Abbreviations in parentheses are the maintainers who committed the respective
change. MA = Matthias Andree, ESR = Eric S. Raymond, RF = Rob Funk.)
-# DEPRECATED FEATURES AND MAJOR INCOMPATIBLE CHANGE ADVANCE WARNINGS
+# ADVANCE WARNING OF FEATURES TO BE REMOVED OR CHANGED IN FUTURE VERSIONS
+(There are no plans to remove features from a 6.3.X release, but they may be
+removed from a 6.4.0 or newer release.)
* The MX and host alias DNS lookups that fetchmail performs in multidrop mode
- are obsolete, deprecated and may be removed from a future fetchmail version.
- They have never supported IPv6 (including IPv6-mapped IPv4) anyhow.
+ are based on assumptions that are rarely met in practice, somewhat defective,
+ deprecated and may be removed from a future fetchmail version.
+ They have never supported IPv6 (including IPv6-mapped IPv4).
Non-DNS based alias keywords such as "aka" will remain in fetchmail.
* The monitor and interface options may be removed from a future fetchmail
- version as they are not sufficiently portable.
-* POP2 is obsolete.
- Support for POP2 may be removed from a future fetchmail version.
-* RPOP is obsolete, support may be removed from a future fetchmail release.
-* --sslcertck may become a default setting in a future fetchmail version.
+ version as they are not reasonably portable across operating systems.
+* POP2 is obsolete, support will be removed from a future fetchmail version.
+* IMAP2 and IMAP4 (not IMAP4r1) are obsolete, support may be removed from a
+ future fetchmail version.
+* RPOP is obsolete, support will be removed from a future fetchmail release.
+* --sslcertck will become a default setting in a future fetchmail version.
* The multidrop To/Cc guessing code along with the fragile duplicate suppressor
is deprecated and may be removed from a future release.
* The "envelope Received" option may be removed from a future release, because
the Received header was never meant to be machine-readable, the format varies
widely, and various other differences in behavior make parsing Received an
- unreliable undertaking. The enveloper option as such will remain though, in
+ unreliable undertaking. The envelope option as such will remain though, in
order to support Delivered-To, X-Envelope-To, X-Original-To and similar.
See also <http://home.pages.de/~mandree/mail/multidrop>.
-* The --enable-fallback (fall back to MDA if MTA unavailable) may be removed
- from a future fetchmail release.
+* The --enable-fallback (fall back to MDA if MTA unavailable) will be removed
+ from a future fetchmail release, because it makes fetchmail's behavior
+ inconsistent and confusing.
* The "protocol auto" default inside fetchmail may be removed from a future
fetchmail release. Explicit configuration of the protocol is recommended.
* Kerberos IV support may be removed from a future fetchmail release.
-* SIGHUP wakeup may be removed from a future fetchmail release and cause it
- to terminate.
+* Kerberos 5 support may be removed from a future fetchmail release.
+* The --principal option may be removed from a future fetchmail release.
+* SIGHUP wakeup support may be removed from a future fetchmail release and
+ cause fetchmail to terminate - it was broken for many years.
* Support for operating systems that are not sufficiently POSIX compliant may be
removed or operation on such systems may be suboptimal for future releases.
+ This means that fetchmail may only continue to work on C99 and POSIX 2001
+ based systems.
+* The maintainer may migrate fetchmail to C++ with STL or C#, and impose further
+ requirements (dependencies), such as Boost or other class libraries.
+* The softbounce option default will change to "false" in the next release.
+* The --bsmtp - mode of operation may be removed in a future release.
+* Given that OpenSSL is severely underdocumented, and needs license exceptions,
+ fetchmail may switch to a different SSL library.
+* SSLv2 support will be removed from a future fetchmail release. It has been
+ obsolete for more than a decade.
--------------------------------------------------------------------------------
-fetchmail 6.3.6 (not yet released):
+fetchmail-6.3.22 (not yet released):
+
+# SECURITY FIXES
+* for CVE-2012-3482:
+ NTLM: fetchmail mistook an error message that the server sent in response to
+ an NTLM request for protocol exchange, tried to decode it, and crashed while
+ reading from a bad memory location.
+ Also, with a carefully crafted NTLM challenge packet sent from the server, it
+ would be possible that fetchmail conveyed confidential data not meant for the
+ server through the NTLM response packet.
+ Fix: Detect base64 decoding errors, validate the NTLM challenge, and abort
+ NTLM authentication in case of error.
+ See fetchmail-SA-2012-02.txt for further details.
+ Reported by J. Porter Clark.
+
+* for CVE-2011-3389:
+ SSL/TLS (wrapped and STARTTLS): fetchmail used to disable a countermeasure
+ against a certain kind of attack against cipher block chaining initialization
+ vectors (SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS).
+ Whether this creates an exploitable situation, depends on the server and the
+ negotiated ciphers.
+ As a precaution, fetchmail 6.3.22 enables the countermeasure, by clearing
+ SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS.
+
+ NOTE that this can cause connections to certain non-conforming servers to
+ fail, in which case you can set the environment variable
+ FETCHMAIL_DISABLE_CBC_IV_COUNTERMEASURE to any non-empty value when starting
+ fetchmail to re-instate the compatibility option at the expense of security.
+
+ Reported by Apple Product Security.
+
+ For technical details, refer to <http://www.openssl.org/~bodo/tls-cbc.txt>.
+ See fetchmail-SA-2012-01.txt for further details.
+
+# BUG FIX
+* The Server certificate: message in verbose mode now appears on stdout like the
+ remainder of the output. Reported by Henry Jensen, to fix Debian Bug #639807.
+
+* The GSSAPI-related autoconf code now matches gssapi.c better, and uses
+ a different check to look for GSS_C_NT_HOSTBASED_SERVICE.
+ This fixes the GSSAPI-enabled build on NetBSD 6 Beta.
+
+# CHANGES
+* On systems where SSLv2_client_method isn't defined in OpenSSL (such as
+ newer Debian, and Ubuntu starting with 11.10 oneiric ocelot), don't
+ reference it (to fix the build) and if configured, print a run-time error
+ that the OS does not support SSLv2. Fixes Debian Bug #622054,
+ but note that that bug report has a more thorough patch that does away with
+ SSLv2 altogether.
+
+* The security and errata notices fetchmail-{EN,SA}-20??-??.txt are now
+ under the more relaxed CC BY-ND 3.0 license (the noncommercial clause
+ was dropped). The Creative Commons address was updated.
+
+* The Python-related Makefile.am parts were simplified to avoid an automake
+ 1.11.X bug around noinst_PYTHON, Automake Bug #10995.
+
+* Configuring fetchmail without SSL now triggers a configure warning,
+ and asks the user to consider running configure --with-ssl.
+
+# WORKAROUND
+* Some servers, notably Zimbra, return A1234 987 FETCH () in response to
+ a header request, in the face of message corruption. fetchmail now treats
+ these as temporary errors. Report and Patch by Mikulas Patocka, Red Hat.
+
+* Some servers, notably Microsoft Exchange, return "A0009 OK FETCH completed."
+ without any header in response to a header request for meeting reminder
+ messages (with a "meeting.ics" attachment). fetchmail now treats these as
+ transient errors. Report by John Connett, Patch by Sunil Shetye.
