| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: fetchmailconf | Distribution: openSUSE 11.4 |
| Version: 6.3.19 | Vendor: openSUSE |
| Release: 2.1 | Build date: Fri Feb 18 22:13:55 2011 |
| Group: Productivity/Networking/Email/Utilities | Build host: build21 |
| Size: 228397 | Source RPM: fetchmail-6.3.19-2.1.src.rpm |
| Packager: http://bugs.opensuse.org | |
| Url: http://fetchmail.berlios.de/ | |
| Summary: Fetchmail Configuration Utility | |
A GUI configuration utility for generating fetchmail configuration
files (.fetchmailrc).
Authors:
--------
Eric S. Raymond <esr@snark.thyrsus.com>
Matthias Andree <matthias.andree@gmx.de>
Carl E. Harris <ceharris@mal.com>
George M. Sipe <gsipe@pobox.com>
Sunil Shetye <shetye@bombay.retortsoft.com>
GPLv2+
* Mon Dec 13 2010 puzel@novell.com
- update to fetchmail-6.3.19
- bugfix release
* When specifying multiple local multidrop lists, do not lose
wildcard flag. (Affects "user foo is bar baz * is joe here")
* In multidrop configurations, an asterisk can now appear
anywhere in the list of local users, not just at the end.
* In multidrop mode, header parsing is now more verbose in -vv
mode, so that it becomes possible to see which header is used.
* Make --antispam work from command line (these used to work in
rcfiles).
* Smoke test XHTML 1.1 validation, and if it fails, skip
validating HTML documents. Skip validating
Mailbox-Names-UTF7.html. Several systems have broken XHTML 1.1
DTD installations that jeopardize the build.
* Send a NOOP only after a failed STARTTLS in IMAP.
* GSSAPI verbose/debug syslog to INFO severity. Do STARTTLS/STLS
negotiation in IMAP/POP3 if it is mandatory even if the server
capabilities do not show support for upgradation to TLS. To
use this, configure --sslproto tls1.
* IMAP: Understand empty strings as FETCH response, seen on
Yahoo. Note that fetchmail continues to expect literals as
FETCH response for now.
* Mon Oct 11 2010 puzel@novell.com
- update to fetchmail-6.3.18
[#] SECURITY IMPROVEMENTS TO DEFANG X.509 CERTIFICATE ABUSE
* Fetchmail now only accepts wildcard certificate common names
and subject alternative names if they start with "*.". Previous
versions would accept wildcards even if no period followed
immediately.
* Fetchmail now disallows wildcards in certificates to match
domain literals (such as 10.9.8.7), or wildcards in domain
literals ("*.168.23.23"). The test is overly picky and
triggers if the pattern (after skipping the initial wildcard
"*") or domain consists solely of digits and dots, and thus
matches more than needed.
* Fetchmail now disallows wildcarding top-level domains.
[#] CRITICAL BUG FIXES AND REGRESSION FIXES
* Fetchmail 6.3.15, 6.3.16, and 6.3.17 would pick up libmd5 to
obtain MD5* functions, as an effect of an undocumented Solaris
MD5 fix. This caused all MD5-related functions to malfunction
if, for instance, libmd5.so was installed on other operating
systems as part of libwww on machines where long isn't
32-bits, i. e. usually on 64-bit computers.
* Fetchmail 6.3.17 warned about insecure SSL/TLS connections
even if a matching --sslfingerprint was specified. This is an
omission from an SSL usability change made in 6.3.17.
* Fetchmail will now apply timeouts to the authentication stage.
This stage encompasses STARTTLS/STLS negotiation in IMAP/POP3.
Reported missing by Thomas Jarosch.
* Fetchmail now cancels GSSAPI authentication properly when
encountering GSS errors, such as no or unsuitable credentials.
It now sends an asterisk on a line by its own, as required in
SASL. This fixes protocol synchronization issues that cause
Authentication failures, often observed with kerberized MS
Exchange servers.
* Other fixes.
* Tue Aug 17 2010 puzel@novell.com
- update to fetchmail-6.3.17
[#] SECURITY FIX
* CVE-2010-1167: Fetchmail before release 6.3.17 did not properly
sanitize external input (mail headers and UID).
[#] FEATURES
* Fetchmail now supports a --sslcertfile <file> option to
specify a "CA bundle" file (a file that contains trusted CA
certificates).
