2011-21 Memory corruption due to multipart/x-mixed-replace images
MFSA 2011-20 Use-after-free vulnerability when viewing XUL document with
script disabled
MFSA 2011-19 Miscellaneous memory safety hazards (rv:3.0/1.9.2.18)
|
|
|
|
|
|
Version 1.4.22 - 12 July 2011
-----------------------------
- Backported default timezone fix from version 1.5.2; helps mitigate
timezone errors in environments where a default has not been set
by the administrator.
- Fixed system lock-ups caused by a combination of certain rare,
malformed message headers and buggy versions of PHP mbstring
(#3053349).
- Now allow multiple plugins to handle (add links for) a single
attachment MIME type.
- Now allow administrators to disable all plugins or enable just
a select few plugins (overriding the active plugins in the normal
configuration) by setting $temporary_plugins as an empty array
(all disabled) or an array with one or more plugin directory names
in config_local.php.
- Backport fix for call_user_func_array not supporting NULL as empty
array in PHP 5.3.3
- Fixed sqauth_read_password() for plugins on the login_verified hook.
- Added SMTP SASL PLAIN authentication option to configuration tool
(core support for such is not new).
- Gmail doens't support standard search commands; removed sort buttons.
- Forced addition of a file suffix to attachments that lack a filename
(helps forwarded messages avoid spam filters) (thanks to Petr
Kletecka) (#3139004).
- Fixed missing security token in listcommands plugin.
- Added smtp_auth hook (thanks to Emmanuel Dreyfus).
- Made speed enhancements to threaded message display (thanks to Siim
Poder) (#3288123).
- Allow administrators to configure subfolders of user INBOXes to be
treated as special folders by adding $subfolders_of_inbox_are_special
to config_local.php.
- Fixed incorrect display of INBOX subfolders under some configurations.
IMPORTANT: You may need to update your configuration so that
$default_sub_of_inbox is TRUE if it was FALSE (e.g., Courier IMAP users)
and after updating to this version, your special folders are no longer
listed at the top of your folder list. Also, if this change prevents
users from logging in with an error such as "ERROR: Could not complete
request. Query: CREATE "Trash" Reason Given: Invalid mailbox name.",
you will need to correct the user preference values for the problem
folders. You can do so with commands such as the following for file-
based preferences (adjust the data directory location as needed):
find /var/lib/squirrelmail/data/ -name *.pref -exec sed --in-place 's/trash_folder=Trash/trash_folder=INBOX.Trash/g' {} \;
find /var/lib/squirrelmail/data/ -name *.pref -exec sed --in-place 's/trash_folder=Drafts/trash_folder=INBOX.Drafts/g' {} \;
find /var/lib/squirrelmail/data/ -name *.pref -exec sed --in-place 's/trash_folder=Sent/trash_folder=INBOX.Sent/g' {} \;
Or, for database-based preferences:
UPDATE userprefs SET prefval = 'INBOX.Trash' WHERE prefkey = 'trash_folder' AND prefval = 'Trash';
UPDATE userprefs SET prefval = 'INBOX.Drafts' WHERE prefkey = 'draft_folder' AND prefval = 'Drafts';
UPDATE userprefs SET prefval = 'INBOX.Sent' WHERE prefkey = 'sent_folder' AND prefval = 'Sent';
MAKE SURE to back up your user preferences first!
- Optimized message highlighting rules; faster message list display
and faster highlight rules management (thanks to C. Bensend for
extensive effort helping diagnose)
- New Mail plugin no longer removes normal organization title when
putting the number of new messages in the browser title
- Added clickjacking protection (thanks to Asbjorn Thorsen and Geir
Hansen for bringing this to our attention). [CVE-2010-4554]
- Fixed XSS holes in generic options inputs, XSS hole in the SquirrelSpell
plugin, XSS hole in the Index Order page, and added anti-CSRF protection
to the empty trash feature and the Index Order page (thanks to Nicholas
Carlini for finding all these issues). [CVE-2010-4555]
- Fixed XSS problem with unsanitized style tags in messages. [CVE-2011-2023]
|
|
|
|
* bump PKGREVISION.
|
|
While here,
* Exactly enable/disable PCRE support with package option, enabled by default.
* Add workaround patches for PR#44275, sizeof(time_t) > sizeof(unsigned long).
Changes to the Cyrus IMAP Server since 2.4.9
* fixed handling of unparsable emails during append (which would
cause invalid cyrus.index records otherwise)
* quota: fix a pile of bugs. #1801, virtdomain support; #2728, slow
user delete; #3178, "file name too long" with big mailbox names;
#3179, quota -f doubles usage.