+
+# TRANSLATION UPDATES
+* [cs] Czech, by Petr Pisar
+* [de] German
+* [fr] French, by Frédéric Marchal
+* [ja] Japanese, by Takeshi Hamasaki
+* [pl] Polish, by Jakub Bogusz
+* [sv] Swedish, by Göran Uddeborg --- NEW TRANSLATION - Thank you!
+* [vi] Vietnamese, by Trần Ngọc Quân
+
+# KNOWN BUGS AND WORKAROUNDS
+ (This section floats upwards through the NEWS file so it stays with the
+ current release information)
+* Fetchmail does not handle messages without Message-ID header well
+ (See sourceforge.net bug #780933)
+* BSMTP is mostly untested and errors can cause corrupt output.
+* Sun Workshop 6 (SPARC) is known to miscompile the configuration file lexer in
+ 64-bit mode. Either compile 32-bit code or use GCC to compile 64-bit
+ fetchmail. Note that fetchmail doesn't take advantage of 64-bit code,
+ so compiling 32-bit SPARC code should not cause any difficulties.
+* Fetchmail does not track pending deletes across crashes.
+* The command line interface is sometimes a bit stubborn, for instance,
+ fetchmail -s doesn't work with a daemon running.
+* Linux systems may return duplicates of an IP address in some circumstances if
+ no or no global IPv6 addresses are configured.
+ (No workaround. Ubuntu Bug#582585, Novell Bug#606980.)
+* Kerberos 5 may be broken, particularly on Heimdal, and provide bogus error
+ messages. This will not be fixed, because the maintainer has no Kerberos 5
+ server to test against. Use GSSAPI.
+
+
+fetchmail-6.3.21 (released 2011-08-21, 26011 LoC):
+
+# CRITICAL BUG FIX
+* The IMAP client no longer inserts NUL bytes into the last line of a message
+ when it is not closed with a LF or CRLF sequence. Reported by Antoine Levitt.
+ As a side effect of the fix, and in order to avoid a full rewrite, fetchmail
+ will now CRLF-terminate the last line fetched through IMAP, even if it is
+ originally not terminated by LF or CRLF. This bears no relevance if your
+ messages end up in mbox, but adds line termination for storages (like Maildir)
+ that do not require that the last line be LF- or CRLF-terminated.
+
+# CONTRIB/ addition
+* There is a patch against fetchnews's source, contrib/rawlog.patch, that can
+ log (and hexdump non-printing characters) raw socket data to a file. It proved
+ useful to debug Antoine's bug described above.
+
+
+fetchmail-6.3.20 (released 2011-06-06, 26005 LoC):
+
+# SECURITY BUG FIXES
+* CVE-2011-1947:
+ STARTTLS: Fetchmail runs the IMAP STARTTLS or POP3 STLS negotiation with the
+ set timeout (default five minutes) now. This was reported missing, with
+ observed fetchmail freezes beyond a week, by Thomas Jarosch.
+ SSL-wrapped connections were unaffected by this timeout, so users of older
+ versions can force ssl-wrapped connections -- if supported by the server --
+ with the --ssl command line or ssl rcfile option.
+ See fetchmail-SA-2011-01.txt for further details.
+
+# BUG FIXES
+* IMAP: Do not search for UNSEEN messages in ranges. Usually, there are very few
+ new messages and most of the range searches result in nothing. Instead, split
+ the long response to make the IMAP driver think that there are multiple lines
+ of response. (Sunil Shetye)
+* Do not print "skipping message" for old messages even in verbose mode. If
+ there are too many old messages, the logs just get filled without any real
+ activity. (Sunil Shetye) (suggested by Yunfan Jiang)
+* Build: fetchmail now always uses its own MD5 implementation rather than trying
+ to find a system library with matched header. The library and header variants
+ found on systems are too diverse, and the code size saving is not worth any
+ more wasted user or programmer time.
+
+# CHANGES
+* Call strlen() only once when removing CRLF from a line. (Sunil Shetye)
+* fetchmail sets Internet domain sockets to "keepalive" mode now. Note that
+ there is no portable way to configure actual timeouts for this mode, and some
+ systems only support a system-wide timeout setting. fetchmail does not
+ attempt to tune the time spans of keepalive mode.
+
+# TRANSLATION UPDATES
+ [cs] Chech (Petr Pisar)
+ [nl] Dutch (Erwin Poeze)
+ [fr] French (Frédéric Marchal)
+ [de] German (Matthias Andree)
+ [ja] Japanese (Takeshi Hamasaki)
+ [pl] Polish (Jakub Bogusz)
+ [sk] Slovak (Marcel Telka)
+
+
+fetchmail-6.3.19 (released 2010-12-10, 25945 LoC):
+
+# ERRATUM NOTICE ISSUED
+* fetchmail 6.3.18 contains several bug fixes that were considered sufficiently
+ grave to warrant the issue of an erratum notice, fetchmail-EN-2010-03.txt.
+
+# BUG FIXES
+* When specifying multiple local multidrop lists, do not lose wildcard flag.
+ (Affects "user foo is bar baz * is joe here")
+* In multidrop configurations, an asterisk can now appear anywhere in the list
+ of local users, not just at the end.
+* In multidrop mode, header parsing is now more verbose in -vv mode, so that it
+ becomes possible to see which header is used.
+* Make --antispam work from command line (these used to work in rcfiles).
+ Reported by Kees Bakker, BerliOS Bug #17599. (Sunil Shetye)
+* Smoke test XHTML 1.1 validation, and if it fails, skip validating HTML
+ documents. Skip validating Mailbox-Names-UTF7.html. Several systems have
+ broken XHTML 1.1 DTD installations that jeopardize the build.
+ Reported by Mihail Nechkin against FreeBSD port.
+ Workaround for 6.3.18: build in a separate directory, i. e:
+ mkdir build && cd build && ../configure --options-go-here
+* Send a NOOP only after a failed STARTTLS in IMAP. (Sunil Shetye)
+* Demote GSSAPI verbose/debug syslog to INFO severity. Requested by Carlos E. R.
+ and Derek Simkowiak via the fetchmail-users@ mailing list.
+* Do STARTTLS/STLS negotiation in IMAP/POP3 if it is mandatory even if the
+ server capabilities do not show support for upgradation to TLS.
+ To use this, configure --sslproto tls1. (Sunil Shetye)
+* IMAP: Understand empty strings as FETCH response, seen on Yahoo. Reported by
+ Yasin Malli to fetchmail-users@ 2010-12-10.
+ Note that fetchmail continues to expect literals as FETCH response for now.
+
+# DOCUMENTATION
+* The manual page now links to IANA for GSSAPI service names.
+
+# TRANSLATION UPDATES
+ [cs] Czech (Petr Pisar)
+ [fr] French (Frédéric Marchal)
+ [de] German
+ [it] Italian (Vincenzo Campanella)
+ [pl] Polish (Jakub Bogusz)
+
+
+fetchmail-6.3.18 (released 2010-10-09, 25936 LoC):
+
+# SECURITY IMPROVEMENTS TO DEFANG X.509 CERTIFICATE ABUSE
+* Fetchmail now only accepts wildcard certificate common names and subject
+ alternative names if they start with "*.". Previous versions would accept
+ wildcards even if no period followed immediately.
