]>
Pileus Git - ~andy/fetchmail/log
Matthias Andree [Wed, 2 Jan 2013 23:11:10 +0000 (00:11 +0100)]
Attempt merging from 6.3.24.
Matthias Andree [Sun, 23 Dec 2012 17:31:49 +0000 (18:31 +0100)]
Update website for 6.3.24.
Matthias Andree [Sun, 23 Dec 2012 16:43:10 +0000 (17:43 +0100)]
Sign .xz; upload to sf.net; upload .xz to local site.
Matthias Andree [Sun, 23 Dec 2012 15:47:12 +0000 (16:47 +0100)]
Update for 6.3.24 release.
Matthias Andree [Sun, 23 Dec 2012 15:45:59 +0000 (16:45 +0100)]
Remove LSM-related stuff from the distribution.
IBiblio no longer accepts submissions, and considers itself an archive.
There is no point in our carrying forward any related material, if
needed for reference purposes, it can be fetched from older versions in
the Git repository.
Matthias Andree [Fri, 14 Dec 2012 00:33:17 +0000 (01:33 +0100)]
Fix version to 6.3.0.
Matthias Andree [Fri, 14 Dec 2012 00:03:49 +0000 (01:03 +0100)]
Complete Dominik's name.
Matthias Andree [Thu, 13 Dec 2012 22:44:37 +0000 (23:44 +0100)]
Plug a memory leak in OpenSSL's certificate verification callback.
This would affect fetchmail configurations running with SSL in daemon mode
more than one-shot runs.
Reported by Erik Thiele, and pinned by Dominik, Debian Bug #688015.
This bug was introduced into fetchmail 6.2.9 (committed 2005-10-29)
when support for subjectAltName was added through a patch by Roland
Stigge, submitted as Debian Bug#201113.
Matthias Andree [Thu, 13 Dec 2012 21:46:32 +0000 (22:46 +0100)]
Repair --logfile regression of 6.3.23,
reported by Heinz Diehl.
Matthias Andree [Mon, 10 Dec 2012 21:14:49 +0000 (22:14 +0100)]
Update for new release.
Matthias Andree [Mon, 10 Dec 2012 21:07:28 +0000 (22:07 +0100)]
Release 6.3.23.
Matthias Andree [Mon, 10 Dec 2012 20:57:50 +0000 (21:57 +0100)]
Pull in translation updates for 6.3.23,
dubbed 6.3.22.2 for translation purposes.
Matthias Andree [Wed, 5 Dec 2012 21:54:27 +0000 (22:54 +0100)]
Move forward to prepare a 6.3.23 release and request translation.
Matthias Andree [Wed, 5 Dec 2012 21:54:27 +0000 (22:54 +0100)]
Update German translation.
Matthias Andree [Tue, 6 Nov 2012 07:44:50 +0000 (08:44 +0100)]
Fix typo in R15, and clarify.
Matthias Andree [Tue, 6 Nov 2012 07:44:50 +0000 (08:44 +0100)]
Fix typo in R15, and clarify.
Matthias Andree [Tue, 6 Nov 2012 07:30:50 +0000 (08:30 +0100)]
Fix typo repsonsible -> responsible.
Matthias Andree [Tue, 6 Nov 2012 07:30:50 +0000 (08:30 +0100)]
Fix typo repsonsible -> responsible.
Matthias Andree [Sat, 13 Oct 2012 22:10:11 +0000 (00:10 +0200)]
Make Maillennium POP3 workarounds less specific,
to encompass Maillennium POP3/UNIBOX (Maillennium V05.00c++). Reported
by Eddie via fetchmail-users mailing list, 2012-10-13.
Matthias Andree [Sun, 23 Sep 2012 12:58:06 +0000 (14:58 +0200)]
Merge logfile/syslog cleanup from legacy_63 branch.
Matthias Andree [Sun, 23 Sep 2012 12:44:25 +0000 (14:44 +0200)]
Clean up logfile vs. syslog handling.
In case logfile overrides syslog, send a message to the latter stating
where logging goes. Also revise manual page.
Matthias Andree [Thu, 6 Sep 2012 23:51:40 +0000 (01:51 +0200)]
Mention fetchmail-mda-fork.patch on TODO.
