Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Commits on Aug 21, 2012
Commits on Aug 26, 2011
  1. Update "fetchmail" and "fetchmailconf" package to version 6.3.21.

    tron authored
    Changes since version 6.3.20:
    - The IMAP client no longer inserts NUL bytes into the last line of a
      message when it is not closed with a LF or CRLF sequence. Reported
      by Antoine Levitt.  As a side effect of the fix, and in order to
      avoid a full rewrite, fetchmail will now CRLF-terminate the last
      line fetched through IMAP, even if it is originally not terminated
      by LF or CRLF. This bears no relevance if your messages end up in
      mbox, but adds line termination for storages (like Maildir) that do
      not require that the last line be LF- or CRLF-terminated.
Commits on Jun 9, 2011
  1. Update fetchmail to 6.3.20.

    obache authored
    Requested by PR#45030.
    
    fetchmail-6.3.20 (released 2011-06-06, 26005 LoC):
    
    # SECURITY BUG FIXES
    * CVE-2011-1947:
      STARTTLS: Fetchmail runs the IMAP STARTTLS or POP3 STLS negotiation with the
      set timeout (default five minutes) now. This was reported missing, with
      observed fetchmail freezes beyond a week, by Thomas Jarosch.
         SSL-wrapped connections were unaffected by this timeout, so users of older
      versions can force ssl-wrapped connections -- if supported by the server --
      with the --ssl command line or ssl rcfile option.
      See fetchmail-SA-2011-01.txt for further details.
    
    # BUG FIXES
    * IMAP: Do not search for UNSEEN messages in ranges. Usually, there are very few
      new messages and most of the range searches result in nothing. Instead, split
      the long response to make the IMAP driver think that there are multiple lines
      of response. (Sunil Shetye)
    * Do not print "skipping message" for old messages even in verbose mode. If
      there are too many old messages, the logs just get filled without any real
      activity. (Sunil Shetye) (suggested by Yunfan Jiang)
    * Build: fetchmail now always uses its own MD5 implementation rather than trying
      to find a system library with matched header. The library and header variants
      found on systems are too diverse, and the code size saving is not worth any
      more wasted user or programmer time.
    
    # CHANGES
    * Call strlen() only once when removing CRLF from a line. (Sunil Shetye)
    * fetchmail sets Internet domain sockets to "keepalive" mode now. Note that
      there is no portable way to configure actual timeouts for this mode, and some
      systems only support a system-wide timeout setting. fetchmail does not
      attempt to tune the time spans of keepalive mode.
    
    # TRANSLATION UPDATES
      [cs]    Chech (Petr Pisar)
      [nl]    Dutch (Erwin Poeze)
      [fr]    French (Frédéric Marchal)
      [de]    German (Matthias Andree)
      [ja]    Japanese (Takeshi Hamasaki)
      [pl]    Polish (Jakub Bogusz)
      [sk]    Slovak (Marcel Telka)
    
    # KNOWN BUGS AND WORKAROUNDS
      (this section floats upwards through the NEWS file so it stays with the
      current release information - however, it was stuck with 6.3.8 for a while)
    * fetchmail does not handle messages without Message-ID header well
      (See sourceforge.net bug #780933)
    * BSMTP is mostly untested and errors can cause corrupt output.
    * Sun Workshop 6 (SPARC) is known to miscompile the configuration file lexer in
      64-bit mode.  Either compile 32-bit code or use GCC to compile 64-bit
      fetchmail.  Note that fetchmail doesn't take advantage of 64-bit code,
      so compiling 32-bit SPARC code should not cause any difficulties.
    * fetchmail does not track pending deletes over crashes.
    * the command line interface is sometimes a bit stubborn, for instance,
      fetchmail -s doesn't work with a daemon running.
    * Linux systems may return duplicates of an IP address in some circumstances if
      no or no global IPv6 addresses are configured.
      (No workaround. Ubuntu Bug#582585, Novell Bug#606980.)
    * Kerberos 5 may be broken, particularly on Heimdal, and provide bogus error
      messages. This will not be fixed, because the maintainer has no Kerberos 5
      server to test against. Use GSSAPI.
    
    
    fetchmail-6.3.19 (released 2010-12-10, 25945 LoC):
    
    # ERRATUM NOTICE ISSUED
    * fetchmail 6.3.18 contains several bug fixes that were considered sufficiently
      grave to warrant the issue of an erratum notice, fetchmail-EN-2010-03.txt.
    