+* Fetchmail now disallows wildcards in certificates to match domain literals
+ (such as 10.9.8.7), or wildcards in domain literals ("*.168.23.23").
+ The test is overly picky and triggers if the pattern (after skipping the
+ initial wildcard "*") or domain consists solely of digits and dots, and thus
+ matches more than needed.
+* Fetchmail now disallows wildcarding top-level domains.
+
+# CRITICAL BUG FIXES AND REGRESSION FIXES
+* Fetchmail 6.3.15, 6.3.16, and 6.3.17 would pick up libmd5 to obtain MD5*
+ functions, as an effect of an undocumented Solaris MD5 fix.
+ This caused all MD5-related functions to malfunction if, for instance,
+ libmd5.so was installed on other operating systems as part of libwww on
+ machines where long isn't 32-bits, i. e. usually on 64-bit computers.
+ Fixes Gentoo Bug #319283, reported, including libwww hint, by Karl Hakimian.
+ Side effect: fetchmail will now use -lmd on Solaris rather than -lmd5.
+* Fetchmail 6.3.17 warned about insecure SSL/TLS connections even if a matching
+ --sslfingerprint was specified. This is an omission from an SSL usability
+ change made in 6.3.17.
+ Fixes Debian Bug#580796 reported by Roland Stigge.
+* Fetchmail will now apply timeouts to the authentication stage.
+ This stage encompasses STARTTLS/STLS negotiation in IMAP/POP3.
+ Reported missing by Thomas Jarosch.
+* Fetchmail now cancels GSSAPI authentication properly when encountering GSS
+ errors, such as no or unsuitable credentials.
+ It now sends an asterisk on a line by its own, as required in SASL.
+ This fixes protocol synchronization issues that cause Authentication
+ failures, often observed with kerberized MS Exchange servers.
+ Fixes Debian Bug #568455 reported by Patrick Rynhart, and Alan Murrell, to the
+ fetchmail-users list. Fix verified by Thomas Voigtmann and Patrick Rynhart.
+
+# BUG FIXES
+* Fetchmail will no longer print connection attempts and errors for one host
+ in "silent" and "normal" logging modes, unless all connections fail. This
+ should reduce irritation around refused-connection logging if services are
+ only on an IPv4 socket if the host also supports IPv6. Often observed as
+ connections refused to ::1/25 when the subsequent connection to 127.0.0.1/25
+ then - silently - succeeds. Fetchmail, unless in verbose mode, will collect
+ all connect errors and only report them if all of them fail.
+* Fetchmail will not try GSSAPI authentication automatically, unless it has GSS
+ credentials. However, if GSSAPI authentication is requested explicitly,
+ fetchmail will always try it.
+* Fetchmail now parses response to "FETCH n:m RFC822.SIZE" and "FETCH n
+ RFC822.HEADER" in a more flexible manner. (Sunil Shetye)
+* The manual page clearly states that --principal is for Kerberos 4 only, not
+ for Kerberos 5 or GSSAPI. Found by Thomas Voigtmann.
+
+# CHANGES
+* When encountering incorrect headers, fetchmail will refer to the bad-header
+ option in the manpage.
+ Fixes BerliOS Bug #17272, change suggested by Björn Voigt.
+* Fetchmail now decodes and reports GSSAPI status codes upon errors.
+* Fetchmail now autoprobes NTLM also for POP3.
+* The Fetchmail FAQ has a new item #R15 on authentication failures.
+
+# INTERNAL CHANGES
+* The common NTLM authentication code was factored out from pop3.c and imap.c.
+
+# TRANSLATION UPDATES
+ [zh_CN] Chinese/simplified (Ji Zheng-Yu)
+ [cs] Czech (Petr Pisar)
+ [nl] Dutch (Erwin Poeze)
+ [fr] French (Frédéric Marchal)
+ [de] German
+ [it] Italian (Vincenzo Campanella)
+ [ja] Japanese (Takeshi Hamasaki)
+ [pl] Polish (Jakub Bogusz)
+ [sk] Slovak (Marcel Telka)
+
+
+fetchmail-6.3.17 (released 2010-05-06, 25767 LoC):
+
+# SECURITY FIX
+* CVE-2010-1167: Fetchmail before release 6.3.17 did not properly sanitize
+ external input (mail headers and UID). When a multi-character locale (such as
+ UTF-8) was in use, this could cause memory exhaustion and thus a denial of
+ service, because fetchmail's report.c functions assumed that non-success of
+ [v]snprintf was due to insufficient buffer size allocation. It would then
+ repeatedly reallocate a larger buffer and fail formatting again.
+ See fetchmail-SA-2010-02.txt.
+
+# FEATURES
+* Fetchmail now supports a --sslcertfile <file> option to specify a "CA bundle"
+ file (a file that contains trusted CA certificates). Since these bundled CA
+ files do not require c_rehash to be run, they are easier to use and immune to
+ OpenSSL library updates that affect the hash function.
+* Fetchmail now supports a FETCHMAIL_INCLUDE_DEFAULT_X509_CA_CERTS
+ environment variable to force loading the default SSL CA certificate
+ locations even if --sslcertfile or --sslcertpath is used.
+ If neither option is in effect, fetchmail loads the default locations.
+
+# REGRESSION FIX
+* Fix string handling in rcfile scanner, which caused fetchmail to misparse a
+ run control file in certain circumstances. Fixes BerliOS bug #14257.
+ Patch by Michael Banack. This fixes a regression introduced before 6.3.0.
+
+# BUG FIXES
+* Plug memory leak when using a "defaults" entry in the run control file.
+* Do not print SSL certificate mismatches unless verbose or --sslcertck is
+ enabled.
+* Do not lose "set invisible" in fetchmailconf. (Michael Barnack)
+
+# CHANGES
+* Usability: SSL certificate chains are fully printed in -v -v mode, and there
+ are now helpful pointers to --sslcertpath and c_rehash for "unable to get
+ local issuer certificate" and self-signed certificates -- these usually hint
+ to missing root signing CAs in the certs directory.
+* Several fixes for compiler (GCC, Intel C++, CLang) and autotools warnings
+* Memory allocation failures will now cause abnormal program abort (SIGABRT),
+ no longer an exit with unspecified code.
+* Print a warning if certificate verification failed and the user did not
+ specify --sslcertck.
+
+# DOCUMENTATION
+* Fix table of global option to read "set softbounce" where there used to be a
+ 2nd copy of "set spambounce". Patch by Michael Banack, BerliOS Bug #17067.
+* In the --sslcertpath description, mention that OpenSSL upgrade (and a 0.9.X
+ to 1.0.0 upgrade in particular) may require running c_rehash.
