Remove obsolete "OpenSSL default fingerprint is MD5" claim.

[~andy/fetchmail] / NEWS

diff --git a/NEWS b/NEWS
index f44944b307895518ceea0984376f0ec3312920d7..bd2cc79fa3093404565cc670507e94b60e088694 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -58,6 +58,13 @@ removed from a 6.4.0 or newer release.)
 
 fetchmail-6.3.25 (not yet released):
 
+# BUG FIXES
+* Fix a memory leak in out-of-memory error condition while handling plugins.
+  Report and patch by John Beck (found with Parfait static code analyzer).
+* Fix a NULL pointer dereference in out-of-memory error condition while handling
+  plugins.
+  Report and patch by John Beck (found with Parfait static code analyzer).
+
 # CHANGES
 * Improved reporting when SSL/TLS X.509 certificate validation has failed,
   working around a not-so-recent swapping of two OpenSSL error codes, and
@@ -65,6 +72,9 @@ fetchmail-6.3.25 (not yet released):
   missing trust anchors (root certificates).
 * OpenSSL decoded errors are now reported through report(), rather than dumped
   to stderr, so that they should show up in logfiles and/or syslog.
+* The fetchmail manual page no longer claims that MD5 were the default OpenSSL
+  hash format (for use with --sslfingerprint). Reported by Jakob Wilk,
+  PARTIAL fix for Debian Bug#700266.
 
 # WORKAROUNDS
 * Older systems that provide the older RFC-2553 implementation of getaddrinfo,
@@ -77,6 +87,9 @@ fetchmail-6.3.25 (not yet released):
 
   The proper fix, however, is to upgrade the operating system.
 
+# TRANSLATION UPDATES
+[eo]    Esperanto, by Sian Mountbatten and Felipe Castro
+
 
 fetchmail-6.3.24 (released 2012-12-23, 26108 LoC):