    # BUG FIXES
    * When specifying multiple local multidrop lists, do not lose wildcard flag.
      (Affects "user foo is bar baz * is joe here")
    * In multidrop configurations, an asterisk can now appear anywhere in the list
      of local users, not just at the end.
    * In multidrop mode, header parsing is now more verbose in -vv mode, so that it
      becomes possible to see which header is used.
    * Make --antispam work from command line (these used to work in rcfiles).
      Reported by Kees Bakker, BerliOS Bug #17599. (Sunil Shetye)
    * Smoke test XHTML 1.1 validation, and if it fails, skip validating HTML
      documents.  Skip validating Mailbox-Names-UTF7.html. Several systems have
      broken XHTML 1.1 DTD installations that jeopardize the build.
      Reported by Mihail Nechkin against FreeBSD port.
      Workaround for 6.3.18: build in a separate directory, i. e:
      mkdir build && cd build && ../configure --options-go-here
    * Send a NOOP only after a failed STARTTLS in IMAP. (Sunil Shetye)
    * Demote GSSAPI verbose/debug syslog to INFO severity. Requested by Carlos E. R.
      and Derek Simkowiak via the fetchmail-users@ mailing list.
    * Do STARTTLS/STLS negotiation in IMAP/POP3 if it is mandatory even if the
      server capabilities do not show support for upgradation to TLS.
      To use this, configure --sslproto tls1. (Sunil Shetye)
    * IMAP: Understand empty strings as FETCH response, seen on Yahoo. Reported by
      Yasin Malli to fetchmail-users@ 2010-12-10.
      Note that fetchmail continues to expect literals as FETCH response for now.
    
    # DOCUMENTATION
    * The manual page now links to IANA for GSSAPI service names.
    
    # TRANSLATION UPDATES
      [cs]    Czech (Petr Pisar)
      [fr]    French (Frédéric Marchal)
      [de]    German
      [it]    Italian (Vincenzo Campanella)
      [pl]    Polish (Jakub Bogusz)
    
    
    fetchmail-6.3.18 (released 2010-10-09, 25936 LoC):
    
    # SECURITY IMPROVEMENTS TO DEFANG X.509 CERTIFICATE ABUSE
    * Fetchmail now only accepts wildcard certificate common names and subject
      alternative names if they start with "*.". Previous versions would accept
      wildcards even if no period followed immediately.
    * Fetchmail now disallows wildcards in certificates to match domain literals
      (such as 10.9.8.7), or wildcards in domain literals ("*.168.23.23").
      The test is overly picky and triggers if the pattern (after skipping the
      initial wildcard "*") or domain consists solely of digits and dots, and thus
      matches more than needed.
    * Fetchmail now disallows wildcarding top-level domains.
    
    # CRITICAL BUG FIXES AND REGRESSION FIXES
    * Fetchmail 6.3.15, 6.3.16, and 6.3.17 would pick up libmd5 to obtain MD5*
      functions, as an effect of an undocumented Solaris MD5 fix.
      This caused all MD5-related functions to malfunction if, for instance,
      libmd5.so was installed on other operating systems as part of libwww on
      machines where long isn't 32-bits, i. e. usually on 64-bit computers.
      Fixes Gentoo Bug #319283, reported, including libwww hint, by Karl Hakimian.
      Side effect: fetchmail will now use -lmd on Solaris rather than -lmd5.
    * Fetchmail 6.3.17 warned about insecure SSL/TLS connections even if a matching
      --sslfingerprint was specified. This is an omission from an SSL usability
      change made in 6.3.17.
      Fixes Debian Bug#580796 reported by Roland Stigge.
    * Fetchmail will now apply timeouts to the authentication stage.
      This stage encompasses STARTTLS/STLS negotiation in IMAP/POP3.
      Reported missing by Thomas Jarosch.
    * Fetchmail now cancels GSSAPI authentication properly when encountering GSS
      errors, such as no or unsuitable credentials.
      It now sends an asterisk on a line by its own, as required in SASL.
        This fixes protocol synchronization issues that cause Authentication
      failures, often observed with kerberized MS Exchange servers.
      Fixes Debian Bug #568455 reported by Patrick Rynhart, and Alan Murrell, to the
      fetchmail-users list. Fix verified by Thomas Voigtmann and Patrick Rynhart.
    