Matthias Andree [Thu, 6 Sep 2012 23:44:39 +0000 (01:44 +0200)]
Park Fabio Rossi's contribution, needs review.
At first glance, it needs to be rediffed/wiggled/updated (it was against 6.3.21
rather than 7.0.0-alpha); and it uses non-portable syscalls - perhaps
waitpit is better.
Matthias Andree [Thu, 6 Sep 2012 00:06:32 +0000 (02:06 +0200)]
Make APOP timestamp complaint less obtrusive.
Matthias Andree [Wed, 5 Sep 2012 23:59:15 +0000 (01:59 +0200)]
Revert "Reinstate SSLv2 support on legacy_63 branch."
This reverts commit
aee0a1be4163b06ae8d32dff93d13a87668423b3 .
It was inadvertently merged from 6.3.20-6.3.21 changes.
Conflicts:
NEWS
fetchmail.man
po/de.po
socket.c
Matthias Andree [Wed, 5 Sep 2012 20:43:41 +0000 (22:43 +0200)]
Merge completed - remove from TODO.
Matthias Andree [Wed, 5 Sep 2012 01:57:56 +0000 (03:57 +0200)]
Revert parallel-tests, breaks on FreeBSD.
Matthias Andree [Wed, 5 Sep 2012 01:44:36 +0000 (03:44 +0200)]
Update.
Matthias Andree [Wed, 5 Sep 2012 01:31:54 +0000 (03:31 +0200)]
Remove dead variable.
Matthias Andree [Wed, 5 Sep 2012 01:27:41 +0000 (03:27 +0200)]
Exploit newer automake/autoconf features.
The self-tests now run in parallel, and use coloured output in terminals.
Users can now request a more concise compile with V=0 or by running
./configure --enable-silent-rules. This defaults to off.
Matthias Andree [Wed, 5 Sep 2012 01:16:21 +0000 (03:16 +0200)]
Simplify copyright.
Matthias Andree [Wed, 5 Sep 2012 01:07:32 +0000 (03:07 +0200)]
Rediff patch.
Matthias Andree [Wed, 5 Sep 2012 01:06:26 +0000 (03:06 +0200)]
Rebuild po/
Matthias Andree [Wed, 5 Sep 2012 00:59:05 +0000 (02:59 +0200)]
Fix up merge.
Matthias Andree [Wed, 5 Sep 2012 00:53:54 +0000 (02:53 +0200)]
Merge branch 'legacy_63'
Conflicts:
Makefile.am
NEWS
conf.c
configure.ac
contrib/rawlog.patch
fetchmail-SA-2011-01.txt
fetchmail.man
fm_md5.h
kerberos.c
socket.c
socket.h
Matthias Andree [Tue, 4 Sep 2012 20:55:55 +0000 (22:55 +0200)]
fix another typo, point one URL to CVE.
Matthias Andree [Tue, 4 Sep 2012 20:49:42 +0000 (22:49 +0200)]
Fix typo in CVE URLs that rendered two new links useless.
Matthias Andree [Mon, 3 Sep 2012 21:12:39 +0000 (23:12 +0200)]
Obsoletion warning.
Matthias Andree [Mon, 3 Sep 2012 21:08:53 +0000 (23:08 +0200)]
Mention Alexander's fix for -f - with --plugin.
Alexander Zangerl [Mon, 3 Sep 2012 21:07:47 +0000 (23:07 +0200)]
Fix: combination of --plugin and -f - fails
scenario: you want to remote-control fetchmail, but you don't want to write
passwords into files, so you feed fetchmail a minimal rcfile via stdin with -f
-. this by itself works fine. if you also want or need to use a --plugin (eg.
socat for socks), then things fail badly: the plugin is run without a stdin fd,
hence can't take input from fetchmail, lots of fun ensues. plugins without -f
- work fine, it's just the combination that fails.
explanation: the root cause is rcfile_y.y, line 493, which closes whatever fd
carried the rcfile. with -f - this closes fetchmail's stdin - and so far that's
unproblematic. however, in socket.c lines 166ff things go wrong: fetchmail
sets up the plugin with a socketpair, which will likely include the first
unused fd - and fd zero is now indeed unused. in line 180ff a dup2 replumbing
from "that fd" (=zero) to zero is performed - and then "that fd" is closed.
and hey presto, we've got no fd zero = stdin for the plugin.
solution: the simplest solution (patch attached) is to make the fclose of the
rcfile conditional, ie. don't close if it's stdin. in the long run the
dup2+close code might be made more robust by not doing a dup2+close if fd[0] is
already 0 or 1.
