Overview Repositories Revisions Requests Users Attributes Meta

Revisions of fetchmail

Pedro Monreal Gonzalez's avatar Pedro Monreal Gonzalez (pmonrealgonzalez) accepted request 914067 from Pedro Monreal Gonzalez's avatar Pedro Monreal Gonzalez (pmonrealgonzalez) (revision 118) 
- Update to 6.4.21:
  * REGRESSION FIX: The new security fix in 6.4.20 for
    CVE-2021-36386 caused truncation of messages logged to
    buffered outputs, predominantly --logfile.
Dirk Stoecker's avatar Dirk Stoecker (dstoecker) accepted request 909104 from Pedro Monreal Gonzalez's avatar Pedro Monreal Gonzalez (pmonrealgonzalez) (revision 117) 
- Update to 6.4.20: [bsc#1188875, CVE-2021-36386]
  * CVE-2021-36386: DoS or information disclosure in some configurations.
    When a log message exceeds c. 2 kByte in size, for instance,
    with very long header contents, and depending on verbosity
    option, fetchmail can crash or misreport each first log message
    that requires a buffer reallocation. fetchmail then reallocates
    memory and re-runs vsnprintf() without another call to va_start(),
    so it reads garbage. The exact impact depends on many factors
    around the compiler and operating system configurations used and
    the implementation details of the stdarg.h interfaces of the two
    functions mentioned before.
Pedro Monreal Gonzalez's avatar Pedro Monreal Gonzalez (pmonrealgonzalez) accepted request 907128 from Pedro Monreal Gonzalez's avatar Pedro Monreal Gonzalez (pmonrealgonzalez) (revision 116) 
Revert the previous commit since the group is created by sysusers
Pedro Monreal Gonzalez's avatar Pedro Monreal Gonzalez (pmonrealgonzalez) accepted request 903747 from Bernhard Wiedemann's avatar Bernhard Wiedemann (bmwiedemann) (revision 115) 
Stop using a non-existing fetchmail group
buildservice-autocommit accepted request 897428 from Pedro Monreal Gonzalez's avatar Pedro Monreal Gonzalez (pmonrealgonzalez) (revision 114) 
baserev update by copy to link target
Pedro Monreal Gonzalez's avatar Pedro Monreal Gonzalez (pmonrealgonzalez) accepted request 892934 from Jeff Mahoney's avatar Jeff Mahoney (jeff_mahoney) (revision 113) 
- Backported support for OAUTH2 authentication from Fetchmail 7.0.
  - add imap oauthbearer support
  - support oauthbearer/xoauth2 with pop3
  - add passwordfile and passwordfd options
  - add contrib/fetchnmail-oauth2.py token acquisition utility
  - FAQ: list gmail options including oauthbearer and app password
  - give each ctl it's own copy of password
  - re-read passwordfile on every poll
  - add query_to64_outsize() utility function
  - Chase and integrate interface change.
  - oauth2.c: calculate and pass in correct buffer size to to64frombits()
  - Increase max password length to handle oauth tokens
  - Bump max. passwordlen to 10000 bytes.
  - Add README.OAUTH2
- Added patches:
  * fetchmail-add-imap-oauthbearer-support.patch
  * fetchmail-support-oauthbearer-xoauth2-with-pop3.patch
  * fetchmail-add-passwordfile-and-passwordfd-options.patch
  * fetchmail-add-contrib-fetchnmail-oauth2.py-token-acquisition-u.patch
  * fetchmail-FAQ-list-gmail-options-including-oauthbearer-and-app.patch
  * fetchmail-give-each-ctl-it-s-own-copy-of-password.patch
  * fetchmail-re-read-passwordfile-on-every-poll.patch
  * fetchmail-add-query_to64_outsize-utility-function.patch
  * fetchmail-chase-and-integrate-interface-change.patch
  * fetchmail-oauth2-c-calculate-and-pass-in-correct-buffer-size-to-to64frombits.patch
  * fetchmail-increase-max-password-length-to-handle-oauth-tokens.patch
  * fetchmail-bump-max-passwordlen-to-1bytes.patch
  * fetchmail-add-readme-oauth2-issue-27.patch
buildservice-autocommit accepted request 891986 from Pedro Monreal Gonzalez's avatar Pedro Monreal Gonzalez (pmonrealgonzalez) (revision 112) 
baserev update by copy to link target
Pedro Monreal Gonzalez's avatar Pedro Monreal Gonzalez (pmonrealgonzalez) accepted request 891584 from Dirk Mueller's avatar Dirk Mueller (dirkmueller) (revision 111) 
- update to 6.4.19:
  * fetchmailconf: properly catch and report option parsing errors
  * LMTP: do not try to validate the last component of a UNIX-domain LMTP socket 
    as though it were a TCP port.
buildservice-autocommit accepted request 883181 from Pedro Monreal Gonzalez's avatar Pedro Monreal Gonzalez (pmonrealgonzalez) (revision 110) 
baserev update by copy to link target
Pedro Monreal Gonzalez's avatar Pedro Monreal Gonzalez (pmonrealgonzalez) accepted request 883119 from Dirk Mueller's avatar Dirk Mueller (dirkmueller) (revision 109) 
- update to 6.4.18:
  * fetchmailconf: fetchmail 6.4.16 added --sslcertfile to the configuration dump,
    but fetchmailconf support was incomplete in Git 7349f124 and it could not
    parse sslcertfile, thus the user settings editor came up empty with console
    errors printed.  Fix configuration parser in fetchmailconf.
