Revisions of fetchmail
buildservice-autocommit
accepted
request 991946
from
David Anes (david.anes)
(revision 138)
David Anes (david.anes)
(revision 138)
baserev update by copy to link target
David Anes (david.anes)
accepted
request 991826
from
Matej Cepl (mcepl)
(revision 137)
- Update to 6.4.32:
* Use configure to find rst2html, some systems install it only
with .py suffix, others only without, and some install both.
* Update README.maintainer
* Translations updated.
- Reapplied patches
- Add 44-uncorrupt_runfetchmail.patch to clean up some contrib/
scripts (gl#fetchmail/fetchmail#44).
buildservice-autocommit
accepted
request 989821
from
David Anes (david.anes)
(revision 136)
David Anes (david.anes)
(revision 136)
baserev update by copy to link target
David Anes (david.anes)
accepted
request 989820
from
David Anes (david.anes)
(revision 135)
- update to 6.4.31
* Bugfixes:
- Try to fix ./configure --with-ssl=... for systems that have
multiple OpenSSL versions installed. Issues reported by
Dennis Putnam.
- The netrc parser now reports its errors to syslog or logfile
when appropriate, previously it would always log to stderr.
- Add error checking to .netrc parser.
* Changes:
- manpage: use .UR/.UE macros instead of .URL for URIs.
- manpage: fix contractions. Found with FreeBSD's igor tool.
- manpage: HTML now built with pandoc -> python-docutils
(manServer.pl was dropped)
buildservice-autocommit
accepted
request 984200
from
David Anes (david.anes)
(revision 134)
David Anes (david.anes)
(revision 134)
baserev update by copy to link target
David Anes (david.anes)
accepted
request 984196
from
Stefan Schubert (schubi2)
(revision 133)
- Moved logrotate files from user specific directory /etc/logrotate.d to vendor specific directory /usr/etc/logrotate.d.
buildservice-autocommit
accepted
request 973654
from
David Anes (david.anes)
(revision 132)
David Anes (david.anes)
(revision 132)
baserev update by copy to link target
David Anes (david.anes)
accepted
request 973653
from
David Anes (david.anes)
(revision 131)
- update to 6.4.30:
* Breaking changes:
- Bump wolfSSL minimum required version to 5.2.0 to pull in
security fix.
* Changes:
- Using OpenSSL 1.* before 1.1.1n elicits a compile-time
warning.
- Using OpenSSL 3.* before 3.0.2 elicits a compile-time
warning.
- configure.ac was tweaked in order to hopefully fix
cross-compilation issues report, and different patch
suggested
* Translations.:
- ro: Updated Romanian translation.
buildservice-autocommit
accepted
request 969713
from
David Anes (david.anes)
(revision 130)
David Anes (david.anes)
(revision 130)
baserev update by copy to link target
David Anes (david.anes)
accepted
request 969544
from
Dirk Mueller (dirkmueller)
(revision 129)
- update to 6.4.29: * Updated vi [Vietnamese] translation.
buildservice-autocommit
accepted
request 960695
from
David Anes (david.anes)
(revision 128)
David Anes (david.anes)
(revision 128)
baserev update by copy to link target
David Anes (david.anes)
accepted
request 960655
from
David Anes (david.anes)
(revision 127)
- update to 6.4.28: * Updated spanish translation. - fix typos in changelog. - update to 6.4.27: - update to 6.4.26: - update to 6.4.25:
David Anes (david.anes)
accepted
request 957644
from
David Anes (david.anes)
(revision 126)
- update to 6.5.27:
* Bump wolfSSL minimum required version to 5.1.1 to pull in
security fix.
* Updated romanian translation.
David Anes (david.anes)
accepted
request 945812
from
David Anes (david.anes)
(revision 125)
- fix [bsc#1194203]: * Always create fetchmail group, even if the user is already present, as a leftover from Leap 15.2 upgrade. This may happen also if user is messing with groups/users directly or upgrading from even an older fetchmail versions.