+
+# TRANSLATION UPDATES
+ [zh_CN] Chinese/simplified (Ji Zheng-Yu)
+ [cs] Czech (Petr Pisar)
+ [nl] Dutch (Erwin Poeze)
+ [fr] French (Frédéric Marchal)
+ [de] German
+ [id] Indonesian (Andhika Padmawan)
+ [it] Italian (Vincenzo Campanella)
+ [ja] Japanese (Takeshi Hamasaki)
+ [pl] Polish (Jakub Bogusz)
+ [sk] Slovak (Marcel Telka)
+ [vi] Vietnamese (Clytie Siddall)
+
+
+fetchmail-6.3.16 (released 2010-04-06, 25574 LoC):
+
+# BUG FIX
+* Fix --interface option, broken in 6.3.15. Reported by Vladmimir Stavrinov.
+ Fixes Debian Bug #576717.
+
+# CHANGE
+* Call OpenSSL_add_all_algorithms(). This is needed to support non-mandatory
+ and non-standard algorithms in certificates.
+ Sjoerd Simons, to fix Debian Bug #576430.
+ OpenSSL 0.9.8* does not load - for instance - the SHA256 digest by default.
+ Reported as OpenSSL RT#2224.
+
+
+fetchmail-6.3.15 (released 2010-03-28, 25572 LoC):
+
+# FEATURE
+* Fetchmail now supports a bad-header command line or rcfile option that takes
+ exactly one argument, accept or reject (default). This specifies how messages
+ with bad headers retrieved from the current server are to be treated.
+
+# BUG FIXES
+* In the rcfile, recognize "local" as abbreviation for "localdomains", as
+ documented. The short form has not ever worked since this feature was added in
+ January 1997. Reported by Frédéric Marchal.
+* Do not close stdout when using mda and "bsmtp -" at the same time.
+* Log operating system errors when BSMTP writes fail.
+* Fix verbose mode progress formatting regression from 6.3.10; SMTP trace lines
+ were no longer on a line of their own. Reported by Melchior Franz.
+* Check seteuid() return value and abort running MDA if switch fails.
+* Set global flags in a consistent manner. Make --nosoftbounce and
+ --nobounce work from command line (these used to work in rcfiles).
+ Reported and fix confirmed working by N.J. Mann. (Sunil Shetye)
+* Properly import h_errno declarations, even on systems where h_errno isn't a
+ macro. (Adds ./configure check, fixes Cygwin dllimport warnings.)
+
+# CHANGES
+* The repository has been converted and moved from the Subversion (SVN) format
+ kindly hosted by Graham Wilson over the past years to Git format hosted on
+ Gitorious.org. My deepest thanks to Graham Wilson for this service that
+ kept us going when BerliOS's Subversion service was faulty in its early days.
+* This opportunity was used to convert BRANCH_6-2 and BRANCH_1-9-9 to
+ GnuPG-signed tags, as a sign that these are now closed.
+* The outdated SVN trunk is now called "oldtrunk" in Git just to save the work
+ for future reference. All development in the past few years was on BRANCH_6-3.
+* master was branched from BRANCH_6-3. BRANCH_6-3 is now obsolete (and in fact
+ was also converted to a tag to record where the conversion from SVN to Git
+ took place).
+* "make check" now skips HTML validation if xmllint or XHTML DTD are missing.
+
+# DOCUMENTATION
+* Web site and documentation were adjusted to reflect the SVN->Git move.
+* The fetchmail manual page is now much clearer on the user id switching
+ (seteuid) when using --mda while running as the super user.
+
+# TRANSLATION UPDATES, by language name
+* [zh_CN] Chinese (Simplified), by Ji Zheng-Yu
+* [cs] Czech, by Petr Pisar
+* [nl] Dutch, by Erwin Poeze
+* [fr] French, by Frédéric Marchal
+* [de] German
+* [id] Indonesian, by Andhika Padmawan
+* [it] Italian, by Vincenzo Campanella
+* [ja] Japanese, by Takeshi Hamasaki
+* [pl] Polish, by Jakub Bogusz
+* [vi] Vietnamese, by Clytie Siddall
+
+
+fetchmail 6.3.14 (released 2010-02-05, 25487 LoC):
+
+# SECURITY FIXES
+* CVE-2010-0562: SSL/TLS certificate information is now also reported properly
+ on computers that consider the "char" type signed. Fixes malloc() buffer
+ overrun. Workaround for older versions: do not use verbose mode.
+ See fetchmail-SA-2010-01.txt for details, including a minimal patch.
+
+# BUG FIXES
+* The IMAP client no longer skips messages from several IMAP servers including
+ Dovecot if fetchmail's "idle" is in use. Causes were that fetchmail (a)
+ ignored some untagged responses when it should not (b) relied on EXISTS
+ messages in response to EXPUNGE, which aren't mandated by RFC-3501 (the IMAP
+ standard) and aren't sent by Dovecot either.
+ Fix by Sunil Shetye (the fix also consolidates IMAP response handling,
+ improving overall robustness of the IMAP client), bug report and testing by
+ Matt Doran, with further hints from Timo Sirainen.
+* The SMTP client now recovers from errors (such as servers dropping the
+ connection after errors) when sending an RSET command.
+ Fix by Sunil Shetye. Report by James Moe.
+* The IMAP client now uses "SEARCH UNSEEN" rather than "SEARCH UNSEEN NOT
+ DELETED" again on IMAP2, to fix a regression in fetchmail 6.2.5 reported by
+ Will Stringer in June 2004. (Sunil Shetye)
+* The IMAP client now uses "SEARCH UNSEEN UNDELETED" on IMAP4 and IMAP4r1
+ servers (Sunil Shetye).
+* Workaround: The IMAP client now falls back to "FETCH n:m FLAGS" if the server
+ does not support "SEARCH". (Sunil Shetye)
+* The IMAP client now requests message numbers in batches of 1,000 to avoid
+ problems if there are more than 1860 unseen messages. (Sunil Shetye)
+ Note that this wasn't security relevant because fetchmail would only read up
+ to the maximum buffer size and leave the remainder of the string unread, going
+ out of synch afterwards.
+* Stricter validation of IMAP responses containing byte or message counts.
+
+# CHANGES
+* Only include gssapi.h if we're not including gssapi/gssapi.h, to fix a FreeBSD
+ compiler warning about gssapi.h being obsolete.
+
+# DOCUMENTATION
+* The README.SSL document was revised for grammar, spelling, and clarity.
+ Courtesy of Robert Mullin.
+
+# TRANSLATION UPDATES
+* [it] Italian, by Vincenzo Campanella
+
+
+
+fetchmail 6.3.13 (released 2009-10-30, 25333 LoC):
+
+# REGRESSION FIXES
+* The multiline SMTP error fix in release 6.3.12 caused fetchmail to lose
+ message codes 400..599 and treat all of these as temporary error. This would
+ cause messages to be left on the server even if softbounce was turned off.
+ Reported by Thomas Jarosch.
+
+# TRANSLATION UPDATES
+* [cs] Czech, by Petr Pisar
+* [zh_CN] Chinese (simplified), by Ji ZhengYu
+* [nl] Dutch, by Erwin Poeze
+* [id] Indonesian, by Andhika Padmawan
+* [ja] Japanese, by Takeshi Hamasaki
+* [pl] Polish, by Jakub Bogusz
+* [es] Spanish (Castilian), by Franciso Molinero
+* [vi] Vietnamese, by Clytie Siddall
+
+
+fetchmail 6.3.12 (released 2009-10-05):
+
+# REGRESSION FIXES
+* The CVE-2009-2666 fix in fetchmail release 6.3.11 caused a free() of
+ unallocated memory on SSL connections, which caused crashes or program aborts
+ on some systems (depending on how initialization and free() of unallocated
+ memory is handled in compiler and libc).
