Abbreviations in parentheses are the maintainers who committed the respective
change. MA = Matthias Andree, ESR = Eric S. Raymond, RF = Rob Funk.)
-# DEPRECATED FEATURES AND MAJOR INCOMPATIBLE CHANGE ADVANCE WARNINGS
+# ADVANCE WARNING OF FEATURES TO BE REMOVED OR CHANGED IN FUTURE VERSIONS
+(There are no plans to remove these features from a 6.3.X release, but they may
+be removed from a 6.4.0 or newer release.)
* The MX and host alias DNS lookups that fetchmail performs in multidrop mode
- are obsolete, deprecated and may be removed from a future fetchmail version.
- They have never supported IPv6 (including IPv6-mapped IPv4) anyhow.
+ are based on assumptions that are rarely met in practice, somewhat defective,
+ deprecated and may be removed from a future fetchmail version. They have
+ never supported IPv6 (including IPv6-mapped IPv4).
Non-DNS based alias keywords such as "aka" will remain in fetchmail.
* The monitor and interface options may be removed from a future fetchmail
- version as they are not sufficiently portable.
-* POP2 is obsolete.
- Support for POP2 may be removed from a future fetchmail version.
-* RPOP is obsolete, support may be removed from a future fetchmail release.
-* --sslcertck may become a default setting in a future fetchmail version.
+ version as they are not reasonably portable.
+* POP2 is obsolete, support will be removed from a future fetchmail version.
+* RPOP is obsolete, support will be removed from a future fetchmail release.
+* --sslcertck will become a default setting in a future fetchmail version.
* The multidrop To/Cc guessing code along with the fragile duplicate suppressor
is deprecated and may be removed from a future release.
* The "envelope Received" option may be removed from a future release, because
the Received header was never meant to be machine-readable, the format varies
widely, and various other differences in behavior make parsing Received an
- unreliable undertaking. The enveloper option as such will remain though, in
+ unreliable undertaking. The envelope option as such will remain though, in
order to support Delivered-To, X-Envelope-To, X-Original-To and similar.
See also <http://home.pages.de/~mandree/mail/multidrop>.
-* The --enable-fallback (fall back to MDA if MTA unavailable) may be removed
- from a future fetchmail release.
+* The --enable-fallback (fall back to MDA if MTA unavailable) will be removed
+ from a future fetchmail release, because it makes fetchmail's behavior
+ inconsistent and confusing.
* The "protocol auto" default inside fetchmail may be removed from a future
fetchmail release. Explicit configuration of the protocol is recommended.
* Kerberos IV support may be removed from a future fetchmail release.
-* SIGHUP wakeup may be removed from a future fetchmail release and cause it
- to terminate.
+* SIGHUP wakeup support may be removed from a future fetchmail release and
+ cause fetchmail to terminate - it was broken for many years.
* Support for operating systems that are not sufficiently POSIX compliant may be
removed or operation on such systems may be suboptimal for future releases.
--------------------------------------------------------------------------------
-fetchmail 6.3.5 (not yet released):
+fetchmail 6.3.8 (not yet released):
+
+# SECURITY STRENGTHENING:
+* Make the APOP challenge parser more distrustful and have it reject challenges
+ that do not conform to RFC-822 msg-id format, in the hope to make mounting
+ man-in-the-middle attacks (MITM) against APOP a bit more difficult.
+ (CVE-2007-1558)
+
+ APOP is claimed insecure by Gaëtan Leurent for MITM scenarios for typical
+ setups: based on MD5 collisions, it is purportedly possible to recover the
+ first three characters of the shared secret (password), which would then make
+ recovery of the shared secret a matter of hours or minutes; this would then
+ enable the attacker to impersonate the client vis-à-vis the server.
+
+ For further details, check
+ * Gaëtan Leurent, "Message Freedom in MD4 and MD5 Collisions: Application
+ to APOP", Fast Software Encryption 2007, Luxembourg. (Proceedings to appear in
+ Springer's Lecture Notes on Computer Science.)