    # BUG FIXES
    * Fetchmail will no longer print connection attempts and errors for one host
      in "silent" and "normal" logging modes, unless all connections fail. This
      should reduce irritation around refused-connection logging if services are
      only on an IPv4 socket if the host also supports IPv6. Often observed as
      connections refused to ::1/25 when the subsequent connection to 127.0.0.1/25
      then - silently - succeeds.  Fetchmail, unless in verbose mode, will collect
      all connect errors and only report them if all of them fail.
    * Fetchmail will not try GSSAPI authentication automatically, unless it has GSS
      credentials. However, if GSSAPI authentication is requested explicitly,
      fetchmail will always try it.
    * Fetchmail now parses response to "FETCH n:m RFC822.SIZE" and "FETCH n
      RFC822.HEADER" in a more flexible manner. (Sunil Shetye)
    * The manual page clearly states that --principal is for Kerberos 4 only, not
      for Kerberos 5 or GSSAPI. Found by Thomas Voigtmann.
    
    # CHANGES
    * When encountering incorrect headers, fetchmail will refer to the bad-header
      option in the manpage.
      Fixes BerliOS Bug #17272, change suggested by Björn Voigt.
    * Fetchmail now decodes and reports GSSAPI status codes upon errors.
    * Fetchmail now autoprobes NTLM also for POP3.
    * The Fetchmail FAQ has a new item #R15 on authentication failures.
    
    # INTERNAL CHANGES
    * The common NTLM authentication code was factored out from pop3.c and imap.c.
    
    # TRANSLATION UPDATES
      [zh_CN] Chinese/simplified (Ji Zheng-Yu)
      [cs]    Czech (Petr Pisar)
      [nl]    Dutch (Erwin Poeze)
      [fr]    French (Frédéric Marchal)
      [de]    German
      [it]    Italian (Vincenzo Campanella)
      [ja]    Japanese (Takeshi Hamasaki)
      [pl]    Polish (Jakub Bogusz)
      [sk]    Slovak (Marcel Telka)
Commits on Apr 22, 2011
  1. recursive bump from gettext-lib shlib bump.

    obache authored
Commits on Mar 20, 2011
  1. PR/38507 -- Add 'awaken' command to rc.d script

    shattered authored
Commits on May 9, 2010
  1. Add patch by Matthias Andree to avoid warnings about insecure connect…

    tron authored
    …ions
    
    if SSL fingerprints are used.
Commits on May 8, 2010
  1. Update to 6.3.17 per PR#43269

    tez authored
    fetchmail-6.3.17 (released 2010-05-06, 25767 LoC):
    
    # SECURITY FIX
    * CVE-2010-1167: Fetchmail before release 6.3.17 did not properly sanitize
      external input (mail headers and UID). When a multi-character locale (such as
    
    # FEATURES
    * Fetchmail now supports a --sslcertfile <file> option to specify a "CA bundle"
      file (a file that contains trusted CA certificates). Since these bundled CA
      files do not require c_rehash to be run, they are easier to use and immune to
      OpenSSL library updates that affect the hash function.
    * Fetchmail now supports a FETCHMAIL_INCLUDE_DEFAULT_X509_CA_CERTS
      environment variable to force loading the default SSL CA certificate
      locations even if --sslcertfile or --sslcertpath is used.
      If neither option is in effect, fetchmail loads the default locations.
    
    # REGRESSION FIX
    * Fix string handling in rcfile scanner, which caused fetchmail to misparse a
      run control file in certain circumstances.  Fixes BerliOS bug #14257.
      Patch by Michael Banack.  This fixes a regression introduced before 6.3.0.
    
