| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Bump PKGREVISION.
|
|
* deliver: If Return-Path doesn't contain user and domain, don't try
to bounce the mail (this is how it was supposed to work earlier too)
* deliver: %variables in mail setting coming from userdb aren't
expanded anymore (again how it should have worked). The expansion
could have caused problems if paths contained any '%' characters.
+ Print Dovecot version number with dovecot -n and -a
+ deliver: Added -e parameter to write rejection error to stderr and
exit with EX_NOPERM instead of sending the rejection by executing
sendmail.
+ dovecot --log-error logs now a warning, an error and a fatal
- Trying to start Dovecot while it's already running doesn't anymore
wipe out login_dir and break the running Dovecot.
- maildir: Fixed "UID larger than next_uid" errors which happened
sometimes when dovecot-uidlist file didn't exist but index files did
(usually because mailbox didn't have any messages when it was
selected for the first time)
- maildir: We violated maildir spec a bit by not having keyword
characters sorted in the filename.
- maildir: If we don't have write access to cur/ directory, treat the
mailbox as read-only. This fixes some internal error problems with
trying to use read-only maildirs.
- maildir: Deleting a symlinked maildir failed with internal error.
- mbox: pop3_uidl_format=%m wasn't working right
- mbox: If non-filesystem quota was enabled, we could have failed
with "Unexpectedly lost From-line" errors while saving new messages
- mysql auth: %c didn't work. Patch by Andrey Panin
- APPEND / SEARCH: If internaldate was outside valid value for time_t,
we returned BAD error for APPEND and SEARCH never matched. With 64bit
systems this shouldn't have happened. With 32bit systems the valid
range is usually for years 1902..2037.
- COPY: We sent "Hang in there.." too early sometimes and checked it
too often (didn't break anything, but was slower than needed).
- deliver: Postfix's sendmail binary wasn't working with mail_debug=yes
- Don't corrupt ssl-parameters.dat files when running multiple Dovecot
instances.
- Cache compression caused dovecot.index.cache to be completely deleted
with big endian CPUs if 64bit file offsets were used (default)
- Fixed "(index_mail_parse_header): assertion failed" crash
|
|
Pkgsrc changes:
- Removed requirement for p5-Mail-ListDetector, Mail::Audit::List is no
longer part of this module. p5-Mail-Audit is a leaf package in pkgsrc,
so this has no further impact.
- New requirements are p5-File-HomeDir and p5-File-Tempdir.
- No compiler needed.
- Security fixes in patch-aa and patch-ab are finally integrated with
v2.219.
Changes since version 2.1:
==========================
2.219 2007-06-14
For security reasons, the log is now ~/mail-audit.log, not
/tmp/username-audit.log
fix bug: logging wasn't working when processing mime messages
add optional "reason" argument to ignore method
_log method renamed to log and documented
2.218 2007-03-06
remove List, Razor, and PGP plugins to their own dists
this is the first step in paring down Mail::Audit
2.217 2007-03-05
make the test skipped in 2.216 pass reliable (thanks to HDP for idea)
2.216 2007-02-26
skip a test that doesn't pass reliably
2.215 2007-02-19
subclass File::Tempdir to avoid cleaning up in forked child
2.214 2007-02-15
refactor internals of emergency and default destinations
2.213 2007-02-15
add a no_log option
2.212 2006-10-31
try to avoid letting temp dirs linger too long
2.211 2006-09-19
fix Mail::Audit::List breakage; it needs tests!; rt #20934
2.210 2006-09-19
use File::HomeDir to reduce unix-o-centrism
2.203 2006-07-21
update PEP information
2.202 2006-07-21
test fix: don't rely on default mbox not existing; force it to fail
prune list of sysexits.h-like error code constants
2.201 2006-07-16
use File::Temp a few places where it's indicated
add a munge_name arg to Mail::Audit::List
pipe now returns the exit status of the pipe
fix directory permissions
fixed bugs in proc2ma (ticket 2982, thanks MARKSTOS)
2.200_05 2006-06-04
more testing
more tweaking
more frustration
2.200_04 2006-06-04
log now uses on-object filehandles, rather than globals
delivery to msgprefix completely removed, as it was never implemented
exit behavior somewhat encapsulated for testability
PGP plugin now replaces, rather than adds, content type headers
more tests
2.200_03 2006-06-01
our first meaningful tests!