+ * The mailing list discussion thread at
+ <http://lists.berlios.de/pipermail/fetchmail-devel/2007-March/000887.html>
+
+# BUG FIXES:
+* Fix pluralization of oversized-message warning mails.
+* Fix manual page: --sslcheck -> --sslcertck, and do not set trailing
+ "recommended:" in bold. Fixes Debian Bug #413059, reported by Rafal Czlonka.
+* Repoll immediately if a protocol error happens during the authentication
+ attempt after a failed opportunistic TLS upgrade.
+ Fixes comment #9 in Gentoo Bug #163782, reported by Takuto Matsuu.
+* Fix rendering of the "24 - 26, 28, 29" paragraph in the exit codes section.
+ Reported by Nico Golde.
+* If SOCKS support was compiled in, add 'socks' to the feature_options Python
+ list emitted in --configdump. Reported by Rob MacGregor.
+* Do not crash with a null pointer dereference when opening the BSMTP file
+ fails. Improve error checking and reporting. Reported by Reto Schüttel,
+ Debian Bug#416625. Fix based on a patch by Nico Golde.
+* Make BSMTP output actually work, it would persistently fail with SOCKET error
+ after writing the first header.
+
+# DOCUMENTATION:
+* Extend --mda documentation, discourage use of qmail-inject.
+ Based on a patch by Rob MacGregor.
+* Document SOCKS configuration facility (SOCKS_CONF environment variable).
+ Thanks to Jochen Hayek, Michael Shuldman and Rob MacGregor.
+* Use envelope option in multidrop example. Patch by Rob MacGregor.
+* Document expected Received: line format when parsing for envelope addressees.
+* Stripped option documentation from sample.rcfile, since this is bound to go
+ out of synch with the manual page, which is the only reference on options.
+
+# CONTRIB:
+* Add delete-later and delete-later.README, a script and documentation for
+ a MySQL/Tcl-based client-side "delete-after" feature.
+ Kindly donated by Yoo GmbH, Großvoigtsberg, Germany (Carsten Ralle).
# KNOWN BUGS AND WORKAROUNDS:
- (this section floats upwards through the NEWS to be on top of the list)
+ (this section floats upwards through the NEWS file so it stays with the
+ current release information)
* fetchmail does not handle messages without Message-ID header well
(See sourceforge.net bug #780933)
-* Sun Workshop 6 (SPARC) is known to miscompile the lexer in 64-bit mode.
- Either compile 32-bit code or use GCC to compile 64-bit fetchmail.
- Note that fetchmail doesn't take advantage of 64-bit code anyways,
- so compiling 32-bit SPARC code should be fine.
-* fetchmail expects Received: headers in a particular format when parsing
- envelopes.
+* Sun Workshop 6 (SPARC) is known to miscompile the configuration file lexer in
+ 64-bit mode. Either compile 32-bit code or use GCC to compile 64-bit
+ fetchmail. Note that fetchmail doesn't take advantage of 64-bit code,
+ so compiling 32-bit SPARC code should not cause any difficulties.
+* fetchmail does not track pending deletes over crashes
+* the command line interface is a bit narrow-minded sometimes, for instance,
+ fetchmail -s doesn't work with a running daemon
+* some of the logging output is not very helpful
+* some of the documentation is still not up to date
+
+
+
+fetchmail 6.3.7 (released 2007-02-18):
+
+# FIXES FOR REGRESSIONS IN 6.3.6
+* Fix KPOP. Patch by Miloslav Trmac.
+* Fix repoll when server disconnects after opportunistic TLS failed for POP3.
+ Berlios Bug #10133 = Gentoo Bug #163782 reported by Andrej Kacian.
+
+# TRANSLATION UPDATES
+* Japanese (Takeshi Hamasaki), Polish (Jakub Bogusz)
+
+# CHANGES
+* Consider getaddrinfo() on Darwin 9 (Mac OS X 10.5 "Leopard") thread-safe.
+ Reported by Uli Zappe.