* Bug #3043 - parse multiple groups in headers correctly
* Bug #3158 - lmtp backend connection timeout
* Bug #3223 - limit MIME parsing depth to avoid stack overflows
* Bug #3273 - add SORT=DISPLAY support (but note: still questions
about correctness of unicode sorting)
* Bug #3504 - convert all sieve scripts to \r\n line endings on
upload
* Bug #3402 - options to munge 8bit characters in headers during lmtp
delivery to avoid backscatter
* sync_client: fix broken keepalive TCP options (I doubt anyone ever
tried to use it)
* Bug #3482 - add "-o" option to ipurge to only purge messages with
\Deleted flag set
|
|
and using an in this case undefined helper function.
|
|
|
|
|
|
|
|
|
|
Add PKG_DESTDIR_SUPPORT;
Add LICENSE
`$Cambridge: hermes/src/prayer/docs/DONE,v 1.66 2011/06/27 13:39:56 dpc22 Exp $
27/06/2010
==========
Release: Prayer 1.3.4
22/06/2011
==========
draft.c fixes:
Fold long lines of addresses before the entry which reaches 78 characters
when possible, rather than after the first entry which crosses that
boundary. Long standing bug bear of mine but several support functions
needed to be rewritten to use scratch string in place of output buffer.
Long subject lines which are not RFC1522 encoded need to be folded.
separately. Reported by Andrey N. Oktyabrski <ano@bestmx.ru>.
RFC1522 is not allowed to fold lines in the middle of a UTF-8 multibyte
character. Reported by Andrey N. Oktyabrski <ano@bestmx.ru>.
Tidy library:
Add support for tidyp fork of (apparently abandoned) tidy library.
Fix cross site scripting problem:
MSIE and Chrome think that <!---> is a complete comment. Allows people to
hide scripts inside <!---><script>...<!--->. Strip all comments (which is
something that the old sanitiser had been doing already)
Sieve blocks should check "From: " address in body as well as
envelope sender address. Check "Sender: " as well for completeness.
Linux needs IPPROTO_IPV6 to bind to '0.0.0.0' and '::'
01/11/2010
==========
Mike Brudenell <mike.brudenell@york.ac.uk> reported problem with RFC
2183/RFC 2231 quoting with vey long filenames, or filenames with strange
characters from ASCII range.
20/07/2010
==========
Release: Prayer 1.3.3
08/07/2010
==========
Better handling of complex multipart messages:
Rather than just displaying the first text/plain or text/html that we can
find in the top, (leaving people to access sections for the other parts),
display the entire tree: multipart/alternative are handled as before, but
with other multipart messages, recurse into the subtrees and repeat. Given:
1 (Nested multipart)
1.1 text/html
1.2 text/plain
2 text/plain
we display sections 1.1 and 2. Previously we would display section 2,
which is a bit of a disaster if section (1) was the original message and
a listserver has helpfully tagged on a message footer as a separate bodypart
Combine os_*.c back into a single file (which is where I started off
many years back). Eliminates lots of repeated code.
07/07/2010
==========
Bugs
====
os_bind_inet_socket(unsigned long port, char *interface)
If interface resolves to multiple IP addresses then only binds to the
first. Should really walk along ai->ai_next and bind to each IP address
in turn. Unfortuanetly this means that os_bind_inet_socket() needs to
return an array of sockfds rather than a single int. Parent routines
probably aren't going to play ball either.
Most likely cause will be a hostname which generates both IPv4 and IPv6
addresses. Unfortanately it is a probably that we are going to have
to solve eventually.
05/07/2010
==========
Fix XSS problems reported by:
Jacob H. Hilton <jhh40@cam.ac.uk>
Dr Andrew C Aitchison <A.C.Aitchison@dpmms.cam.ac.uk>
Rather than trying to spot dangerous tags by simple substring matching in C,
I now feed the html through Tidy library (http://tidy.sourceforge.net/),
and then prune unwanted nodes from the parse tree before setting it to
the pretty printer. The only problem is that the Tidy library doesn't
provide any public API for manipulating the parse tree (although it does
provide a public API for walking the tree!?), so I had to dig around to
find the private functions required to remove and manipulate nodes.
Javascript embedded into CSS is also a problem: I need to strip off CSS
character entities before looking for dangerous expressions. The final
part is still a simple string match: I hope that I don't end up having to
generate parse trees for CSS as well as the HTML.
Now passes full test suite at:
https://secure.grepular.com/email_privacy_tester/
Better vacation screen
Subject line
Phrasing
Coping with multiple logins as single user from single browser:
SessionID stored in HTTP Cookie: second login blats first
Can store SessionID in URL (Prayer does this if no cookies available)
Not secure: leaks in HTTP "Referrer" header with links from HTML email.