also some POD tests
POD cleaned up
many undocumented modules given a _-prefix
removed undocumented, bizarre inreplyto_and_references method
2.200_02 2006-05-30
various code cleanup, including perltidy
extra options, previously an optional hashref passed as first arg,
should now be passed as the last arg; factored out and deprecation
warning added; they were mostly undocumented
moved to Module::Install
2.200_01 2006-05-24
maintenance assumed by RJBS
changes inherited from Meng Wong
|
|
Fix build problem with db4 following a hint by obache@
04/09/2006
==========
Release: Prayer 1.0.18
Important Security fix:
os_connect_unix() had a strcpy() which should have been strncpy() to
prevent buffer overrun. Prayer 1.0.17 was mostly safe.
By 28/06/2006
=============
Release: Prayer 1.0.17
Fix small foulup wuth gethostbyname() calculations when binding Prayer
to specific interfaces.
Cleanups to stop char vs unsigned char warnings with latest c-client.
Make sure that all internal draft messages consistently use CRLF.
Security audit for Prayer frontend following attack:
Optional Chroot environment (See chroot options in config file).
Stripped out debugging code.
04/11/2005
==========
Fix small foulups with abook_lookup:
Couldn't add last address to existing draft.
Block LDAP metacharacters from search.
By 13/06/2005
=============
Release: Prayer 1.0.16
Fix silly bug when replying to multipart messages where the main message
and the text/plain subpart have different encoding (missing mail_body
call).
Add a limit_vm backstop to stop single runaway process from taking
over the system.
By 10/06/2005
=============
Release: Prayer 1.0.15 (1.0.13 and 14 internal releases only).
list screen doesn't set "current" message to middle of range. Means that
switching between various sort modes works more consistently.
Go fishing for text/plain or failing that text/html bodypart within top
level of multipart/mixed or multipart/alternate message when replying to a
message. Behaviour should now be consistent with cmd_forward and
cmd_display.
Include LDAP and local finger database lookups (latter for Cambridge use only)
Addressbook screen:
Addressbook sort (can be set on Manage => Preferences => Display)
Addressbook bulk removal
Import and Export CSV (Outlook) format address screen
Spellcheck:
Support native aspell as well as ispell, aspell in ispell compatibility mode.
Means that Quoted text is not checked if the following is set:
Manage => Preferences => Extra Compose =>
Skip quoted text on spell check
By 09/08/2005
=============
Spam whitelist
Test the Referer header on login. Two independant prayer.cf options:
referer_block_invalid and referer_log_invalid
Test the Referer: header before performing a /redirect/ action in
order to protect against URL redirector abuse
Doesn't work with "Save Target As". Remove entirely
Confirm on expunge.
Cleanup up account_message error reporting so consistent.
Fix format=flowed quoting problems.
Fix memory leak in mailbox download (2 x size of mail folder) until
next transfer or idle shutdown.
25/01/2005
==========
line_wrap_on_send preference not used by draft_init().
Fixed problems with multipart/alternate display and forwarding
|
|
For some reason, the script creates the pid file itself, instead
of using '-p' option to freshclamd. sig_stop=KILL seems unnecessary,
too.
Bump PKGREVISION.
|
|
use the same UUCP_{USER,GROUP} variables as net/uucp.
|
|
|
|
|
|
|
|
in SPECIAL_PERMS usage.
* Consistently use 4555 for setuid and 2555 for setgid programs.
|
|
|
|
setting and instead just chmod the qmqtool script to 0700 at install
time.
|
|
to define how long clamsmtpd should wait for clamd.
PKGREVISION++
|
|
(2.0.0.1-2.0.0.3 skipped to keep the version on par with Firefox?)
Security fixes in this version:
MFSA 2007-15 Security Vulnerability in APOP Authentication
MFSA 2007-12 Crashes with evidence of memory corruption
For more info, see http://www.mozilla.com/en-US/thunderbird/2.0.0.4/releasenotes/
|
|
|
|
|
|
Pkgsrc changes:
- Added some comments to patch files.