+
+
+fetchmail 6.3.6 (released 2007-01-04):
+
+# SECURITY FIXES:
+* CVE-2006-5867, fetchmail-SA-2006-02.txt:
+ Password disclosure vulnerability fixed. This has several aspects:
+
+ - Fetchmail now implies sslproto 'tls1' if the sslfingerprint or sslcertck
+ options are used and the ssl option is not used, in order to be sure that
+ fetchmail gets a certificate from the mail server.
+
+ - Fetchmail breaks the connection if the TLS negotiation (or verification, if
+ requested) fails with sslproto 'tls1', sslfingerprint or sslcheck enabled.
+
+ - POP3 connections now use STLS reliably. They used to ignore STLS altogether
+ for serveral values of the "auth" option, when fetchmail forget to probe
+ server capabilities - see fetchmail-SA-2006-02.txt for details.
+
+ - POP3 connections will no longer fall back USER/PASS authentication if
+ strong challenge-response authenticators such as CRAM-MD5 are configured
+ but the server does not advertise these in its CAPA response.
+
+ - POP2 is obsolete and does not support STLS or anything beyond password-based
+ authentication. The attempt to use STLS or strong authenticators now causes
+ connection abort.
+
+ Configurations using both ssl and sslcertck however have been semi-safe in
+ that they would send the password in the clear. The USER/PASS fallback
+ problem however applies to these too, so that the password was only safe on
+ trustworthy servers.
+
+* CVE-2006-5974, fetchmail-SA-2006-03.txt:
+ Repairs a regression in 6.3.5 that crashes fetchmail when a message with
+ invalid headers is found while fetchmail's mda option is in use. BerliOS bugs
+ #9364, #9412, #9449. Stack backtrace provided by Neil Hoggarth - thanks.
+
+# REGRESSION FIXES (recently introduced bugs)
+* Repair --logfile, broken in 6.3.5. BerliOS Bug #9059,
+ reported by Brian Harring.
+* Repair --user, broken in 6.3.5 (as a side effect of the authenticate external
+ patch): using SSL certificate/key authentication overrode the --user option.
+ Now the latter takes precedence, and only defaults to the certificate's common
+ name. Debian Bug #400950, reported by Jorgen Schaefer <forcer@debian.org>.
+
+# BUG FIXES (long-standing bugs):
+* RPOP: used to log the password locally rather than an asterisk as the other
+ protocols do. The password is now shrouded in the local logs.
+* POP3: Probes capabilities now when Kerberos V5 is enabled, so that we can
+ actually detect if the server supports it.
+* Robustness: If a stale lockfile cannot be deleted, truncate it so that
+ fetchmail doesn't later believe itself to be running if the PID is recycled
+ by a non-fetchmail process.
+* DNS: Detect /etc/resolv.conf changes: On systems that have res_search(),
+ assume we also have res_init() and call it (suggested by Ulrich Drepper,
+ glibc bug #3675) in order to make libc or libresolv reread the resolver
+ configuration at the beginning of a poll cycle. This is important when
+ fetchmail is in daemon mode and /etc/resolv.conf is changed later by dhcpcd,
+ dhclient, pppd, openvpn or other ip-up/ipchange scripts. Should fix Debian
+ Bug#389270, Bug#391698.
+* Robustness: Fix crash on systems that do not provide strdup(), the crash
+ happens only in out-of-memory conditions when fetchmail cannot proceed
+ anyways. Patch by Andreas Krennmair.
+* Robustness: When HOME and FETCHMAILHOME are unset, be sure to copy user
+ database information, so it is not trashed later. Patch by Jim Correia.
+
+# CHANGES:
+* Workaround: Improve handling of IMAP IDLE, some servers do not reset their
+ time counters after sending information asynchronously. Patch by Sunil
+ Shetye, after report from Andrew Baumann.
+* Usability: When requesting Kerberos or GSSAPI, complain and exit with syntax
+ error if any of these requested features has not been compiled in. This is
+ to fail early and with precise error message. Reported by Isaac Wilcox.