  * fetchmailconf: do not require fetchmail for -V. do not require Tk (Tkinter)
    for -d option. This is to fail more gracefully on incomplete installs.
  * TLS code: remove OPENSSL_NO_DEPRECATED macros to avoid portability issues
    with OpenSSL v3 - these are for development purposes, not production.
  * TLS futureproofing: use SSL_use_PrivateKey_file instead of 
    SSL_use_RSAPrivateKey_file, the latter will be deprecated with OpenSSL v3,
    and the user's key file might be something else than RSA.
  * IMAP client: it used to leak memory for username and password when trying
    the LOGIN (password-based) authentication and encountered a timeout situation.
  * dist-tools/getstats.py: also counts lines in *.py files, shown above.
  * fetchmail.man: now mentions that you may need to add --ssl when specifying
    a TLS-wrapped port.
  * fetchmailconf: --version (-V) now prints the Python version in use.
buildservice-autocommit accepted request 876591 from Dirk Stoecker's avatar Dirk Stoecker (dstoecker) (revision 108) 
baserev update by copy to link target
Dirk Stoecker's avatar Dirk Stoecker (dstoecker) accepted request 876575 from Pedro Monreal Gonzalez's avatar Pedro Monreal Gonzalez (pmonrealgonzalez) (revision 107) 
- update to 6.4.16:
  * fetchmail's --configdump, and fetchmailconf, lacked support for
    the sslcertfile option.
  * fetchmail --version [fetchmail -V] now queries and prints the
    SSL/TLS library's "SSL default trusted certificate" file or
    directory (mind the word "default"), where the OpenSSL-compatible
    TLS implementation will look for trusted root, meaning
    certification authority (CA), certificates.
  * fetchmail --version now prints version of the OpenSSL library
    that it was compiled against, and that it is using at runtime,
    and also the OPENSSL_DIR and OPENSSL_ENGINES_DIR (if available).
buildservice-autocommit accepted request 860133 from Pedro Monreal Gonzalez's avatar Pedro Monreal Gonzalez (pmonrealgonzalez) (revision 106) 
baserev update by copy to link target
Pedro Monreal Gonzalez's avatar Pedro Monreal Gonzalez (pmonrealgonzalez) accepted request 860127 from Dirk Mueller's avatar Dirk Mueller (dirkmueller) (revision 105) 
- update to 6.4.15:
  * Fix a typo in the manual page reported by David McKelvie.
  * Fix cross-compilation with openssl, by Fabrice Fontaine. Merge request !23.
  * Fix truncation of SMTP PLAIN AUTH with ^ in credentials, by Earl Chew.
buildservice-autocommit accepted request 857844 from Pedro Monreal Gonzalez's avatar Pedro Monreal Gonzalez (pmonrealgonzalez) (revision 104) 
baserev update by copy to link target
Pedro Monreal Gonzalez's avatar Pedro Monreal Gonzalez (pmonrealgonzalez) accepted request 856963 from Dirk Mueller's avatar Dirk Mueller (dirkmueller) (revision 103) 
- update to 6.4.14:
  * sr:    Мирослав Николић (Miroslav Nikolić) [Serbian]
  * Errors about lock file (= pidfile) creation could be lost in daemon 
  configurations (-d option, or set daemon) when using syslog. Now they are also 
  logged to syslog.  Found verifying a pidfile creation issue on 6.4.12 that was 
  previously reported by Alex Hall of Automatic Distributors.
  * If the lock file cannot be removed (no write permission on directory), try
  to truncate it, and if that fails, report error.
  * If the pidfile was non-default, fetchmail -q or --quit would malfunction and
  claim no other fetchmail were running, because it did not read the 
  configuration files or merge the command line options, thus it would look for 
  the PID in the wrong file.
Pedro Monreal Gonzalez's avatar Pedro Monreal Gonzalez (pmonrealgonzalez) accepted request 856925 from Thorsten Kukuk's avatar Thorsten Kukuk (kukuk) (revision 102) 
- Don't require systemd
- Use tmpfiles for all files
- Use systemd macro for tmpfiles
- Don't delete home directory if the user stays
- Use sysusers config to create system user
buildservice-autocommit accepted request 832755 from Pedro Monreal Gonzalez's avatar Pedro Monreal Gonzalez (pmonrealgonzalez) (revision 101) 
baserev update by copy to link target
Pedro Monreal Gonzalez's avatar Pedro Monreal Gonzalez (pmonrealgonzalez) accepted request 832383 from Dirk Mueller's avatar Dirk Mueller (dirkmueller) (revision 100) 
- update to 6.4.12:
  # REGRESSION FIX:
  * configure: fetchmail 6.4.9 and 6.4.10 would miss checking for TLS v1.2 and
  TLS v1.3 support if AC_LIB_LINKFLAGS came up with something such as
  /path/to/libssl.so, rather than -lssl. (For instance on FreeBSD) 
  * configure: fetchmail 6.4.9's configure was unable to pick up OpenSSL
  if it wasn't announced by pkg-config, for instance, on FreeBSD
buildservice-autocommit accepted request 831200 from Dirk Stoecker's avatar Dirk Stoecker (dstoecker) (revision 99) 
baserev update by copy to link target
Displaying revisions 41 - 60 of 158
openSUSE Build Service is sponsored by
Places