Matthias Andree [Mon, 3 Sep 2012 21:05:37 +0000 (23:05 +0200)]
Note Earl's regression fix for SSL_CTX_clear_options() on older OpenSSL.
Earl Chew [Mon, 3 Sep 2012 21:04:08 +0000 (23:04 +0200)]
Clear SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS without SSL_CTX_clear_options()
A patch to clear SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS was added recently:
http://gitorious.org/fetchmail/fetchmail/commit/
48809c5b9f6c9081f4031fa938dd63b060c18a4b ?format=patch
Older implementations of OpenSSL do not support SSL_CTX_clear_options().
This patch reworks the previous change to avoid the use of
SL_CTX_clear_options() and instead clears the corresponding bit in
SSL_OP_ALL before calling SSL_CTX_set_options().
Matthias Andree [Thu, 30 Aug 2012 06:17:53 +0000 (08:17 +0200)]
Update security info on web site.
Matthias Andree [Wed, 29 Aug 2012 23:03:08 +0000 (01:03 +0200)]
Update copyright and SecAnn' version.
Matthias Andree [Wed, 29 Aug 2012 21:36:40 +0000 (23:36 +0200)]
Update.
Matthias Andree [Wed, 29 Aug 2012 21:24:14 +0000 (23:24 +0200)]
Get ready for 6.3.22 release.
Matthias Andree [Mon, 20 Aug 2012 18:40:14 +0000 (20:40 +0200)]
Update translations and NEWS.
Matthias Andree [Fri, 17 Aug 2012 16:23:54 +0000 (18:23 +0200)]
Warn if SSL is disabled, suggest --with-ssl.
Matthias Andree [Fri, 17 Aug 2012 16:15:02 +0000 (18:15 +0200)]
Fix installation when PYTHON is enabled.
The Python-related Makefile.am parts were simplified to avoid an
automake 1.11.X bug around noinst_PYTHON, Automake Bug #10995.
http://lists.gnu.org/archive/html/automake-patches/2012-03/txtbYNp7SPawU.txt
Matthias Andree [Wed, 15 Aug 2012 21:41:03 +0000 (23:41 +0200)]
GSSAPI build fix.
The GSSAPI-related autoconf code now matches gssapi.c better, and uses
a different check to look for GSS_C_NT_HOSTBASED_SERVICE.
This fixes the GSSAPI-enabled build on NetBSD 6 Beta.
Matthias Andree [Wed, 15 Aug 2012 20:12:44 +0000 (22:12 +0200)]
Update translations.
Matthias Andree [Tue, 14 Aug 2012 23:19:47 +0000 (01:19 +0200)]
Correct title/topic, remove dates (6.3.22 isn't out yet), and re-sign.
Matthias Andree [Tue, 14 Aug 2012 20:53:04 +0000 (22:53 +0200)]
Fix compiler warnings.
Matthias Andree [Tue, 14 Aug 2012 20:52:46 +0000 (22:52 +0200)]
Fix compiler aliasing warning.
Matthias Andree [Tue, 14 Aug 2012 20:38:55 +0000 (22:38 +0200)]
Fix length argument to memset().
Matthias Andree [Tue, 14 Aug 2012 18:47:22 +0000 (20:47 +0200)]
Validate NTLM challenge fields.
This is to avoid reading from bad locations, and possibly conveying
confidential data. Credit to Nico Golde.
Matthias Andree [Tue, 14 Aug 2012 05:46:22 +0000 (07:46 +0200)]
Add CVE-Id and sign.
Matthias Andree [Mon, 13 Aug 2012 20:05:52 +0000 (22:05 +0200)]
reword
Matthias Andree [Mon, 13 Aug 2012 20:04:34 +0000 (22:04 +0200)]
Add new Swedish translation, by Göran Uddeborg.
Matthias Andree [Mon, 13 Aug 2012 19:27:37 +0000 (21:27 +0200)]
Fix advisory no. in header.