    # BUG FIXES
    * Plug memory leak when using a "defaults" entry in the run control file.
    * Do not print SSL certificate mismatches unless verbose or --sslcertck is
      enabled.
    * Do not lose "set invisible" in fetchmailconf. (Michael Barnack)
    
    # CHANGES
    * Usability: SSL certificate chains are fully printed in -v -v mode, and there
      are now helpful pointers to --sslcertpath and c_rehash for "unable to get
      local issuer certificate" and self-signed certificates -- these usually hint
      to missing root signing CAs in the certs directory.
    * Several fixes for compiler (GCC, Intel C++, CLang) and autotools warnings
    * Memory allocation failures will now cause abnormal program abort (SIGABRT),
      no longer an exit with unspecified code.
    
    # DOCUMENTATION
    * Fix table of global option to read "set softbounce" where there used to be a
      2nd copy of "set spambounce".  Patch by Michael Banack, BerliOS Bug #17067.
    * In the --sslcertpath description, mention that OpenSSL upgrade (and a 0.9.X
      to 1.0.0 upgrade in particular) may require running c_rehash.
    
    # TRANSLATION UPDATES
      [zh_CN] Chinese/simplified (Ji Zheng-Yu)
      [cs]    Czech (Petr Pisar)
      [nl]    Dutch (Erwin Poeze)
      [fr]    French (Fr\xc3<A9>d\xc3<A9>ric Marchal)
      [de]    German
      [id]    Indonesian (Andhika Padmawan)
      [it]    Italian (Vincenzo Campanella)
      [ja]    Japanese (Takeshi Hamasaki)
      [pl]    Polish (Jakub Bogusz)
      [sk]    Slovak (Marcel Telka)
      [vi]    Vietnamese (Clytie Siddall)
    
    # KNOWN BUGS AND WORKAROUNDS:
      (this section floats upwards through the NEWS file so it stays with the
      current release information - however, it was stuck with 6.3.8 for a while)
    * fetchmail does not handle messages without Message-ID header well
      (See sourceforge.net bug #780933)
    * BSMTP is mostly untested and errors can cause corrupt output.
    * Sun Workshop 6 (SPARC) is known to miscompile the configuration file lexer in
      64-bit mode.  Either compile 32-bit code or use GCC to compile 64-bit
      fetchmail.  Note that fetchmail doesn't take advantage of 64-bit code,
      so compiling 32-bit SPARC code should not cause any difficulties.
    * fetchmail does not track pending deletes over crashes
    * the command line interface is sometimes a bit stubborn, for instance,
      fetchmail -s doesn't work with a daemon running
    
    
    fetchmail-6.3.16 (released 2010-04-06, 25574 LoC):
    
    # BUG FIX
    * Fix --interface option, broken in 6.3.15. Reported by Vladmimir Stavrinov.
      Fixes Debian Bug #576717.
    
    # CHANGE
    * Call OpenSSL_add_all_algorithms(). This is needed to support non-mandatory
      and non-standard algorithms in certificates.
      Sjoerd Simons, to fix Debian Bug #576430.
      OpenSSL 0.9.8* does not load - for instance - the SHA256 digest by default.
      Reported as OpenSSL RT#2224.
    
    
    fetchmail-6.3.15 (released 2010-03-28, 25572 LoC):
    
    # FEATURE
    * Fetchmail now supports a bad-header command line or rcfile option that takes
      exactly one argument, accept or reject (default).  This specifies how messages
      with bad headers retrieved from the current server are to be treated.
    
    # BUG FIXES
    * In the rcfile, recognize "local" as abbreviation for "localdomains", as
      documented. The short form has not ever worked since this feature was added in
      January 1997. Reported by Fr\xc3<A9>d\xc3<A9>ric Marchal.
    * Do not close stdout when using mda and "bsmtp -" at the same time.
    * Log operating system errors when BSMTP writes fail.
    * Fix verbose mode progress formatting regression from 6.3.10; SMTP trace lines
      were no longer on a line of their own. Reported by Melchior Franz.
    * Check seteuid() return value and abort running MDA if switch fails.
    * Set global flags in a consistent manner. Make --nosoftbounce and
      --nobounce work from command line (these used to work in rcfiles).
      Reported and fix confirmed working by N.J. Mann. (Sunil Shetye)
    * Properly import h_errno declarations, even on systems where h_errno isn't a
      macro. (Adds ./configure check, fixes Cygwin dllimport warnings.)
    