Solution: Use HTTP Cookie keyed by PID of login session.
Smaller cleanups:
Improve gap between words in spell check (Cambridge house style)
Remove extra blank lines after postpone, restore cycle.
|
|
gnutls.
PKGREVISION++
|
|
while here, expunge old sites from MASTER_SITES, and add the http site in
release announcement.
Changes to the Cyrus IMAP Server since 2.4.8
* fixed crashes in seen handling
* Bug #3453 - fixed LSUB replication
* Bug #3442 - allow disabling PCRE if it's buggy at your site
* Bug #3443 - LSUB response fixes
* Bug #3448 - XFER error handling (murder)
* Bug #3437 - fixed regression: quotaroot wasn't being updated on
rename
* Bug #3456 - fixed crash on rename user.foo user.foo without
partition change
* config update: database paths for most databases are now
configurable in imapd.conf
* Bug #3303 - fixed index lock breaking on XFER (thanks Julien
Coloos)
* Bug #3457 - fixed ESEARCH parsing (was breaking iPhones)
* Bug #3188 - fixed XFER with unlimited quota (thanks again Julien
Coloos)
* Misc other quota fixes (there are still known bugs with the quota
system)
* Bug #3169 - fixed GETQUOTAROOT for domain quotaroots
* Bug #3465 - fixed compilation with Perl 5.14 (thanks
hsk@imb-jena.de, and also thanks to Ondrej Sury who reported it
separately)
* Bug #3464 - fix for sendmail exec failure. This was a nasty one,
|
|
Patch was provided by PR pkg/45088 from ISIHARA Takanori.
Changes of Sylpheed
* 3.1.1 (stable)
* The column width of the address book will be saved now.
* The keyboard shortcut of 'File/Send' menu of compose window was changed
to prevent accidental sending.
* The bug that caused occasional crash when summary was updated while
receiving messages was fixed.
* The compilation problem on some environment was fixed.
* Some locale problems on Mac OS X was fixed.
* The compilation error on newer gcc was fixed.
* Finnish translation was added.
|
|
|
|
|
|
Based on PR#44939 by Susumu Miwa.
Modified by Makoto Fujiwawa and me in pkgsrc-wip.
Quickml server provides very-easy-to-use mailing list service.
It was too open in this age, some limitation is provided in
this package. The original code is written by Satoru Takabayashi.
|
|
These are update of the version only.
|
|
|
|
|
|
|
|
supported by "pkgsrc" provide PAM support out of the box.
Change approved by Geert Hendrickx.
|
|
== [release-1-8-0] 1.8.0: 2011-06-10
The first release of stable 1.8.x series.
=== All
==== Improvements
* Removed unused variables.
=== Package
==== Improvements
* [debian] Removed Debian GNU/Linux lenny support.
* [debian] Added Debian GNU/Linux wheezy support.
* [ubuntu] Removed Ubuntu Hardy Heron support.
* [ubuntu] Removed Ubuntu Maverick Meerkat support.
* [ubuntu] Added Ubuntu Natty Narwhal support.
* [redhat] Specified PID file in init file explicitly.
* [freebsd] Supported /etc/rc.conf.local.
[Patch by moto kawasaki]
==== Fixes
* [debian] Added missing milter.rb.
[Reported by Mitsuru Ogino]
=== milter manager
==== Improvements
* [trust applicable condition] Normalized domain name.
* Added ((<trust.clear|configuration.rd#trust.clear>))
configuration item.
* Added
((<trust.load_envelope_from_domains|configuration.rd#trust.load_envelope_from_domains>))
configuration item.
* [trust applicable condition] Added ezweb.ne.jp and
docomo.ne.jp to built-in trusted domain list.
* Used fallback status on negotiate.
* Added
((<manager.chunk_size|configuration.rd.ja#manager.chunk_size>))
configuration item.
==== Fixes
* Fixed a bug that child milter process launcher isn't
exited.
[Reported by OBATA Akio]
* Fixed a bug that child milters that return reject,
temporary failure or discard aren't used in the same
session.
=== milter-core
==== Improvements
* Added trace log level that is more verbose than debug
log level.
* Supported +/- log level prefix to add/remove log level
from the current log levels in MILTER_LOG_LEVEL
environment environment.
==== Fixes
* Fixed a read block bug when readable data is available.
=== Ruby milter
==== Improvements
* [configuration] Used 'accept' as default value for
fallback status.
=== milter-performance-check
==== Improvements
* Supported CentOS 5.
=== Document
==== Fixes
* Used Milter::VERSION instead of Milter::TOOLKIT_VERSION
for confirming Ruby milter's version.
[Reported by Mitsuru Ogino]
|