- Adapting patch-aq to changes in the README file.
- Added forgotten direct requirement for p5-Compress-Zlib.
- Since 3.2.0 at least version 3.43 of p5-HTML-Parser is needed.
- Installation to DESTDIR is possible as root.
- Substituted correct paths in spamc.pod (source file for spamc.1).
- Added VARBASE to BUILD_DEFS to silence pkglint warnings.
Changes since version 3.2.0:
============================
3.2.1 is a major bug-fix release, including a potential local DoS. The
major highlights are:
- bug 5480: fix for CVE-2007-2873: a local user symlink-attack DoS
vulnerability. It only affects systems where spamd is run as root, is used
with vpopmail or virtual users via the "-v"/"--vpopmail" OR
"--virtual-config-dir" switch, AND with the "-x"/"--no-user-config AND
WITHOUT the "-u"/"--username" switch AND with the "-l"/"--allow-tell" switch.
This is not default on any distro package, and is not a common configuration.
More details of the vulnerability can be read at
<http://spamassassin.apache.org/advisories/cve-2007-2873.txt>.
- bug 5488: zero some rules causing false positives: FH_HOST_EQ_D_D_D_DB and
FH_HOST_EQ_D_D_D_D.
- bug 5257: re-raise autolearn ham threshold to 1.0; the lower value
used in 3.2.0 was creating problems.
- bug 5422: in spamd, deleting hash entries from the SIGCHLD signal handler is
unsafe, causes corruption of the data structure, and results in 'prefork:
ordered child N to accept, but they reported state '1', killing rogue'
errors. fix.
- bug 5102: tighten up regexp for FORGED_HOTMAIL_RCVD to avoid some FPs.
- bug 5457: spamc build and test should handle not having zlib available.
- bug 5379: spamd could crash at startup if its preloading temporary directory
already exists. fix.
- bug 4616: spamc config can cause command line options to be ignored. fix.
- bug 5485: zero score DK/DKIM_POLICY_SIGNSOME rules since they'll always fire
due to defaults (unless there's an explicit SIGNALL policy).
- bug 5492: VBounce rule was looking in header instead of body for whitelisted
relays. fix.
- bug 5487: prevent multiple "urirhssub"s using the same zone from overwriting
each other.
- bug 5432 - Change default in Win32 build to not build spamc.
- bug 5446: add --updatedir option to sa-compile and remove inaccurate re2c
required version info from pod.
- bug 5436: add omitted "ifplugin" statements to the configuration, which would
otherwise cause lint errors if the default plugins were disabled.
- bug 5477: prevent Rule2XSBody info message from appearing on stderr during
spamd startup.
|
|
Pkgsrc changes:
none
Changes since version 0.25:
===========================
Version 0.26 - released 2007-05-24
* recognize and generate v=1 signatures (DKIM is now RFC 4871)
|
|
Changelog:
Version 0.20 20 March 2007
* Cache uncompressed mbox data (Chris Mason, further work by me)
* Fix gaps in date ranges for search
* Unlock database if mairix is interrupted (Paul Fox)
* Add fast index option (-F)
* Fix conditional compilation errors for compressed mbox
* Reimplement MIME header parsing
* Add capability to search on names of attachments
* Add capability to search on state of message flags
* Create maildir-format mfolder filenames correctly with regard to flags
* Various bug fixes (Oliver Braun, Matthias Teege)
Version 0.19 15 July 2006
* mairix.spec fixes (André Costa)
* bug fix: freeing of message structures (Karsten Petersen)
* Add new -x (--excerpt-output) option, an alternative mode for searching. This displays the key headers from the matching messages on stdout.
* Add notes about the mairix-users mailing list and the SourceForge page to README.
* Fix configuration + compilation to allow building with gzip support but without bzlib support.