    # CHANGES
    * The repository has been converted and moved from the Subversion (SVN) format
      kindly hosted by Graham Wilson over the past years to Git format hosted on
      Gitorious.org.  My deepest thanks to Graham Wilson for this service that
      kept us going when BerliOS's Subversion service was faulty in its early days.
    * This opportunity was used to convert BRANCH_6-2 and BRANCH_1-9-9 to
      GnuPG-signed tags, as a sign that these are now closed.
    * The outdated SVN trunk is now called "oldtrunk" in Git just to save the work
      for future reference. All development in the past few years was on BRANCH_6-3.
    * master was branched from BRANCH_6-3.  BRANCH_6-3 is now obsolete (and in fact
      was also converted to a tag to record where the conversion from SVN to Git
      took place).
    * "make check" now skips HTML validation if xmllint or XHTML DTD are missing.
    
    # DOCUMENTATION
    * Web site and documentation were adjusted to reflect the SVN->Git move.
    * The fetchmail manual page is now much clearer on the user id switching
      (seteuid) when using --mda while running as the super user.
    
    # TRANSLATION UPDATES, by language name
    * [zh_CN] Chinese (Simplified), by Ji Zheng-Yu
    * [cs]    Czech, by Petr Pisar
    * [nl]    Dutch, by Erwin Poeze
    * [fr]    French, by Fr\xc3<A9>d\xc3<A9>ric Marchal
    * [de]    German
    * [id]    Indonesian, by Andhika Padmawan
    * [it]    Italian, by Vincenzo Campanella
    * [ja]    Japanese, by Takeshi Hamasaki
    * [pl]    Polish, by Jakub Bogusz
    * [vi]    Vietnamese, by Clytie Siddall
Commits on Feb 14, 2010
  1. Update to 6.3.14:

    wiz authored
    fetchmail 6.3.14 (released 2010-02-05, 25487 LoC):
    
    # SECURITY FIXES
    * SSL/TLS certificate information is now also reported properly on computers
      that consider the "char" type signed. Fixes malloc() buffer overrun.
      Workaround for older versions: do not use verbose mode.
      See fetchmail-SA-2010-01.txt for details, including a minimal patch.
    
    # BUG FIXES
    * The IMAP client no longer skips messages from several IMAP servers including
      Dovecot if fetchmail's "idle" is in use.  Causes were that fetchmail (a)
      ignored some untagged responses when it should not (b) relied on EXISTS
      messages in response to EXPUNGE, which aren't mandated by RFC-3501 (the IMAP
      standard) and aren't sent by Dovecot either.
        Fix by Sunil Shetye (the fix also consolidates IMAP response handling,
      improving overall robustness of the IMAP client), bug report and testing by
      Matt Doran, with further hints from Timo Sirainen.
    * The SMTP client now recovers from errors (such as servers dropping the
      connection after errors) when sending an RSET command.
        Fix by Sunil Shetye. Report by James Moe.
    * The IMAP client now uses "SEARCH UNSEEN" rather than "SEARCH UNSEEN NOT
      DELETED" again on IMAP2, to fix a regression in fetchmail 6.2.5 reported by
      Will Stringer in June 2004. (Sunil Shetye)
    * The IMAP client now uses "SEARCH UNSEEN UNDELETED" on IMAP4 and IMAP4r1
      servers (Sunil Shetye).
    * Workaround: The IMAP client now falls back to "FETCH n:m FLAGS" if the server
      does not support "SEARCH". (Sunil Shetye)
    * The IMAP client now requests message numbers in batches of 1,000 to avoid
      problems if there are more than 1860 unseen messages. (Sunil Shetye)
        Note that this wasn't security relevant because fetchmail would only read up
      to the maximum buffer size and leave the remainder of the string unread, going
      out of synch afterwards.
    * Stricter validation of IMAP responses containing byte or message counts.
    