+ Workaround for older versions: run in verbose mode.
+ Patch courtesy of Thomas Heinz, fixes Gentoo Bug #280760.
+ This regression affected only the 6.3.11 release, but not the patch that was
+ part of the security announcement fetchmail-SA-2009-01.
+
+# BUG FIXES
+* Fix error reporting for GSSAPI on Heimdal (h5l) Kerberos.
+* Look for MD5_Init in libcrypto rather than libssl, fixes Gentoo Kerberos
+ builds; fixes upstream parts of Gentoo Bugs #231400 and #185652, and fixes
+ BerliOS Bug #16134.
+* Report multiline SMTP errors properly, reported by Earl Chew; fixes Debian Bug
+ #529899, reported by Akihiro Terasaki.
+ Note: This fix introduced a regression, fixed in 6.3.13.
+* Replace control characters in SMTP replies by '?'.
+* Fetchmailconf: Fix descriptions for smtpaddress and smtpname options;
+ smtpaddress is for RCPT TO, not MAIL FROM. Found by Gerard Seibert.
+
+# TRANSLATION UPDATES AND ADDITIONS (ordered by language name):
+* [ca] Catalan (Ernest Adrogué Calveras)
+* [zh_CN] Chinese/Simplified (Ji ZhengYu)
+* [cs] Czech (Petr Pisar)
+* [ja] Japanese (Takeshi Hamasaki)
+* [pl] Polish (Jakub Bogusz)
+* [es] Spanish/Castilian (Francisco Molinero)
+* [vi] Vietnamese (Clytie Siddall)
+
+
+fetchmail 6.3.11 (released 2009-08-06):
+
+# SECURITY BUGFIXES
+* CVE-2009-2666: SSL NUL prefix impersonation attack through NULs in a
+ part of a X.509 certificate's CommonName and subjectAltName fields. These
+ fields use opaque strings with a separate length field, so that the NUL
+ character isn't a special character inside the certificate. Fetchmail, being
+ written in the C language, used to treat these strings as C strings
+ nonetheless, so that the domain comparison would end at the first embedded NUL
+ character, rather than at the real end of the string.
+ Fetchmail will now abort certificate verification as failed if NULs are
+ encountered inside either of these fields regardless of their position, and
+ drop the connection even if --sslcertck is not used, because NUL is not a
+ valid character in legitimate DNS names.
+ See fetchmail-SA-2009-01.txt for details, including a minimal patch.
+
+# BUGFIXES
+* Remove the spurious message "message delimiter found while scanning headers".
+ RFC-5322 syntax states that the delimiter is part of the body, and the body is
+ optional.
+* Convert all non-printable characters in certificate Subject/Issuer
+ Common Name or Subject Alternative Name fields to ANSI-C hex escapes (\xnn,
+ where nn are hex digits).
+ Note that this change introduces a regression, fixed in 6.3.12.
+ See the 6.3.12 documentation above for details and a workaround.
+
+# TRANSLATION UPDATES AND ADDITIONS (ordered by language name):
+* [zh_CN] Chinese/Simplified (Ji ZhengYu)
+* [es] Spanish/Castilian (Francisco Molinero)
+
+
+fetchmail 6.3.10 (released 2009-07-02):
+
+# INCOMPATIBLE BUGFIXES AND CHANGES
+* Fetchmail no longer drops permanently undelivered messages by default, to
+ match historic documentation. It does this by adding a new "softbounce"
+ option, see below.
+ Fixes Debian Bug#471283, demotes Debian Bug#494418 to wishlist.
+* There is a new "softbounce" global option that prevents the deletion of
+ messages that have not been forwarded. It defaults to "true" for fetchmail
+ 6.3.X in order to match historic documentation. This may change its default
+ in the next major release.
+
+# BUGFIXES
+* Fix misuse of canonical autoconf target as _TARGET when it should have been
+ _HOST. Report and patch courtesy of Diego E. "Flameeyes" Pettenò.
+ Details: http://blog.flameeyes.eu/2009/01/01/the-canonical-target
+* Do not lose PS_MAXFETCH (13) exit status when hitting maxpoll. Reported by
+ Michelle Konzack, Debian Bug#508667.
+* Do not overlap source and destination fields in snprintf() in interface.c.
+ Courtesy of Nico Golde, Debian.
+* When a pre- or post-connect command fails, now report the exit status or
+ termination signal properly through sys/wait.h macros.
+* When acquiring a body, understand NIL ("no such data item"), as returned by
+ some MS Exchange versions. Fixes BerliOS Bug #11980 by KB Sriram.
+* Make progress tickers (-v/--showdots) consistent, and update documentation
+ accordingly ("." for each 1024 octets read, "#" for a header written, and "*"
+ for each body line written.)
+ The conditions under which these had been printed were inconsistent,
+ illogical, and documentation hadn't matched real behaviour for long.
+* For NTLM authentication, use dynamically allocated buffers.
+ Fixes Debian Bug#449179, reported by Stepan Golosunov.
+* Non-delivery notice ("bounce mail") now mentions the original reason again,
+ before the address list. This fixes a regression introduced in 6.3.0.
+* Several compiler warnings were fixed.
+* The minimum recommended SMTP (RFC-5321) timeouts are enforced to leave
+ sufficient time for the listener to respond. Some synchronous listeners,
+ particularly when used with spam filtering and other policy enforcement
+ services, take extended amounts of time to process messages after the sender,
+ recipient, or data block and EOM line. This can cause fetchmail to not wait
+ long enough for the "250 Ok" and make fetchmail believe the message wasn't
+ properly delivered when in fact it was; fetchmail would then retry the
+ download next time and never make progress.
+ Fixes Berlios Bug #10972, reported by Viktor Binzberger.
+* The ESMTP/LMTP client will now apply an application-specific timeout while
+ waiting for the EHLO/LHLO response, rather than wait for the server or TCP
+ connection timeout.
+* Treat 530 errors as temporary, so as not to delete messages on configuration
+ errors. Partially taken from Petr Cerny's patch in Novell Bugzilla #246829.
+ The 501 part of said patch was not added, as the maintainer is not convinced
+ 501 is a temporary condition, and softbounce takes care of this anyways.
+
+# CHANGES
+* Make the comparison of the SSL fingerprints case insensitive, to
+ ease its use. Suggested by Daniel Richard G.
+* Proper precedence ordering for the syslog and logfile options. If the logfile
+ option is effective (i. e. we're in daemon mode and nodetach isn't used),
+ reset the syslog option. If logfile is ineffective (we're not in daemon mode,
+ or nodetach is set), syslog takes precedence.
+* The sleeping at/awakened at messages appear in logfiles and syslog only if
+ verbose mode is enabled. On the console, they will still appear without
+ verbose mode. Fixes Debian Bug#282259.
+* fetchmail only requests IPv6 addresses via name service if at least one is
+ configured on the local host, likewise for IPv4. (AI_ADDRCONFIG flag to
+ getaddrinfo()) Extended version of Redhat's patch.