* Rename internal functions like zopen() to avoid name conflicts on MacOS X. (Vincent Lefevre)
* Remove a spurious ; in bison input file (Vincent Lefevre)
* Improve output given in various error conditions (based on patch by Karsten Petersen)
Version 0.18 10 March 2006
* Support bzip2'd mbox folders
* Fix bugs in parsing mbox folders containing unquoted 'From ' lines inside MIME body parts
* Fix bug in parsing content-type data containing quotes with whitespace before
* Clone the message flags (when both the source folder and mfolder are both of maildir type)
* New manpages mairix.1 and mairixrc.5 are included, and the old texinfo-based documentation is deprecated into the old_docs/ directory.
* Upgrade scanners to new version of dfasyn
* Support Mew's MH folder subtype
Version 0.17.1 16 December 2005
* Fix detection of MH folder subtype used by nnml (Gnus)
* Fix filename format generated in the /cur/ directory for maildir mfolders.
* Syntax fix in configure script
Version 0.17 14 November 2005
* Support gzipped mbox folders (any file matched by a mbox= line in the config file is considered as a gzipped mbox if its name ends in .gz)
* Rework directory traversal for the '...' construct to speed up indexing and the check that mfolder isn't going to overwrite a real folder when searching.
* Check whether database exists before attempting to do searching.
* Matched new maildir messages go in /new/ subdirectory of maildir mfolder.
* Fix lots of compiler warnings generated by gcc4.x
* Don't create and immediately scrub database entries for empty mbox folders.
* Fix usage() info for bare word in searching
* Allow '.' on the ends of numeric filenames in MH folders (to work with Evolution)
* Update .PHONY target so that 'make install' etc are more reliable.
* Add --version switch
* Fix bug with size argument passed to memset
* Add X-source-folder header to indicate the original folder of a match found in an mbox.
|
|
Add DESTDIR support. Bump revision.
|
|
|
|
Version 1.3 - 13 February 2007
------------------------------
- Perl Compatible Regular Expression (PCRE) support.
- Compile against Lua 5.1 by default.
- Bug fix; program fault in some cases and when namespace prefix was empty
- Bug fix; program fault on some platforms when running in verbose mode
|
|
This release is largely a bug-fix release, but it does contain a couple of
small new features (next-unread-mailbox, $message_cache_clean).
The "change_folder_next" patches are gone, since a similar feature was added,
and it is now possible to use
bind index , next-unread-mailbox
to use , to cycle mailboxes with new mail
|
|
|
|
Noted by OBATA Akio.
|
|
|
|
Fixed smtp_filter() to accept parameters to AUTH PLAIN when the MUA sends the
authentication information with the command instead of waiting for another
prompt.
Changed find_address() to strip BATV tags from addresses so whitelist/
blacklist matching can still take place. Reported by Walter Russo.
Added utils/passwordcheck to help troubleshoot SMTP AUTH problems.
Added more logging to exec_checkpassword() to aid troubleshooting.
|
|
pkgsrc changes: set INSTALLATION_DIRS.
2007-01-30 Dave McMurtrie <davemcmurtrie@gmail.com>
* Version 1.2.5 released.
2007-01-30 Dave McMurtrie <davemcmurtrie@gmail.com>
* common.h: Updated version string to 1.2.5.
2006-10-03 Dave McMurtrie <davemcmurtrie@gmail.com>
* common.h: Updated version string to 1.2.5rc2.
* main.c: Patch by Matt Selsky to log ssl peer verify at Debug
level instead of err level.
* Makefile.in: Patch by Matt Selsky to set the permissions on
the configuration files to 755 instead of 644.
2006-08-15 Dave McMurtrie <davemcmurtrie@gmail.com>
* imapcommon.c: No longer exit() from IMAP_Line_Read() on
failed sanity check.
2006-02-16 Dave McMurtrie <davemcmurtrie@gmail.com>
* pimpstat.c: Patch by Matt Selsky to fix spelling error.
* main.c: Fixed string format bug (Debian DSA 852-1) found by
Steve Kemp. Added version string to startup log message.
* common.h: Patch by Matt Selsky to add a version string.
* request.c: Patch by Matt Selsky to add cmd_version function.
* README: Patch by Matt Selsky to add info about p_version command.
