Skip to content

NeoMutt 2020-11-20

Compare
Choose a tag to compare
@flatcap flatcap released this 20 Nov 16:18
20201120
8a2fc8c

📖 Notes

In addition to the usual share of bug fixes and enhancements, this release
fixes a security vulnerability whereas an early error in communicating with
an IMAP server was not properly detected as fatal, resulting in a potential
for sensitive information (user, pass) being sent over an untrusted channel.

CVE-2020-28896

Thanks to Gabriel Salles-Loustau for spotting the problem.

❤️ Thanks

Many thanks to our new contributor:

  • Björn Ketelaars (@bket)

and our regular contributors:

🔒 Security

  • imap: close connection on all failures

🎁 Features

  • alias: add function to Alias/Query dialogs
  • config: add validators for {imap,smtp,pop}_authenticators
  • config: warn when signature file is missing or not readable
  • smtp: support for native SMTP LOGIN auth mech
  • notmuch: show originating folder in index

🐞 Bug Fixes

  • sidebar: prevent the divider colour bleeding out
  • sidebar: fix <sidebar-{next,prev}-new>
  • notmuch: fix query for current email
  • restore shutdown-hook functionality
  • crash in reply-to
  • user-after-free in folder-hook
  • fix some leaks
  • fix application of limits to modified mailboxes
  • write Date header when postponing

🏴 Translations

  • 🇱🇹 100% Lithuanian
  • 🇨🇿 100% Czech
  • 🇹🇷 70% Turkish

📚 Docs

  • Document that $sort_alias affects the query menu

🏗️ Build

  • improve ASAN flags
  • add SASL and S/MIME to --everything
  • fix contrib (un)install

⚙️ Code

  • my_hdr compose screen notifications
  • add contracts to the MXAPI
  • maildir refactoring
  • further reduce the use of global variables

♻️ Upstream

  • Add $count_alternatives to count attachments inside alternatives