--------------------------------------------------------------------------------
-fetchmail-6.3.24 (released 2012-12-23, 26108 LoC):
-
-# NOTE THAT THE RELEASE OF FUTURE FETCHMAIL 6.3.X VERSIONS IS UNCLEAR.
-Should a 7.0 release be made earlier, chances are that the 6.3.X branch
-is abandoned and its changes be folded into the 7.0 release, with changes
-after 6.3.24 not available on their own in a newer 6.3.X release.
+fetchmail-6.3.25 (released 2013-03-18, 26149 LoC):
# NOTE THAT FETCHMAIL IS NO LONGER PUBLISHED THROUGH IBIBLIO.
- They have stopped accepting submissions and consider themselves an archive.
+* They have stopped accepting submissions and consider themselves an archive.
-# CRITICAL AND REGRESSION FIXES
-* Plug a memory leak in OpenSSL's certificate verification callback.
- This would affect fetchmail configurations running with SSL in daemon mode
- more than one-shot runs.
- Reported by Erik Thiele, and pinned by Dominik Heeg,
- fixes Debian Bug #688015.
- This bug was introduced into fetchmail 6.3.0 (committed 2005-10-29)
- when support for subjectAltName was added through a patch by Roland
- Stigge, submitted as Debian Bug#201113.
+# BUG FIXES
+* Fix a memory leak in out-of-memory error condition while handling plugins.
+ Report and patch by John Beck (found with Parfait static code analyzer).
+* Fix a NULL pointer dereference in out-of-memory error condition while handling
+ plugins.
+ Report and patch by John Beck (found with Parfait static code analyzer).
-* The --logfile option now works again outside daemon mode, reported by Heinz
- Diehl. The documentation that I had been reading was inconsistent with the
- code, and only parts of the manual page claimed that --logfile was only
- effective in daemon mode.
+# CHANGES
+* Improved reporting when SSL/TLS X.509 certificate validation has failed,
+ working around a not-so-recent swapping of two OpenSSL error codes, and
+ a practical impossibility to distinguish broken certification chains from
+ missing trust anchors (root certificates).
+* OpenSSL decoded errors are now reported through report(), rather than dumped
+ to stderr, so that they should show up in logfiles and/or syslog.
+* The fetchmail manual page no longer claims that MD5 were the default OpenSSL
+ hash format (for use with --sslfingerprint). Reported by Jakob Wilk,
+ PARTIAL fix for Debian Bug#700266.
+* The fetchmail manual page now refers the user to --softbounce from the
+ SMTP/ESMTP ERROR HANDLING section. Reported by Anton Shterenlikht.
+
+# WORKAROUNDS
+* Older systems that provide the older RFC-2553 implementation of getaddrinfo,
+ rather than the current RFC-3493, and systems that do not provide this
+ getaddrinfo() interface at all and thus use the replacement functions from
+ libesmtp/getaddrinfo.?, might return EAI_NODATA when a host is registered in
+ DNS as MX or similar, but without A or AAAA records. Handle this situation
+ when checking for multidrop aliases and treat EAI_NODATA the same as
+ EAI_NONAME, i. e. name cannot be resolved.
+
+ The proper fix, however, is to upgrade the operating system.
+
+# TRANSLATION UPDATES
+[cs] Czech, by Petr Pisar
+[da] Danish, by Joe Hansen
+[de] German
+[eo] Esperanto, by Sian Mountbatten and Felipe Castro
+[fr] French, by Frédéric Marchal
+[ja] Japanese, by Takeshi Hamasaki
+[pl] Polish, by Jakub Bogusz
+[sv] Swedish, by Göran Uddeborg
+[vi] Vietnamese, by Trần Ngọc Quân
# KNOWN BUGS AND WORKAROUNDS
(This section floats upwards through the NEWS file so it stays with the
server to test against. Use GSSAPI.
+fetchmail-6.3.24 (released 2012-12-23, 26108 LoC):
+
+# CRITICAL AND REGRESSION FIXES
+* Plug a memory leak in OpenSSL's certificate verification callback.
+ This would affect fetchmail configurations running with SSL in daemon mode
+ more than one-shot runs.
+ Reported by Erik Thiele, and pinned by Dominik Heeg,
+ fixes Debian Bug #688015.
+ This bug was introduced into fetchmail 6.3.0 (committed 2005-10-29)
+ when support for subjectAltName was added through a patch by Roland
+ Stigge, submitted as Debian Bug#201113.
+
+* The --logfile option now works again outside daemon mode, reported by Heinz
+ Diehl. The documentation that I had been reading was inconsistent with the
+ code, and only parts of the manual page claimed that --logfile was only
+ effective in daemon mode.
+
+
fetchmail-6.3.23 (released 2012-12-10, 26106 LoC):
# REGRESSION FIXES
projects / ~andy / fetchmail / blobdiff