+* --version will now add +KRB4 or +KRB5 if Kerberos v4 or v5, respectively, have
+ been compiled in. Reported missing by Isaac Wilcox.
+
+# TRANSLATIONS:
+* New en_GB (British English) translation by David Lodge.
+* Update Japanese (Takeshi Hamasaki), Polish (Jakub Bogusz), Russian (Pavel
+ Maryanov) and Vietnamese (Clytie Siddall) translations.
+! Note that not all these translations are complete -- this isn't the
+ translators' fault though, but due to delays at the BerliOS hosting site and
+ the translation project handlers. You may see a few untranslated messages.
+
+# DOCUMENTATION:
+* Dropped exit status 15 from manual page, it's not used by fetchmail.
+ Reported by Isaac Wilcox.
+* Documented exit codes 24 - 29 as internal.
+
+fetchmail 6.3.5 (released 2006-10-09):
# BUG FIXES:
* For protocols such as IMAP that are not delimited by "." lines, truncate the
with new polls, and SIGHUP would be ignored for root users. SIGHUP now matches
documented behavior. SIGUSR1 has always been a wakeup signal for both root
(undocumented) and non-root users. See also the deprecation warning above.
-* Track getaddrinfo() results to properly free them after timeouts,
- reported by Uli Zappe. This MIGHT fix Debian Bug#294547 and Bug#377135.
+* Track getaddrinfo() results to properly free them after timeouts and make sure
+ that getaddrinfo() isn't interrupted by a timeout (which breaks on MacOS X),
+ reported by Uli Zappe. This should fix Debian Bug#294547 and Bug#377135.
* --logfile is now handled more carefully, errors opening the logfile are
now reported to the TTY where fetchmail was started from.
* fetchmail now complains and aborts when it cannot properly daemonize itself.
+* fix compilation on systems that don't know struct addrinfo (Solaris 2.6).
+* ignore SIGPIPE signals and rely on functions to return EPIPE instead. This is
+ necessary because the former longjmp() from the signal handler is unsafe and
+ makes the whole fetchmail behavior undefined after the event.
+* Avoid crash in env.c/host_fqdn if we cannot canonicalize our own hostname.
+ Reported by Alexander Holler.
+* SSL fix by Miloslav Trmac (Red Hat): free the SSL contexts after the
+ connection, to avoid from growing SSL certpaths without bounds, avoid using
+ SSL contexts for unrelated connections, and to fix Red Hat Bug #206346.
# CHANGES:
* Rename all fetchmail-internal lock_* functions to fm_lock_*. Obsoletes
* Fetchmail in verbose mode now logs if it opportunistically upgrades a POP3
or IMAP connection to TLS security with STLS/STARTTLS.
* fetchmail now supports foo@example.org=bar user mappings for multidrop boxes.
+* switch setjmp/longjmp to sigsetjmp/siglongjmp
+* IMAP now supports the EXTERNAL authentication method, courtesy of
+ Götz 'nimrill' Babin-Ebell, BerliOS patch #1095 with minor changes.
+ Note that this change causes --sslcert to override --user.
+* The sslproto keywords are now case insensitive, courtesy of
+ Götz 'nimrill' Babin-Ebell, BerliOS patch #1095.
+* When going to sleep, log for how long. Suggested by Claudia Ludwig.
+* When the server name cannot be canonicalized, log the gai_strerror value.
# TRANSLATION UPDATES:
-* Russian/ru (Pavel Maryanov), Vietnamese/vi (Clytie Siddall)
+* Catalan/ca (Ernest Adrogué Calveras), Japanese/ja (Takeshi Hamasaki) - also
+ made gettext 0.15 ready, Polish/pl (Jakub Bogusz), Russian/ru (Pavel
+ Maryanov), Spanish/es (Héctor García Álvarez), Vietnamese/vi (Clytie Siddall)
# CONTRIBUTED SCRIPTS:
* PopDel.py was revised by Joshua Crawford to display the From: address and
projects / ~andy / fetchmail / blobdiff