* Fetchmail now supports a
FETCHMAIL_INCLUDE_DEFAULT_X509_CA_CERTS environment variable
to force loading the default SSL CA certificate locations even
if --sslcertfile or --sslcertpath is used. If neither option
is in effect, fetchmail loads the default locations.
[#] REGRESSION FIX
* Fix string handling in rcfile scanner, which caused fetchmail
to misparse a run control file in certain circumstances.
[#] BUG FIXES
* Plug memory leak when using a "defaults" entry in the run
control file.
* Do not print SSL certificate mismatches unless verbose or
- -sslcertck is enabled.
* Do not lose "set invisible" in fetchmailconf. (Michael Barnack)
- drop fetchmail-SA-2010-02.patch (in upstream)
* Mon Apr 19 2010 puzel@novell.com
- add fetchmail-SA-2010-02.patch (bnc#597673)
* Wed Apr 14 2010 puzel@novell.com
- make it possible change default fetchmailrc location using new
sysconfig option
- do not change owner of fetchmailrc in post
* Wed Apr 07 2010 puzel@novell.com
- update to fetchmail-6.3.16
[#] BUG FIX
* Fix --interface option, broken in 6.3.15.
[#] CHANGE
* Call OpenSSL_add_all_algorithms(). This is needed to support
non-mandatory algorithms in certificates.
* Mon Mar 29 2010 puzel@novell.com
- update to fetchmail-6.3.15
[#] FEATURE
* Fetchmail now supports a bad-header command line or rcfile
option that takes exactly one argument, accept or reject
(default).
[#] BUG FIXES
* In the rcfile, recognize "local" as abbreviation for
"localdomains", as documented.
* Do not close stdout when using mda and "bsmtp -" at the same time.
* Log operating system errors when BSMTP writes fail.
* Fix verbose mode progress formatting regression from 6.3.10;
SMTP trace lines were no longer on a line of their own. Reported
by Melchior Franz.
* Check seteuid() return value and abort running MDA if switch fails.
* Set global flags in a consistent manner. Make --nosoftbounce and
- -nobounce work from command line (these used to work in rcfiles).
Reported and fix confirmed working by N.J. Mann. (Sunil Shetye)
* Fri Feb 05 2010 puzel@novell.com
- update to fetchmail-6.3.14
[#] SECURITY FIXES
* SSL/TLS certificate information is now also reported properly
on computers that consider the "char" type signed. Fixes
malloc() buffer overrun. Workaround for older versions: do not
use verbose mode.
[#] BUG FIXES
* The IMAP client no longer skips messages from several IMAP
servers including Dovecot if fetchmail's "idle" is in use.
Causes were that fetchmail (a) ignored some untagged responses
when it should not (b) relied on EXISTS messages in response to
EXPUNGE, which aren't mandated by RFC-3501 (the IMAP standard)
and aren't sent by Dovecot either. Fix by Sunil Shetye (the fix
also consolidates IMAP response handling, improving overall
robustness of the IMAP client), bug report and testing by Matt
Doran, with further hints from Timo Sirainen.
* The SMTP client now recovers from errors (such as servers
dropping the connection after errors) when sending an RSET
command. Fix by Sunil Shetye. Report by James Moe.
* The IMAP client now uses "SEARCH UNSEEN" rather than "SEARCH
UNSEEN NOT DELETED" again on IMAP2, to fix a regression in
fetchmail 6.2.5 reported by Will Stringer in June 2004. (Sunil
Shetye)
* The IMAP client now uses "SEARCH UNSEEN UNDELETED" on IMAP4
and IMAP4r1 servers (Sunil Shetye).
* Workaround: The IMAP client now falls back to "FETCH n:m
FLAGS" if the server does not support "SEARCH". (Sunil Shetye)
* The IMAP client now requests message numbers in batches of
1,000 to avoid problems if there are more than 1860 unseen
messages. (Sunil Shetye) Note that this wasn't security
relevant because fetchmail would only read up to the maximum
buffer size and leave the remainder of the string unread, going
out of synch afterwards.
* Stricter validation of IMAP responses containing byte or
message counts.
- fetchmail 6.3.13 :
[#] REGRESSION FIXES
* The multiline SMTP error fix in release 6.3.12 caused
fetchmail to lose message codes 400..599 and treat all of these
as temporary error. This would cause messages to be left on the
server even if softbounce was turned off. Reported by Thomas
Jarosch.