+* If the server name contains "yahoo.com", offers the "ID" capability, and we're
+ polling via IMAP, send an ID ("guid" "1") transaction first, ignoring its
+ result. This appears needed to be able to log into Yahoo's Zimbra servers, but
+ there are open issues (such as being only able to download one message and
+ server certificate mismatches).
+
+# CHANGES TO CONTRIB
+* Fix bashism in contrib/fetchsetup. Fixes Debian Bug#530081.
+
+# DOCUMENTATION
+* Some parts of the the manual page were revised for clarity, accuracy, and
+ updated recommendations (particularly SSL/TLS) and formatting conventions from
+ man-pages(7).
+* The README and README.SSL documents were updated.
+* A document, README.SSL-SERVER, was added to describe server-side requirements
+ for proper SSL and/or TLS service offerings. These are not specific to
+ fetchmail.
+* Documentation on how to make "NOMAIL" (exit code 1) not treated an error has
+ been added to the EXIT CODES section of the manpage and to the FAQ as item C8.
+ The suggested solution uses a tiny POSIX shell script fragment.
+ Fixes Debian Bug #530749, filed by Reuben Thomas.
+
+# TRANSLATION UPDATES AND ADDITIONS (ordered by language name):
+* [cs] Czech (Petr Pisar)
+* [en_GB] English/British
+* [de] German
+* [id] Indonesian (Andhika Padmawan)
+* [it] Italian (Vincenzo Campanella)
+* [ja] Japanese (Takeshi Hamasaki)
+* [pl] Polish (Jakub Bogusz)
+* [ru] Russian (Pavel Maryanov), fixing Debian Bug #531925
+* [es] Spanish/Castilian (Francisco Molinero)
+* [zh_CN] Chinese/Simplified (Ji ZhengYu)
+
+
+fetchmail 6.3.9 (released 2008-11-16):
+
+# SECURITY AND CRITICAL BUG FIXES:
+* CVE-2007-4565: Denial of service: When fetchmail tries to inject a warning
+ message it created itself, and the message is refused by the SMTP listener,
+ fetchmail dereferences a NULL pointer and crashes. Report & fix by Earl Chew.
+ Note while this is theoretically a remote denial of service attack vector,
+ fetchmail by default talks SMTP to the localhost, so the overall risk is
+ rather low.
+ This bug was apparently introduced on 1998-11-27 when the bouncemail facility
+ was modularized. The bug then made its appearance in fetchmail release 4.6.8.
+ See also fetchmail-SA-2007-02.txt.
+* CVE-2008-2711: Denial of service: When fetchmail logs data blobs
+ (for instance, a To: header in -v -v verbose mode) in excess of 2048
+ bytes, it will crash, because it hands an uninitialized argument
+ pointer (not the format string though) to vsnprintf and reads a
+ random memory location (it calls va_arg() too often without
+ resetting it with va_start()). Based on a patch (BerliOS patch #2492)
+ by Petr Uzel, fixes Novell Bug #354291.
+ Note 6.3.9-rc1 did not completely fix this issue, so it was redrawn a few
+ hours after its release.
+ See also fetchmail-SA-2008-01.txt.
+* When expunging, mark the right messages as seen to avoid message loss in "keep
+ flush" configurations. Workaround for previous versions: "expunge 0".
+ Report and patch by Alexander Cherepanov - thanks a lot, Berlios Bug #11797,
+ "imap_mark_seen doesn't consider expunged messages".
+* SSL fix: close memory leak when SSL connection fails; fetchmail used to forget
+ calling SSL_free() on the SSL context, leaking in excess of 500 kB RAM on a
+ x86_64 system per failed SSL connection attempt.
+ Bug reported and patch provided by Seiichi Ikarashi, Fujitsu.
+
+# BUG FIXES:
+* The configure script will additionally check for 'dn_skipname', to fix build
+ failures with µClibc. The new check still recognizes the resolver libraries on
+ Ubuntu 7.04, openSUSE 10.2, Solaris 8, NetBSD 4.0_BETA2 and FreeBSD 6.2.
+ Fixes Gentoo bug #134187.
+ NOTE: this is a bit of a hack, since we twist the HAVE_RES_SEARCH result, but
+ res_search() and dn_skipname() are only used together and scheduled for
+ removal in future versions, so this is probably fine.
+* No longer complain about invalid sslproto "" when POP3 CAPA probe fails.
+ Fixes Debian Bug#421446 (Holger Leskien), Novell Bug #247233 (Jon Nelson),
+ Red Hat Bug#503881.
+ Thanks to Matthias Strauß for a configuration to reproduce the issue.
+* Allow .fetchmailrc and .fetchids to be symlinks, as the manpage does not
+ document they aren't allowed - fixes Debian Bug #452907 (Roger Leigh).
+ TOCTOU race persists.
+* fetchmailconf quotes mailbox (folder) names when writing the configuration.
+ Fixes BerliOS Bug #13207 (reported + fix suggested by Terry Brown).
+* Only print "Deleting fetchids file" if there actually is one.
+ Fixes Debian Bug#374514, reported by Dan Jacobson.
+* SSL fix: check and report if SSL_set_fd fails.
+
+# CHANGES:
+* autoconf 2.60 is now required to build fetchmail; it uses
+ AC_USE_SYSTEM_EXTENSIONS to replace AC_AIX, AC_MINIX, and the like.
+* Removed dead FETCHMAIL_DEBUG code from fetchmail.h that was disabled by
+ default with no switches in configure to enable it. However, the macro would
+ have been prone to a symlink attack. Found by Nico Golde.
+* Removed dead FORCE_STUFFING code from socket.c that was disabled by default
+ with no switches in configure to enable it.
+* Include the typedef for int16 in the #ifndef _AIX in smbencrypt.c (Peter
+ O'Gorman)
+* Correct check for u_int32_t in configure.ac (seems to be typedef'ed in
+ namser.h on some platforms.) (Peter O'Gorman)
+* In configure.ac change all CPFLAGS to CPPFLAGS, CEFLAGS to CFLAGS and LDEFLAGS
+ to LDFLAGS otherwise the results of some tests (additional -L and -I flags) do
+ not get used for later tests causing incorrect configure results. Makefile.am
+ was also changed to reflect this. (Peter O'Gorman)
+* m4/gethostbyname_r.m4 does AC_TRY_COMPILE, which unfortunately can pass even
+ if there is no gethostbyname_r. Changed to AC_TRY_LINK. (Peter O'Gorman)
+* Revise getnameinfo check to ensure NULL is defined and the result is properly
+ evaluated, to avoid bogus results on for instance FreeBSD and redefinitions of
+ NI_* at compile time. (Matthias Andree).
+* __attribute__ ((unused)) is a gccism, removed from libesmtp/gethostbyname.c.
+ (Peter O'Gorman)
+* In KAME/getnameinfo.c it's best to use the correct argument to inet_ntoa.
+ (Peter O'Gorman)
+* In verbose mode, log if --check mode is enabled.
+* Add sslcommonname option (rcfile and commandline) as a way to work around
+ misconfigured upstream SSL servers that use the wrong certificate name. It
+ specifies which CommonName fetchmail expects and logs. (Daniel Richard G.)