    # CHANGES
    * Only include gssapi.h if we're not including gssapi/gssapi.h, to fix a FreeBSD
      compiler warning about gssapi.h being obsolete.
    
    # DOCUMENTATION
    * The README.SSL document was revised for grammar, spelling, and clarity.
      Courtesy of Robert Mullin.
    
    fetchmail 6.3.13 (released 2009-10-30, 25333 LoC):
    
    # REGRESSION FIXES
    * The multiline SMTP error fix in release 6.3.12 caused fetchmail to lose
      message codes 400..599 and treat all of these as temporary error. This would
      cause messages to be left on the server even if softbounce was turned off.
      Reported by Thomas Jarosch.
    
    fetchmail 6.3.12 (released 2009-10-05):
    
    # REGRESSION FIXES
    * The CVS-2009-2666 fix in fetchmail release 6.3.11 caused a free() of
      unallocated memory on SSL connections, which caused crashes or program aborts
      on some systems (depending on how initialization and free() of unallocated
      memory is handled in compiler and libc).
      Workaround for older versions: run in verbose mode.
      Patch courtesy of Thomas Heinz, fixes Gentoo Bug #280760.
      This regression affected only the 6.3.11 release, but not the patch that was
      part of the security announcement fetchmail-SA-2009-01.
    
    # BUG FIXES
    * Fix error reporting for GSSAPI on Heimdal (h5l) Kerberos.
    * Look for MD5_Init in libcrypto rather than libssl, fixes Gentoo Kerberos
      builds; fixes upstream parts of Gentoo Bugs #231400 and #185652, and fixes
      BerliOS Bug #16134.
    * Report multiline SMTP errors properly, reported by Earl Chew; fixes Debian Bug
      #529899, reported by Akihiro Terasaki.
      Note: This fix introduced a regression, fixed in 6.3.13.
    * Replace control characters in SMTP replies by '?'.
    * Fetchmailconf: Fix descriptions for smtpaddress and smtpname options;
      smtpaddress is for RCPT TO, not MAIL FROM. Found by Gerard Seibert.
    
    ...as well as translation updates in all three releases.
Commits on Aug 10, 2009
  1. Update "fetchmail" package to version 6.3.11. Changes since version 6…

    tron authored
    ….3.8:
    
    - Security fixes for CVE-2009-2666, CVE-2007-4565 and CVE-2008-2711.
    - Fetchmail no longer drops permanently undelivered messages by default,
      to match historic documentation.  It does this by adding a new
      "softbounce" option.
    - A lot bug fixes and improvements.
Commits on Jun 14, 2009
  1. Remove @dirrm entries from PLISTs

    joerg authored
Commits on May 21, 2009
  1. remove not working mirror.

    zafer authored
Commits on Jun 19, 2008
  1. Add patch for CVE-2008-2711.

    obache authored
Commits on Apr 27, 2008
  1. Set MAINTAINER to pkgsrc-users@NetBSD.org to indicate anyone can work…

    frueauf authored
    … on fixes for those packages.
Commits on Jan 18, 2008
  1. Per the process outlined in revbump(1), perform a recursive revbump

    tnn authored
    on packages that are affected by the switch from the openssl 0.9.7
    branch to the 0.9.8 branch. ok jlam@
Commits on Jan 5, 2008
  1. Added support for installation to DESTDIR.

    heinz authored
Commits on Nov 7, 2007
  1. Remove "inet6" option. The "configure" script doesn't recognize

    tron authored
    "--enable-inet6" or "--disble-inet6 anymore and decides automatically
    whether to enable IPv6 support.
    