Updated the imapproxy-info mailing list URL.
|
|
which use it. This fixes the build of courier-maildir (which includes
courier-mta/Makefile.common) since -r1.60 of mk/bsd.options.mk.
|
|
-make updatefile honour symlinks, so users can alias one server's oldmail
state file to another (for split-horizon DNS and other strange
configurations). Thanks: Scott Hepler.
|
|
|
|
just explain a little better how RoundCube is setup in pkgsrc.
* While were here update to 20070528
2007/05/28 (thomasb)
---------
- Fixed buggy imap_root settings (closes 1484379)
- Prevent default events on subject links (1484399)
- Typo in rcube_smtp.inc
2007/05/23 (estadtherr)
----------
- Upgrade to TinyMCE v2.1.1.1
2007/05/18 (thomasb)
----------
- Use HTTP-POST requests for actions that change state
2007/05/17 (thomasb)
----------
- Updated Catalan, Russian, Portuguese, Slovak and Chinese translations
- Renamed localization folder for Chinese (Big5)
- Chanegd Slovenian language code from 'si' to 'sl'
- Added Sinhala (Sri-Lanka) localization
- Use global filters and bind username/ for Ldap searches (1484159)
- Hide quota display if imap server does not support it
- Hide address groups if no LDAP servers configured
- Add link to message subjects (closes 1484257)
- Better SQL query for contact listing/search (closes 1484369)
2007/05/13 (thomasb)
----------
- Updated Norwegian (bokmal), Czech, Danish and Portuguese (standard) translation
- Fixed marking as read in preview pane (closes 1484364)
- CSS hack to display attachments correctly in IE6
- Wrap message body text (closes 1484148)
|
|
|
|
acts as a gateway to a variety of webmail services.
One possible use of this package, which I've tested, is in migrating
from Hotmail (which provides neither mail forwarding nor POP access
to the mailstore) to Gmail (which can act as a POP client).
|
|
affected packages.
|
|
* Changed calls to tolower() and isalnum() to eliminate warnings
from gcc 3.3.3 on NetBSD 3.1. Thanks to David Frese for reporting
this one.
* Fixed a very small typo in the new mask/flag system that was
preventing spamdyke from advertising SMTP AUTH on unpatched
qmail servers -- FILTER_FLAG_AUTH_ADD had the same value as
FILTER_FLAG_AUTH_NONE. Oops. Thanks to Renato Franzin for
reporting this one.
* Fixed an oversight in the use of gethostbyname() to perform DNS
lookups for A records. If the server is configured to search
a domain for matching names ("search" in /etc/resolv.conf) and
the domain has a wildcard DNS entry, the DNS RBL code was always
matching because an A record was always found. Adding a dot
to the end of the queried name prevents the domain searching
and returns correct results. Thanks to "Paolo", Alexander
Fordyce and Jens Mickerts for reporting and helping me troubleshoot
this one.
|
|
PKGREVISION++
|
|
version 1.77: Fri May 11 14:16:01 CEST 2007
- fixed syntax error in qmail.pm, patch by [Alexey Tourbin]
also reported by [Volker Paulsen]
- die if qmail's exec fails.
- require Data::Format
- corrected header field folding according to rfc2822, which
may break some ancient (poor) applications.
Patch by [Christopher Madsen]
|
|
1.2.3
* Fix: queue display transpose bug
1.2.2
* Fix: added deletion routines to handle files in bounce subdirectory
* Fix: added whitespace remove line for pidof output reported by
Charlies (cng-oz)
1.2.1
* Corrected an error in the README, and one in the HISTORY
|
|
20070425
Bugfix: don't falsely report "lost connection from
localhost[127.0.0.1]" when Postfix is being portscanned.
Files: smtpd/smtpd_peer.c, qmqpd/qmqpd_peer.c.
20070430
Robustness: recommend a "0" process limit for policy servers
to avoid "connection refused" problems when the smtpd
process limit exceeds the default process limit. File:
proto/SMTPD_POLICY_README.html.
20070501
Safety: when IPv6 (or IPv4) is turned off, don't treat an
IPv6 (or IPv4) connection from e.g. inetd as if it comes
from localhost[127.0.0.1]. Files: smtpd/smtpd_peer.c,
qmqpd/qmqpd_peer.c.