Pedro Monreal Gonzalez (pmonrealgonzalez)
accepted
request 942816
from
David Anes (david.anes)
(revision 124)
Update to 6.4.26
Pedro Monreal Gonzalez (pmonrealgonzalez)
accepted
request 941606
from
Pedro Monreal Gonzalez (pmonrealgonzalez)
(revision 123)
- Rebased patches: * fetchmail-add-imap-oauthbearer-support.patch * fetchmail-support-oauthbearer-xoauth2-with-pop3.patch
Pedro Monreal Gonzalez (pmonrealgonzalez)
accepted
request 940000
from
Dirk Mueller (dirkmueller)
(revision 122)
- update to 6.5.25:
* 6.4.24's workaround for OpenSSL 1.0.2's X509_V_FLAG_TRUSTED_FIRST flag
contained a typo and would not kick in properly.
* Library and/or rpath setting from configure.ac was fixed.
* Added an example systemd unit file and instructions to contrib/systemd/
which runs fetchmail as a daemon with 5-minute poll intervals.
* fetchmail can now be used with wolfSSL 5's OpenSSL compatibility layer,
see INSTALL and README.SSL. This is considered experimental.
Feedback solicited.
* Bison 3.8 dropped yytoknum altogether, breaking compilation due to a
warning workaround. Remove the cast of yytoknum to void. This may cause
a compiler warning to reappear with older Bison versions.
* OpenSSL 1.0.2: Workaround for systems that keep the expired DST Root CA X3
certificate in its trust store because OpenSSL by default prefers the
untrusted certificate and fails.
* For common ssh-based IMAP PREAUTH setups (i. e. those that use a plugin
- no matter its contents - and that set auth ssh), change the STARTTLS
error message to suggest sslproto '' instead.
This is a commonly reported issue after the CVE-2021-39272 fix in 6.4.22.
- drop fetchmail-bison-3.8.patch (upstream)
Pedro Monreal Gonzalez (pmonrealgonzalez)
accepted
request 930497
from
Dominique Leuenberger (dimstar)
(revision 121)
- Add fetchmail-bison-3.8.patch: Fix build with bison 3.8. Patch from upstream git
Dirk Stoecker (dstoecker)
accepted
request 923570
from
Pedro Monreal Gonzalez (pmonrealgonzalez)
(revision 120)
- Update to 6.4.22: [bsc#1190069, CVE-2021-39272]
* OPENSSL AND LICENSING NOTE:
- fetchmail 6.4.22 is compatible with OpenSSL 1.1.1 and 3.0.0.
OpenSSL's licensing changed between these releases from dual
OpenSSL/SSLeay license to Apache License v2.0, which is
considered incompatible with GPL v2 by the FSF. For
implications and details, see the file COPYING.
* SECURITY FIXES:
- CVE-2021-39272: fetchmail-SA-2021-02: On IMAP connections,
without --ssl and with nonempty --sslproto, meaning that
fetchmail is to enforce TLS, and when the server or an attacker
sends a PREAUTH greeting, fetchmail used to continue an
unencrypted connection. Now, log the error and abort the
connection. --Recommendation for servers that support
SSL/TLS-wrapped or "implicit" mode on a dedicated port
(default 993): use --ssl, or the ssl user option in an rcfile.
- On IMAP and POP3 connections, --auth ssh no longer prevents
STARTTLS negotiation.
- On IMAP connections, fetchmail does not permit overriding
a server-side LOGINDISABLED with --auth password any more.
- On POP3 connections, the possibility for RPA authentication
(by probing with an AUTH command without arguments) no longer
prevents STARTTLS negotiation.
- For POP3 connections, only attempt RPA if the authentication
type is "any".
* BUG FIXES:
- On IMAP connections, when AUTHENTICATE EXTERNAL fails and we
have received the tagged (= final) response, do not send "*".
- On IMAP connections, AUTHENTICATE EXTERNAL without username
will properly send a "=" for protocol compliance.
Pedro Monreal Gonzalez (pmonrealgonzalez)
accepted
request 918946
from
Johannes Segitz (jsegitz)
(revision 119)
Automatic systemd hardening effort by the security team. This has not been tested. For details please see https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort
Displaying revisions 21 - 40 of 158
