diff options
| -rw-r--r-- | NEWS | 38 | ||||
| -rw-r--r-- | socket.c | 4 |
2 files changed, 26 insertions, 16 deletions
@@ -52,6 +52,28 @@ removed from a 6.4.0 or newer release.) -------------------------------------------------------------------------------- +fetchmail-6.3.18 (not yet released): + +# BUG FIXES +* Fetchmail would warn about insecure SSL/TLS connections even if a matching + --sslfingerprint was specified. This is an omission from a SSL usability + change made in 6.3.17. Fixes Debian Bug#580796 reported by Roland Stigge. + +# KNOWN BUGS AND WORKAROUNDS: + (this section floats upwards through the NEWS file so it stays with the + current release information - however, it was stuck with 6.3.8 for a while) +* fetchmail does not handle messages without Message-ID header well + (See sourceforge.net bug #780933) +* BSMTP is mostly untested and errors can cause corrupt output. +* Sun Workshop 6 (SPARC) is known to miscompile the configuration file lexer in + 64-bit mode. Either compile 32-bit code or use GCC to compile 64-bit + fetchmail. Note that fetchmail doesn't take advantage of 64-bit code, + so compiling 32-bit SPARC code should not cause any difficulties. +* fetchmail does not track pending deletes over crashes +* the command line interface is sometimes a bit stubborn, for instance, + fetchmail -s doesn't work with a daemon running + + fetchmail-6.3.17 (released 2010-05-06, 25767 LoC): # SECURITY FIX @@ -92,6 +114,8 @@ fetchmail-6.3.17 (released 2010-05-06, 25767 LoC): * Several fixes for compiler (GCC, Intel C++, CLang) and autotools warnings * Memory allocation failures will now cause abnormal program abort (SIGABRT), no longer an exit with unspecified code. +* Print a warning if certificate verification failed and the user did not + specify --sslcertck. # DOCUMENTATION * Fix table of global option to read "set softbounce" where there used to be a @@ -112,20 +136,6 @@ fetchmail-6.3.17 (released 2010-05-06, 25767 LoC): [sk] Slovak (Marcel Telka) [vi] Vietnamese (Clytie Siddall) -# KNOWN BUGS AND WORKAROUNDS: - (this section floats upwards through the NEWS file so it stays with the - current release information - however, it was stuck with 6.3.8 for a while) -* fetchmail does not handle messages without Message-ID header well - (See sourceforge.net bug #780933) -* BSMTP is mostly untested and errors can cause corrupt output. -* Sun Workshop 6 (SPARC) is known to miscompile the configuration file lexer in - 64-bit mode. Either compile 32-bit code or use GCC to compile 64-bit - fetchmail. Note that fetchmail doesn't take advantage of 64-bit code, - so compiling 32-bit SPARC code should not cause any difficulties. -* fetchmail does not track pending deletes over crashes -* the command line interface is sometimes a bit stubborn, for instance, - fetchmail -s doesn't work with a daemon running - fetchmail-6.3.16 (released 2010-04-06, 25574 LoC): @@ -1009,8 +1009,8 @@ int SSLOpen(int sock, char *mycert, char *mykey, const char *myproto, int certck } } - if (!certck && (SSL_get_verify_result(_ssl_context[sock]) != X509_V_OK -|| !_verify_ok)) { + if (!certck && !fingerprint && + (SSL_get_verify_result(_ssl_context[sock]) != X509_V_OK || !_verify_ok)) { report(stderr, GT_("Warning: the connection is insecure, continuing anyways. (Better use --sslcertck!)\n")); } |