+* Changed CRLF to LF line endings in contrib/delete-later (reporter: Petr Uzel)
+* SSL change: enable all workarounds with SSL_CTX_set_options(ctx,SSL_OP_ALL)
+* All translations have been re-enabled, in an attempt to rekindle translator or
+ user interest.
+
+# DOCUMENTATION:
+* Add fetchmail-SA-2007-02.txt and fetchmail-SA-2008-01.txt.
+* Re-add two lines to the manual page that had accidentally become comments
+ to nroff. One was part of the --sslproto documentation, and one in the
+ "Awakening the background daemon" section.
+* The manual page no longer asserts that .fetchids were for exclusive POP3 use,
+ since it is planned to use the file with IMAP4 later.
+* Add grammar fixes from Dan Jacobson to fetchmail.man. Debian Bug #461642.
+* The manual page now mentions that user descriptions need to come before user
+ options. Reported by Francensco Pontortì, to fix Debian Bug #467010.
+* The manual page no longer hints that multi-user declarations per server were
+ only useful in daemon mode running as root, to avoid hinting people to doing
+ that.
+* Several manual page rcfile examples now include "ssl".
+* The manual page hints that option arguments beginning with numbers can be
+ enclosed in quotes.
+* The manual page now mentions that the --logfile must already exist before
+ fetchmail is run.
+* The FAQ now recommends (#I9) not to use Google Mail for their disregard to the
+ protocols they claim to support.
+* Documentation and program output now /consistently/ claim that the rcfile must
+ not have more than 0700 (u=rwx,g=,o=) permissions, but fetchmail will still
+ silently accept additional g=x permissions for compatibility with previous
+ 6.2.X and 6.3.X versions.
+ Inconsistency (program 0710, manpage 0600) reported by Petr Uzel.
+* The --logfile documentation is now clearer about requiring detached daemon
+ mode.
+
+# TRANSLATION UPDATES AND ADDITIONS (ordered by language name):
+* [sq] Albanian (Besnik Bleta)
+* [zh_CN] Chinese, simplified (Ji Zheng-Yu)
+* [cs] Czech (Petr Pisar)
+* [da] Danish (Byrial Ole Jensen) - outdated, but newer than in 6.3.8
+* [nl] Dutch (Tony Vroon, Benno Schulenberg)
+* [en_GB] English, British
+* [fi] Finnish (Lauri Nurmi)
+* [de] German
+* [id] Indonesian (Andhika Padmawan)
+* [ja] Japanese (Takeshi Hamasaki)
+* [pl] Polish (Jakub Bogusz)
+* [ru] Russian (Pavel Maryanov)
+* [es] Spanish (Javier Fernández-Sanguino Peña, Matthias Andree)
+* [tr] Turkish (Engin Gündüz) - outdated, but newer than in 6.3.8
+* [vi] Vietnamese (Clytie Siddall)
+
+
+
+fetchmail 6.3.8 (released 2007-04-06):
+
+# SECURITY STRENGTHENING:
+* Make the APOP challenge parser more distrustful and have it reject challenges
+ that do not conform to RFC-822 msg-id format, in the hope to make mounting
+ man-in-the-middle attacks (MITM) against APOP a bit more difficult.
+ (CVE-2007-1558, reported by Gaëtan Leurent, published 2007-04-02 on Bugtraq)
+
+ APOP is claimed insecure by Gaëtan Leurent for MITM scenarios for typical
+ setups: based on MD5 collisions, it is purportedly possible to recover the
+ first three characters of the shared secret (password), which would then make
+ recovery of the shared secret a matter of hours or minutes; this would then
+ enable the attacker to impersonate the client vis-à-vis the server.
+
+ For further details, check
+ * Gaëtan Leurent, "Message Freedom in MD4 and MD5 Collisions: Application
+ to APOP", Fast Software Encryption 2007, Luxembourg. (Proceedings to appear in
+ Springer's Lecture Notes on Computer Science.)
+ * The mailing list discussion thread at
+ <http://lists.berlios.de/pipermail/fetchmail-devel/2007-March/000887.html>
+
+# BUG FIXES:
+* Fix pluralization of oversized-message warning mails.
+* Fix manual page: --sslcheck -> --sslcertck, and do not set trailing
+ "recommended:" in bold. Fixes Debian Bug #413059, reported by Rafal Czlonka.
+* Repoll immediately if a protocol error happens during the authentication
+ attempt after a failed opportunistic TLS upgrade.
+ Fixes comment #9 in Gentoo Bug #163782, reported by Takuto Matsuu.
+* Fix rendering of the "24 - 26, 28, 29" paragraph in the exit codes section.
+ Reported by Nico Golde.
+* If SOCKS support was compiled in, add 'socks' to the feature_options Python
+ list emitted in --configdump. Reported by Rob MacGregor.
+* Do not crash with a null pointer dereference when opening the BSMTP file
+ fails. Improve error checking and reporting. Reported by Reto Schüttel,
+ Debian Bug#416625. Fix based on a patch by Nico Golde.
+* Make BSMTP output actually work, it would persistently fail with SOCKET error
+ after writing the first header. Bug independently found and reported in
+ excellent detail by Reto Schüttel, Debian Bug#416812.
+
+# DOCUMENTATION:
+* Add fetchmail-SA-2007-01.txt
+* Extend --mda documentation, discourage use of qmail-inject.
+ Based on a patch by Rob MacGregor.
+* Document SOCKS configuration facility (SOCKS_CONF environment variable).
+ Thanks to Jochen Hayek, Michael Shuldman and Rob MacGregor.
+* Use envelope option in multidrop example. Patch by Rob MacGregor.
+* Document expected Received: line format when parsing for envelope addressees.
+* Stripped option documentation from sample.rcfile, since this is bound to go
+ out of synch with the manual page, which is the only reference on options.
+* Mention that --limit default is 0 bytes, which is special for "no limit".
+* Corrected Robert M. Funk's name that I misspelled. My sincere apologies
+ -- Matthias Andree.
+
+# CONTRIB:
+* Add delete-later and delete-later.README, a script and documentation for
+ a MySQL/Tcl-based client-side "delete-after" feature.
+ Kindly donated by Yoo GmbH, Großvoigtsberg, Germany (Carsten Ralle).
+
+
+fetchmail 6.3.7 (released 2007-02-18):
+
+# FIXES FOR REGRESSIONS IN 6.3.6
+* Fix KPOP. Patch by Miloslav Trmac.
+* Fix repoll when server disconnects after opportunistic TLS failed for POP3.
+ Berlios Bug #10133 = Gentoo Bug #163782 reported by Andrej Kacian.
+
+# TRANSLATION UPDATES
+* Japanese (Takeshi Hamasaki), Polish (Jakub Bogusz)
+
+# CHANGES
+* Consider getaddrinfo() on Darwin 9 (Mac OS X 10.5 "Leopard") thread-safe.
+ Reported by Uli Zappe.