    Pointed out by Matthias Andree in private e-mail.
Commits on Sep 23, 2007
  1. Add fix for security vulnerability reported in CVE-2007-4565.

    tron authored
    Bump package revision.
Commits on Apr 14, 2007
  1. Update "fetchmail" and "fetchmailconf" packages to version 6.3.8.

    tron authored
    Changes since version 6.3.6:
    - Make the APOP challenge parser more distrustful and have it reject
      challenges that do not conform to RFC-822 msg-id format, in the hope
      to make mounting man-in-the-middle attacks (MITM) against APOP a bit
      more difficult. (CVE-2007-1558)
    - Fix pluralization of oversized-message warning mails.
    - Fix manual page: --sslcheck -> --sslcertck, and do not set trailing
      "recommended:" in bold.
    - Repoll immediately if a protocol error happens during the authentication
      attempt after a failed opportunistic TLS upgrade.
    - Fix rendering of the "24 - 26, 28, 29" paragraph in the exit codes
      section.
    - If SOCKS support was compiled in, add 'socks' to the feature_options
      Python list emitted in --configdump.
    - Do not crash with a null pointer dereference when opening the BSMTP file
      fails. Improve error checking and reporting.
    - Make BSMTP output actually work, it would persistently fail with SOCKET
      error after writing the first header.
    - Fix KPOP.
    - Fix repoll when server disconnects after opportunistic TLS failed for
      POP3.
Commits on Jan 17, 2007
  1. Use documented trick to disable Python detection instead of patching

    tron authored
    "Makefile.in". Hint provided by Matthias Andree in private e-mail.
  2. Add second Berlios download site to MASTER_SITES. The main one gets

    salo authored
    overloaded from time to time.. (e.g., now).
  3. Update "fetchmail" and "fetchmailconf" packages to version 6.3.6.

    tron authored
    The list of changes since version 6.2.5.5 is too large to mention here.
    The new version provides a fix for the vulnerability reported in the
    fetchmail-SA-2006-02.txt advisory.
Commits on Apr 17, 2006
  1. Strip ${PKGLOCALEDIR} from PLISTs of packages that already obey

    jlam authored
    PKGLOCALEDIR and which install their locale files directly under
    ${PREFIX}/${PKGLOCALEDIR} and sort the PLIST file entries.  From now
    on, pkgsrc/mk/plist/plist-locale.awk will automatically handle
    transforming the PLIST to refer to the correct locale directory.
Commits on Apr 13, 2006
  1. BUILD_USE_MSGFMT and USE_MSGFMT_PLURALS are obsolete. Replace with

    jlam authored
    USE_TOOLS+=msgfmt.
Commits on Feb 5, 2006
Commits on Dec 29, 2005
  1. Remove USE_PKGINSTALL from pkgsrc now that mk/install/pkginstall.mk

    jlam authored
    automatically detects whether we want the pkginstall machinery to be
    used by the package Makefile.
Commits on Dec 20, 2005
  1. Update fetchmail to 6.2.5.5.

    frueauf authored
    Change homepage to http://fetchmail.berlios.de/ and update MASTER_SITES.
    
    Changes introduced since 6.2.5:
    
    fetchmail-6.2.5.X is a security fix branch that forked off
    fetchmail-6.2.5. It does not change for anything but security and the
    most severe bug fixes. Note that no 6.2.5.X security audits are planned
    except when a particular bug is reported, and that 6.2.5.X is unsafe to
    use on some systems, particularly those that lack a *working and secure*
    snprintf implementation.
    
    The fetchmail 6.2.5.X branch will be discontinued early in 2006.
    
    fetchmail-6.2.5.5  2005-12-19  Matthias Andree
    
    * SECURITY FIX CVE-2005-4348: fix null pointer dereference in
      multidrop mode when the message is empty. Reported by Daniel Drake
      <http://article.gmane.org/gmane.mail.fetchmail.user/7573> and others
      (Debian Bug #343836). Fix by Sunil Shetye.
    * Fix Debian bug #301964, fetchmail leaks sockets when SSL negotiation
      fails. Fix suggested by Goswin Brederlow.
    * Add fetchmail-SA-2005-{01,02,03}.txt
    
    fetchmail-6.2.5.4  2005-11-13  Matthias Andree
    
    * Also ship pre-built rcfile_y.[ch] for systems that don't have flex,
      yacc or bison.
    * On FreeBSD, add /usr/local/include to CPPFLAGS so that libintl.h is found.
    * Avoid automatically picking up HESIOD implementations that lack
      hesiod_getmailhost, such as the one in FreeBSD's base system.
    * Fix makedepend for separated build (where the build is not run from
      the source directory), but prevent packaging from separated build, it
      yields bogus results.
    * Fix resolv.h autodetection.
    * Add +HESIOD to version printout if appropriate.
    