Matthias Andree [Mon, 13 Aug 2012 19:25:34 +0000 (21:25 +0200)]
Reformat, inserting blank line.
Matthias Andree [Mon, 13 Aug 2012 19:23:41 +0000 (21:23 +0200)]
Document fix for NTLM crash, + Security advisory (draft).
Matthias Andree [Mon, 13 Aug 2012 19:05:23 +0000 (21:05 +0200)]
Update German translation.
Matthias Andree [Mon, 13 Aug 2012 18:48:12 +0000 (20:48 +0200)]
Fix crash: Handle invalid base64 in NTLM challenge.
Some servers, for instance the MS Exchange servers deployed by the
US-American National Aeronautics and Space Administration (NASA),
aborted the NTLM protocol exchange after receiving the initial request.
Fetchmail did not detect that there was an error message, rather than
NTLM protocol exchange, and caught a segmentation fault while reading
from a bad location.
Detect base64 decoding errors, and return PS_AUTHFAIL in this case.
Reported by J[ames] Porter Clark.
Matthias Andree [Thu, 2 Aug 2012 18:35:32 +0000 (20:35 +0200)]
Document license change in CHANGES.
Matthias Andree [Thu, 2 Aug 2012 16:59:44 +0000 (18:59 +0200)]
Add preconnect/postconnect interface PS_SYNTAX -> PS_ERROR.
Matthias Andree [Sun, 24 Jun 2012 13:45:44 +0000 (15:45 +0200)]
Feature request: other finger print algorithms than MD5 (by grarpamp).
Matthias Andree [Thu, 31 May 2012 23:02:28 +0000 (01:02 +0200)]
Add one TODO item.
Matthias Andree [Sat, 26 May 2012 01:27:46 +0000 (03:27 +0200)]
State that we don't want to access internal OpenSSL structures.
Requires OpenSSL 1.0.1, but compatible with older releases, too.
Matthias Andree [Thu, 31 May 2012 06:47:20 +0000 (08:47 +0200)]
Properly erase MD5Context in MD5Final.
Found by clang.
Matthias Andree [Thu, 31 May 2012 06:47:20 +0000 (08:47 +0200)]
Properly erase MD5Context in MD5Final.
Found by clang.
Matthias Andree [Tue, 15 May 2012 06:45:46 +0000 (08:45 +0200)]
Mention cherry-pick.
Sunil Shetye [Wed, 9 May 2012 08:10:12 +0000 (13:40 +0530)]
fetchmail workaround for a bug in Microsoft Exchange
treat missing header in response to a FETCH command as a transient error
(Reported by John Connett)
if there are too many transient errors, log it.
Sunil Shetye [Wed, 9 May 2012 08:10:12 +0000 (13:40 +0530)]
fetchmail workaround for a bug in Microsoft Exchange
treat missing header in response to a FETCH command as a transient error
(Reported by John Connett)
if there are too many transient errors, log it.
Matthias Andree [Fri, 6 Apr 2012 21:39:56 +0000 (23:39 +0200)]
Relicense security/errata notices as CC BY-ND 3.0.
Removing the NC/noncommercial clause, to ease redistribution.
Matthias Andree [Fri, 6 Apr 2012 21:20:34 +0000 (23:20 +0200)]
Add fetchmail-SA-2012-01.txt.
Matthias Andree [Fri, 6 Apr 2012 19:34:18 +0000 (21:34 +0200)]
Bump version to 6.3.22.
Matthias Andree [Fri, 6 Apr 2012 19:31:53 +0000 (21:31 +0200)]
Fix CVE-2011-3389 by clearing SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS...
...from SSL options, unless FETCHMAIL_DISABLE_CBC_IV_COUNTERMEASURE
is a non-empty environment variable.
Suggested by Apple.
Matthias Andree [Sun, 1 Apr 2012 13:33:49 +0000 (15:33 +0200)]
Validate XHTML 1.0 stuff even when skipping 1.1.
Matthias Andree [Sun, 1 Apr 2012 13:33:49 +0000 (15:33 +0200)]
Validate XHTML 1.0 stuff even when skipping 1.1.