-# SECURITY FIXES (CHANGE BEHAVIOUR):
+
+fetchmail 6.3.6 (released 2007-01-04):
+
+# SECURITY FIXES:
* CVE-2006-5867, fetchmail-SA-2006-02.txt:
- Password disclosure vulnerability. This has several aspects:
+ Password disclosure vulnerability fixed. This has several aspects:
- Fetchmail now implies sslproto 'tls1' if the sslfingerprint or sslcertck
- options are used, to be sure there is a certificate to check against.
+ options are used and the ssl option is not used, in order to be sure that
+ fetchmail gets a certificate from the mail server.
- Fetchmail breaks the connection if the TLS negotiation (or verification, if
- requested) fails with sslproto 'tls1' (also applies if this is implicit).
+ requested) fails with sslproto 'tls1', sslfingerprint or sslcheck enabled.
- - POP3 connections ignored STLS altogether in many circumstances, because
- fetchmail did not probe server capabilities for all values of "auth" - see
- fetchmail-SA-2006-02.txt for details.
+ - POP3 connections now use STLS reliably. They used to ignore STLS altogether
+ for serveral values of the "auth" option, when fetchmail forget to probe
+ server capabilities - see fetchmail-SA-2006-02.txt for details.
- - POP3 connections could retry USER/PASS authentication even if strong
- challenge-response schemes such as CRAM-MD5 had explicitly been requested,
- if these were not advertised in the CAPA response.
+ - POP3 connections will no longer fall back USER/PASS authentication if
+ strong challenge-response authenticators such as CRAM-MD5 are configured
+ but the server does not advertise these in its CAPA response.
- POP2 is obsolete and does not support STLS or anything beyond password-based
- authentication. The attempt to use STLS or stronger authenticators causes
+ authentication. The attempt to use STLS or strong authenticators now causes
connection abort.
- Configurations using --ssl --sslcertck however have been semi-safe in that
- they would not expose the password over the wire.
+ Configurations using both ssl and sslcertck however have been semi-safe in
+ that they would send the password in the clear. The USER/PASS fallback
+ problem however applies to these too, so that the password was only safe on
+ trustworthy servers.
-# SECURITY FIX:
* CVE-2006-5974, fetchmail-SA-2006-03.txt:
- Repair regression in 6.3.5 that crashes fetchmail when a message with invalid
- headers is found while fetchmail's mda option is in use. BerliOS bugs #9364,
- #9412, #9449. Stack backtrace provided by Neil Hoggarth - thanks.
+ Repairs a regression in 6.3.5 that crashes fetchmail when a message with
+ invalid headers is found while fetchmail's mda option is in use. BerliOS bugs
+ #9364, #9412, #9449. Stack backtrace provided by Neil Hoggarth - thanks.
-# BUG FIXES:
+# REGRESSION FIXES (recently introduced bugs)
* Repair --logfile, broken in 6.3.5. BerliOS Bug #9059,
reported by Brian Harring.
-* POP3: Probe capabilities when Kerberos V5 is attempted.
-* RPOP: The password is now shrouded in the local logs.
-* Robustness: If a stale lockfile cannot be deleted, truncate it to avoid
- trouble later if the PID is recycled by a non-fetchmail process.
+* Repair --user, broken in 6.3.5 (as a side effect of the authenticate external
+ patch): using SSL certificate/key authentication overrode the --user option.
+ Now the latter takes precedence, and only defaults to the certificate's common
+ name. Debian Bug #400950, reported by Jorgen Schaefer <forcer@debian.org>.
+
+# BUG FIXES (long-standing bugs):
+* RPOP: used to log the password locally rather than an asterisk as the other
+ protocols do. The password is now shrouded in the local logs.
+* POP3: Probes capabilities now when Kerberos V5 is enabled, so that we can
+ actually detect if the server supports it.
+* Robustness: If a stale lockfile cannot be deleted, truncate it so that
+ fetchmail doesn't later believe itself to be running if the PID is recycled
+ by a non-fetchmail process.
+* DNS: Detect /etc/resolv.conf changes: On systems that have res_search(),
+ assume we also have res_init() and call it (suggested by Ulrich Drepper,
+ glibc bug #3675) in order to make libc or libresolv reread the resolver
+ configuration at the beginning of a poll cycle. This is important when
+ fetchmail is in daemon mode and /etc/resolv.conf is changed later by dhcpcd,
+ dhclient, pppd, openvpn or other ip-up/ipchange scripts. Should fix Debian
+ Bug#389270, Bug#391698.
+* Robustness: Fix crash on systems that do not provide strdup(), the crash
+ happens only in out-of-memory conditions when fetchmail cannot proceed
+ anyways. Patch by Andreas Krennmair.
+* Robustness: When HOME and FETCHMAILHOME are unset, be sure to copy user
+ database information, so it is not trashed later. Patch by Jim Correia.
+
+# CHANGES:
+* Workaround: Improve handling of IMAP IDLE, some servers do not reset their
+ time counters after sending information asynchronously. Patch by Sunil
+ Shetye, after report from Andrew Baumann.
+* Usability: When requesting Kerberos or GSSAPI, complain and exit with syntax
+ error if any of these requested features has not been compiled in. This is
+ to fail early and with precise error message. Reported by Isaac Wilcox.
+* --version will now add +KRB4 or +KRB5 if Kerberos v4 or v5, respectively, have
+ been compiled in. Reported missing by Isaac Wilcox.
# TRANSLATIONS:
* New en_GB (British English) translation by David Lodge.
* Update Japanese (Takeshi Hamasaki), Polish (Jakub Bogusz), Russian (Pavel
Maryanov) and Vietnamese (Clytie Siddall) translations.
+! Note that not all these translations are complete -- this isn't the
+ translators' fault though, but due to delays at the BerliOS hosting site and
+ the translation project handlers. You may see a few untranslated messages.
-# KNOWN BUGS AND WORKAROUNDS:
- (this section floats upwards through the NEWS to be on top of the list)
-* fetchmail does not handle messages without Message-ID header well
- (See sourceforge.net bug #780933)
-* Sun Workshop 6 (SPARC) is known to miscompile the lexer in 64-bit mode.
- Either compile 32-bit code or use GCC to compile 64-bit fetchmail.
- Note that fetchmail doesn't take advantage of 64-bit code anyways,
- so compiling 32-bit SPARC code should be fine.
-* fetchmail expects Received: headers in a particular format when parsing
- envelopes.
-* fetchmail does not track pending deletes over crashes
-* the command line interface is a bit narrow-minded sometimes, for instance,
- fetchmail -s doesn't work with a running daemon
-* some of the logging output is not very helpful
-* some of the documentation is still not up to date
+# DOCUMENTATION:
+* Dropped exit status 15 from manual page, it's not used by fetchmail.
+ Reported by Isaac Wilcox.
+* Documented exit codes 24 - 29 as internal.
fetchmail 6.3.5 (released 2006-10-09):
* switch setjmp/longjmp to sigsetjmp/siglongjmp
* IMAP now supports the EXTERNAL authentication method, courtesy of
Götz 'nimrill' Babin-Ebell, BerliOS patch #1095 with minor changes.
+ Note that this change causes --sslcert to override --user.
* The sslproto keywords are now case insensitive, courtesy of
Götz 'nimrill' Babin-Ebell, BerliOS patch #1095.
* When going to sleep, log for how long. Suggested by Claudia Ludwig.