    fetchmail-6.2.5.3  2005-11-12  Matthias Andree
    
    * SECURITY FIX CVE-2005-3088: fetchmailconf: fix password exposure: use
      umask 077 before opening output file and restore umask later.
    * Critical fix: fix IMAP timeouts, counting message count down on
      servers that do not send EXISTS counts after EXPUNGE. Debian Bug#314509.
    * Ship pre-built rcfile_l.c for systems that don't have flex.
    * Build environment: Update included gettext. Fix
      --with-included-gettext. Fix parallel build (make -j). Fix "always
      rebuild fetchmail" syndrome.
    * Do not link against -ll or -lfl (not needed).
    
    fetchmail-6.2.5.2
    (patch Fri Jul 22 01:52 GMT 2005,
     tarball Sat Jul 23 21:34 GMT 2005)
    
    * README: Added a note about release status - READ IT!
    * Note: Due to a Makefile.in bug, you may need to use GNU make.
    * SECURITY FIX CVE-2005-2335: truncate UIDL replies, lest malicious or
      compromised POP3 servers overflow fetchmail's stack. Debian bug
      #212762.  This is a remote root exploit.
      Thanks: Miloslav Trmac for pointing out the fix in 6.2.5.1 was buggy.
      Thanks: Ludwig Nussel for a much simpler fix.
    * Critical fix: omit blank between MAIL FROM: and <user@example.org>,
      as this causes mail loss with some listeners.
    * Fix: POP2 driver wouldn't properly check authentication failure.
    * Sunil Shetye's fix to force fetchsizelimit to 1 for APOP and RPOP.
Commits on Dec 5, 2005
Commits on Nov 1, 2005
  1. Add patch-ak for a fetchmailconf security issue. This patch does

    adrianp authored
    not impact the fetchmail package so no version bump is required.
Commits on Oct 25, 2005
  1. Add SOCKS4/SOCKS5 support.

    scottr authored
Commits on Oct 21, 2005
  1. Fix mail/fetchmail under darwin (PR 28543).

    tonio authored
    The added patches add a prefix "fm_" to lock related finctions, to avoid name
    clash with darwin lock functions. Link with -lresolv under darwin.
    (thanks scole_at_sdf.lonestar.org for the patches)
    Bump PKGREVISION
Commits on Sep 28, 2005
  1. Replaced "# defined" with "yes" in Makefile variables like GNU_CONFIG…

    rillig authored
    …URE,
    
    NO_BUILD, USE_LIBTOOL.
Commits on Jul 22, 2005
  1. Include patch for fetchmail 6.2.5.2 because of CAN-2005-2335.

    frueauf authored
    For more details have a look at
    http://fetchmail.berlios.de/fetchmail-SA-2005-01.txt
    
    Changes listed within the NEWS file since 6.2.5:
    
    fetchmail-6.2.5.2 (Fri Jul 22 01:52 GMT 2005):
    
    * NOTE: Due to a Makefile.in bug, you may need to use GNU make.
    * SECURITY FIX: truncate UIDL replies, lest malicious or compromised
      POP3 servers overflow fetchmail's stack. Debian bug #212762.
      This is a remote root exploit. CVE Name: CAN-2005-2335.
      Thanks: Miloslav Trmac for pointing out the fix in 6.2.5.1 was buggy.
      Thanks: Ludwig Nussel for a much simpler fix.
    * Critical fix: omit blank between MAIL FROM: and <user@example.org>,
      as this causes mail loss with some listeners.
    * Fix: POP2 driver wouldn't properly check authentication failure.
    * Sunil Shetye's fix to force fetchsizelimit to 1 for APOP and RPOP.
Commits on May 30, 2005
  1. Correct handling if gssapi and kerberos is defined. Proposal by

    frueauf authored
    Dieter Baron, tested by Jukka Salmi.
  2. Avoid that "kerberos" appears more than once in PKG_OPTIONS.

    frueauf authored
    Change suggested by Jukka Salmi.
Something went wrong with that request. Please try again.