Request 1045487: Submit libesmtp - openSUSE Build Service

This request supersedes: request 1045486 (Show diff)

Overview

Request 1045487 accepted

- Update to 1.1.0:
* CVE-2019-19977: avoid potential stack overflow in NTLM authenticator.
* Migrate build system to Meson
* Remove GNU libltdl support, assume dlopen() always available.
* Use a linker map to restrict public symbols to API only.
* Add sentinel and ‘format printf’ attributes to function declarations.
* Remove getaddrinfo() implementation.
* Use strlcpy() for safer string copies, provide implementation
for systems that need it.
* Update ‘application data’ APIs
* Add ‘smtp_get_server_name()’ API.
* Collect replacement functions into missing.c
* Prohibit Resent-Reply-To: header.
* Use canonic domain name of MTA where known
* Implement rfc2822date() with strftime() if available.
* add option for XDG file layout convention instead of ~/.authenticate
* OpenSSL
+ Remove support for OpenSSL versions before v1.1.0
+ Update OpenSSL API calls used for modern versions
+ Require TLS v1 or higher
* Add add_ntlm.patch
* Drop the following patches:
+ libesmtp-removedecls.diff
+ libesmtp-1.0.4-bloat.patch
+ libesmtp-fix-cve-2019-19977.patch
+ libesmtp-openssl11.patch
+ libesmtp-tlsv12.patch

Created by polslinux over 1 year ago
In state accepted
Supersedes 1045486

Submit libesmtp

Comments for request 1045487 1

Staging Bot (staging-bot) - over 1 year ago

@Mailaender, @Marcus_H, @WernerFink, @anicka, @computersalat, @darix, @dirkmueller, @dstoecker, @elvigia, @gerberb, @jengelh, @kssingvo, @lrupp, @pbleser, @peternixon, @poeml, @psmt, @seife, @varkoly, @wrosenauer: review reminder

Login required, please login in order to comment

Request History

polslinux created request over 1 year ago

- Update to 1.1.0:
* CVE-2019-19977: avoid potential stack overflow in NTLM authenticator.
* Migrate build system to Meson
* Remove GNU libltdl support, assume dlopen() always available.
* Use a linker map to restrict public symbols to API only.
* Add sentinel and ‘format printf’ attributes to function declarations.
* Remove getaddrinfo() implementation.
* Use strlcpy() for safer string copies, provide implementation
for systems that need it.
* Update ‘application data’ APIs
* Add ‘smtp_get_server_name()’ API.
* Collect replacement functions into missing.c
* Prohibit Resent-Reply-To: header.
* Use canonic domain name of MTA where known
* Implement rfc2822date() with strftime() if available.
* add option for XDG file layout convention instead of ~/.authenticate
* OpenSSL
+ Remove support for OpenSSL versions before v1.1.0
+ Update OpenSSL API calls used for modern versions
+ Require TLS v1 or higher
* Add add_ntlm.patch
* Drop the following patches:
+ libesmtp-removedecls.diff
+ libesmtp-1.0.4-bloat.patch
+ libesmtp-fix-cve-2019-19977.patch
+ libesmtp-openssl11.patch
+ libesmtp-tlsv12.patch

jengelh accepted request over 1 year ago

openSUSE Build Service is sponsored by