Matthias Andree [Tue, 22 Nov 2011 00:47:29 +0000 (01:47 +0100)]
Mention Zimbra FETCH () workaround by Mikulas Patocka
Mikulas Patocka [Fri, 18 Nov 2011 23:43:11 +0000 (18:43 -0500)]
fetchmail workaround for a bug in Zimbra
Zimbra occasionally returns this response:
fetchmail: IMAP> A0007 FETCH 1 RFC822.HEADER
fetchmail: IMAP< * 1 FETCH ()
fetchmail: IMAP< A0007 OK FETCH completed
It happens when there is a corrupted message without a header in the
database. (I don't know how this message could be created, I just see it
there).
When fetchmail encounters such resonse, it gives up and disconnects.
This patch changes it so that PS_TRANSIENT is returned in this
case and fetchmail continues to fetch following messages correctly.
Matthias Andree [Tue, 25 Oct 2011 22:30:32 +0000 (00:30 +0200)]
Fix build on SSLv2-disabled OpenSSL setups
On systems where SSLv2_client_method isn't defined in OpenSSL (such as newer
Debian, and Ubuntu starting with 11.10 oneiric ocelot), don't reference it (to
fix the build) and print a run-time error that the OS does not support SSLv2.
Fixes Debian Bug #622054, but note that that bug report has a more thorough
patch that does away with SSLv2 altogether.
Matthias Andree [Tue, 27 Sep 2011 10:04:37 +0000 (12:04 +0200)]
Disable SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS.
Note: this can cause compilation issues on outdated OpenSSL versions.
In such situations, use a newer OpenSSL version.
Matthias Andree [Tue, 6 Sep 2011 19:10:38 +0000 (21:10 +0200)]
Mention that user@server must be unique.
Matthias Andree [Tue, 6 Sep 2011 19:08:16 +0000 (21:08 +0200)]
Add items.
Matthias Andree [Tue, 30 Aug 2011 16:15:15 +0000 (18:15 +0200)]
Print Server certificate: banner on stdout rather than stderr.
Reported by Henry Jensen, fixes Debian Bug #639807.
Matthias Andree [Sun, 21 Aug 2011 13:07:48 +0000 (15:07 +0200)]
Critical fix: don't embed NUL in unterminated last IMAP line.
Found by Antoine Levitt.
Matthias Andree [Tue, 30 Aug 2011 16:15:15 +0000 (18:15 +0200)]
Print Server certificate: banner on stdout rather than stderr.
Reported by Henry Jensen, fixes Debian Bug #639807.
Matthias Andree [Fri, 26 Aug 2011 09:23:48 +0000 (11:23 +0200)]
Fixup last patch from Thomas, return void rather than NULL.
Thomas Jarosch [Fri, 26 Aug 2011 08:07:03 +0000 (10:07 +0200)]
Protect against possible NULL pointer
Signed-off-by: Thomas Jarosch <thomas.jarosch@intra2net.com>
Thomas Jarosch [Fri, 26 Aug 2011 07:58:14 +0000 (09:58 +0200)]
Remove unused variable
Signed-off-by: Thomas Jarosch <thomas.jarosch@intra2net.com>
Thomas Jarosch [Fri, 26 Aug 2011 07:57:08 +0000 (09:57 +0200)]
Fix small memory leak on error
Signed-off-by: Thomas Jarosch <thomas.jarosch@intra2net.com>
Matthias Andree [Sun, 21 Aug 2011 14:18:42 +0000 (16:18 +0200)]
Mention need to forward-port NUL-injection fix from 6.3.21.
Matthias Andree [Sun, 21 Aug 2011 13:49:42 +0000 (15:49 +0200)]
Update website for 6.3.21.
Matthias Andree [Sun, 21 Aug 2011 13:16:27 +0000 (15:16 +0200)]
Import translations.
Matthias Andree [Sun, 21 Aug 2011 13:14:42 +0000 (15:14 +0200)]
Bump version to 6.3.21, mark release date.
Matthias Andree [Sun, 21 Aug 2011 09:55:05 +0000 (11:55 +0200)]
Mention rawlog.patch in NEWS.
Matthias Andree [Sun, 21 Aug 2011 13:08:54 +0000 (15:08 +0200)]
Drop obsolete file TODO-6.3.20.
Matthias Andree [Sun, 21 Aug 2011 13:07:48 +0000 (15:07 +0200)]
Critical fix: don't embed NUL in unterminated last IMAP line.
Found by Antoine Levitt.