20070508
Bugfix: Content-Transfer-Encoding: attribute values are
case insensitive. File: src/cleanup/cleanup_message.c.
20070514
Bugfix: mailbox_transport(_maps) and fallback_transport(_maps)
were broken when used with the error(8) or discard(8)
transports. Cause: insufficient documentation. Files:
error/error.c, discard/discard.c.
20070520
Bugfix (problem introduced Postfix 2.3): when DSN support
was introduced it broke "agressive" recipient duplicate
elimination with "enable_original_recipient = no". File:
cleanup/cleanup_out_recipient.c.
20070529
Bugfix (introduced Postfix 2.3): the sendmail/postdrop
commands would hang when trying to submit a message larger
than the per-message size limit. File: postdrop/postdrop.c.
20070530
Sabotage the saboteur who insists on breaking Postfix by
adding gethostbyname() calls that cause maildir delivery
to fail when the machine name is not found in /etc/hosts,
or that cause Postfix processes to hang when the network
is down.
20070531
Portability: Victor helpfully pointed out that change
20070425 broke on non-IPv6 systems. Files: smtpd/smtpd_peer.c,
qmqpd/qmqpd_peer.c.
|
|
stay
on par with Firefox?).
Security fixes in this version:
MFSA 2007-15 Security Vulnerability in APOP Authentication
MFSA 2007-12 Crashes with evidence of memory corruption
For more info, see http://www.mozilla.com/en-US/thunderbird/releases/1.5.0.12.html
|
|
|
|
Lots of bug fixes since 0.90.2. For details, see ChangeLog.
|
|
Lots of changes, see the HISTORY file for details.
|
|
|
|
* Make sure clamd is really running before starting clamsmtpd (pkg/36292)
|
|
Added support for STARTTLS, similar to the way SMTP AUTH is implemented -- if
a server certificate is available, spamdyke takes care of the TLS. If not
but qmail supports TLS, spamdyke passes it through.
Changed the read() and write() calls to the network to use macros named
NETWORK_READ() and NETWORK_WRITE() that are replaced by TLS routines when
TLS support has been compiled in.
Changed the smtp_filter() return codes to use a mask/flag system because the
possible permutations of PASS/INTERCEPT/QUIT with ADD/REMOVE/CAPTURE AUTH
and ADD/REMOVE/CAPTURE TLS and CHILD QUIT/CONTINUE were getting too complex.
Fixed search_file() to match a file entry where the search text matches the
entry completely but the entry has wildcard markers at the start and/or end.
Added TLS support to tests/sendrecv so TLS can be tested from scripts.
Fixed numerous small bugs in tests/sendrecv that were causing inaccurate test
results (false positives and false negatives).
Updated all of the test scripts to make renumbering them easier.
Added a new test script to exercise a small whitelist wildcard bug I found.
Added 10 new test scripts to exercise the new TLS features.
Changed process_command_line() and usage() to print a brief usage message if
no parameters are given.
Changed process_command_line() and usage() to print a brief error message if
a bad parameter is given.
Changed process_command_line() and usage() to print the full usage message if
-h or --help is given.
Changed process_command_line() and usage() to print the version header if -v
or --version is given.
Renamed test_smtpauth_crammd5, test_smtpauth_login and test_smtpauth_plain to
smtpauth_crammd5, smtpauth_login and smtpauth_plain, respectively.
Moved smtpauth_crammd5, smtpauth_login and smtpauth_plain from the utils
folder to tests/smtpauth, since they're only used by the test scripts
anyway.
Added alternate command line options for people who spell "gray" with an "e".
They do the same thing.
Updated the documentation.
|
|
of them apply together cleanly (and thus no PKGREVISION bump). Idea
from wiz.
|
|
Bump PKGREVISION
Use signed arithmetic in mutt_gecos_name to avoid an overflow.
From http://dev.mutt.org/hg/mutt/rev/47d08903b79b
And trac: http://dev.mutt.org/trac/ticket/2885
|
|
security vulnerabilities reported in CVE-2007-1558 and CVE-2007-2683.
|
