X-Git-Url: http://pileus.org/git/?a=blobdiff_plain;f=NEWS;h=268aab544f88ee37ba0a59c126f518a4498028f8;hb=33cddbff323efcbae1503e91e6e65b2733da80c7;hp=23984363c10f5229f1e0a890a325ae6f09f997f7;hpb=513aaf8a177b01f2c390fbd600784dd000e9509c;p=~andy%2Ffetchmail diff --git a/NEWS b/NEWS index 23984363..268aab54 100644 --- a/NEWS +++ b/NEWS @@ -37,7 +37,6 @@ removed from a 7.0.0 or newer release.) * The --bsmtp - mode of operation may be removed in a future release. * Given that OpenSSL is severely underdocumented, and needs license exceptions, fetchmail may switch to a different SSL library. - -------------------------------------------------------------------------------- fetchmail-7.0.0 (not yet released): @@ -144,12 +143,93 @@ NOTE THIS IS AN ALPHA RELEASE THAT HAS NOT BEEN THOROUGHLY TESTED! -------------------------------------------------------------------------------- -fetchmail-6.3.23 (not yet released) +fetchmail-6.3.25 (released 2013-03-18, 26149 LoC): + +# NOTE THAT FETCHMAIL IS NO LONGER PUBLISHED THROUGH IBIBLIO. +* They have stopped accepting submissions and consider themselves an archive. + +# BUG FIXES +* Fix a memory leak in out-of-memory error condition while handling plugins. + Report and patch by John Beck (found with Parfait static code analyzer). +* Fix a NULL pointer dereference in out-of-memory error condition while handling + plugins. + Report and patch by John Beck (found with Parfait static code analyzer). + +# CHANGES +* Improved reporting when SSL/TLS X.509 certificate validation has failed, + working around a not-so-recent swapping of two OpenSSL error codes, and + a practical impossibility to distinguish broken certification chains from + missing trust anchors (root certificates). +* OpenSSL decoded errors are now reported through report(), rather than dumped + to stderr, so that they should show up in logfiles and/or syslog. +* The fetchmail manual page no longer claims that MD5 were the default OpenSSL + hash format (for use with --sslfingerprint). Reported by Jakob Wilk, + PARTIAL fix for Debian Bug#700266. +* The fetchmail manual page now refers the user to --softbounce from the + SMTP/ESMTP ERROR HANDLING section. Reported by Anton Shterenlikht. + +# WORKAROUNDS +* Older systems that provide the older RFC-2553 implementation of getaddrinfo, + rather than the current RFC-3493, and systems that do not provide this + getaddrinfo() interface at all and thus use the replacement functions from + libesmtp/getaddrinfo.?, might return EAI_NODATA when a host is registered in + DNS as MX or similar, but without A or AAAA records. Handle this situation + when checking for multidrop aliases and treat EAI_NODATA the same as + EAI_NONAME, i. e. name cannot be resolved. + + The proper fix, however, is to upgrade the operating system. + +# TRANSLATION UPDATES +[cs] Czech, by Petr Pisar +[da] Danish, by Joe Hansen +[de] German +[eo] Esperanto, by Sian Mountbatten and Felipe Castro +[fr] French, by Frédéric Marchal +[ja] Japanese, by Takeshi Hamasaki +[pl] Polish, by Jakub Bogusz +[sv] Swedish, by Göran Uddeborg +[vi] Vietnamese, by Trần Ngọc Quân + +# KNOWN BUGS AND WORKAROUNDS + (This section floats upwards through the NEWS file so it stays with the + current release information) +* Fetchmail does not handle messages without Message-ID header well + (See sourceforge.net bug #780933) +* BSMTP is mostly untested and errors can cause corrupt output. +* Sun Workshop 6 (SPARC) is known to miscompile the configuration file lexer in + 64-bit mode. Either compile 32-bit code or use GCC to compile 64-bit + fetchmail. Note that fetchmail doesn't take advantage of 64-bit code, + so compiling 32-bit SPARC code should not cause any difficulties. +* Fetchmail does not track pending deletes across crashes. +* The command line interface is sometimes a bit stubborn, for instance, + fetchmail -s doesn't work with a daemon running. +* Linux systems may return duplicates of an IP address in some circumstances if + no or no global IPv6 addresses are configured. + (No workaround. Ubuntu Bug#582585, Novell Bug#606980.) +* Kerberos 5 may be broken, particularly on Heimdal, and provide bogus error + messages. This will not be fixed, because the maintainer has no Kerberos 5 + server to test against. Use GSSAPI. + + +fetchmail-6.3.24 (released 2012-12-23, 26108 LoC): -# NOTE THAT THE RELEASE OF FUTURE FETCHMAIL 6.3.X VERSIONS IS UNCLEAR. -Should a 7.0 release be made earlier, chances are that the 6.3.X branch -is abandoned and its changes be folded into the 7.0 release, with changes -after 6.3.22 not available on their own in a newer 6.3.X release. +# CRITICAL AND REGRESSION FIXES +* Plug a memory leak in OpenSSL's certificate verification callback. + This would affect fetchmail configurations running with SSL in daemon mode + more than one-shot runs. + Reported by Erik Thiele, and pinned by Dominik Heeg, + fixes Debian Bug #688015. + This bug was introduced into fetchmail 6.3.0 (committed 2005-10-29) + when support for subjectAltName was added through a patch by Roland + Stigge, submitted as Debian Bug#201113. + +* The --logfile option now works again outside daemon mode, reported by Heinz + Diehl. The documentation that I had been reading was inconsistent with the + code, and only parts of the manual page claimed that --logfile was only + effective in daemon mode. + + +fetchmail-6.3.23 (released 2012-12-10, 26106 LoC): # REGRESSION FIXES * Fix compilation with OpenSSL implementations before 0.9.8m that lack @@ -160,6 +240,27 @@ after 6.3.22 not available on their own in a newer 6.3.X release. # BUG FIXES * Fix combination of --plugin and -f -. Patch by Alexander Zangerl, to fix Debian Bug#671294. +* Clean up logfile vs. syslog handling, and in case logfile overrides + syslog, send a message to the latter stating where logging goes. + +# CHANGES +* The build process can now be made a bit more silent and concise through + ./configure --enable-silent-rules, or by adding "V=0" to the make command. + +# WORKAROUNDS +* Make Maillennium POP3 workarounds less specific, to encompass + Maillennium POP3/UNIBOX (Maillennium V05.00c++). Reported by Eddie + via fetchmail-users mailing list, 2012-10-13. + +# TRANSLATION UPDATES +[cs] Czech, by Petr Pisar +[da] Danish, by Joe Hansen +[de] German +[fr] French, Frédéric Marchal +[ja] Japanese, Takeshi Hamasaki +[pl] Polish, by Jakub Bogusz +[sv] Swedish, by Göran Uddeborg +[vi] Vietnamese, Trần Ngọc Quân fetchmail-6.3.22 (released 2012-08-29, 26077 LoC): @@ -242,6 +343,7 @@ fetchmail-6.3.22 (released 2012-08-29, 26077 LoC): * [vi] Vietnamese, by Trần Ngọc Quân + fetchmail-6.3.21 (released 2011-08-21, 26011 LoC): # CRITICAL BUG FIX @@ -258,6 +360,7 @@ fetchmail-6.3.21 (released 2011-08-21, 26011 LoC): log (and hexdump non-printing characters) raw socket data to a file. It proved useful to debug Antoine's bug described above. + fetchmail-6.3.20 (released 2011-06-06, 26005 LoC): # SECURITY BUG FIXES