* Fri Nov 13 2009 puzel@novell.com
- update to fetchmail-6.3.12
[#] REGRESSION FIXES
* The CVS-2009-2666 fix in fetchmail release 6.3.11 caused a free() of
unallocated memory on SSL connections, which caused crashes or program aborts
on some systems (depending on how initialization and free() of unallocated
memory is handled in compiler and libc).
Workaround for older versions: run in verbose mode.
Patch courtesy of Thomas Heinz, fixes Gentoo Bug #280760.
This regression affected only the 6.3.11 release, but not the patch that was
part of the security announcement fetchmail-SA-2009-01.
[#] BUG FIXES
* Fix error reporting for GSSAPI on Heimdal (h5l) Kerberos.
* Look for MD5_Init in libcrypto rather than libssl, fixes Gentoo Kerberos
builds; fixes upstream parts of Gentoo Bugs #231400 and #185652, and fixes
BerliOS Bug #16134.
* Report multiline SMTP errors properly, reported by Earl Chew; fixes Debian Bug
[#569899], reported by Akihiro Terasaki.
Note: This fix introduced a regression, fixed in 6.3.13.
* Replace control characters in SMTP replies by '?'.
* Fetchmailconf: Fix descriptions for smtpaddress and smtpname options;
smtpaddress is for RCPT TO, not MAIL FROM. Found by Gerard Seibert.
- update to fetchmail-6.3.13
[#] REGRESSION FIXES
* The multiline SMTP error fix in release 6.3.12 caused fetchmail to lose
message codes 400..599 and treat all of these as temporary error. This would
cause messages to be left on the server even if softbounce was turned off.
Reported by Thomas Jarosch.
- drop fetchmail-6.3.11-fix-invalid-free.patch (fixed upstream)
* Mon Aug 10 2009 puzel@novell.com
- add fetchmail-6.3.11-fix-invalid-free.patch
- fix https://bugs.gentoo.org/280760
* Sun Aug 09 2009 coolo@novell.com
- use new python macros
* Thu Aug 06 2009 puzel@novell.com
- update to 6.3.11
[#] SECURITY BUGFIXES
* CVE-2009-2666: SSL NUL prefix impersonation attack through NULs in a
part of a X.509 certificate's CommonName and subjectAltName fields. These
fields use opaque strings with a separate length field, so that the NUL
character isn't a special character inside the certificate. Fetchmail, being
written in the C language, used to treat these strings as C strings
nonetheless, so that the domain comparison would end at the first embedded NUL
character, rather than at the real end of the string.
Fetchmail will now abort certificate verification as failed if NULs are
encountered inside either of these fields regardless of their position, and
drop the connection even if --sslcertck is not used, because NUL is not a
valid character in legitimate DNS names.
See fetchmail-SA-2009-01.txt for details, including a minimal patch.
[#] BUGFIXES
* Remove the spurious message "message delimiter found while scanning headers".
RFC-5322 syntax states that the delimiter is part of the body, and the body is
optional.
* Convert all non-printable characters in certificate Subject/Issuer
Common Name or Subject Alternative Name fields to ANSI-C hex escapes (\xnn,
where nn are hex digits).
* Fri Jul 03 2009 puzel@novell.com
- update to 6.3.10 (final version)
* Mon Jun 01 2009 puzel@suse.cz
- update to 6.3.10-beta1
[#] INCOMPATIBLE BUGFIXES AND CHANGES:
* Fetchmail no longer drops permanently undelivered messages by default, to
match historic documentation. It does this by adding a new "softbounce"
option, see below.
* There is a new "softbounce" global option that prevents the deletion of
messages that have not been forwarded. It defaults to "true" for fetchmail
6.3.X in order to match historic documentation. This may change its default
in the next major release.
* For other changes, please see the package changelog
- update fetchmail-6.3.8-smtp_errors.patch (partially upstreamed)
/usr/bin/fetchmailconf /usr/lib/python2.7/site-packages/fetchmailconf.py /usr/lib/python2.7/site-packages/fetchmailconf.pyc /usr/lib/python2.7/site-packages/fetchmailconf.pyo /usr/share/man/man1/fetchmailconf.1.gz
Generated by rpm2html 1.8.1
Fabrice Bellet, Mon May 20 11:55:49 2013