| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
Re-sign EN and SAs because that broke signatures.
|
|
|
|
| |
Reported by Gonzalo Pérez de Olaguer Córdoba, Debian Bug#744907.
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
Fixes Debian Bug#706776, submitted by David Lawyer.
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The mimedecode feature failed to ship the last line of the body if it
was encoded as quoted-printable and had a MIME soft line break in the
very last line. Reported by Lars Hecking in June 2011.
Bug introduced on 1998-03-20 when the mimedecode support was added by
ESR before release 4.4.1 through code contributed by Henrik Storner,
in driver.c.
Workaround for older releases: do not use mimedecode feature.
|
| |
|
| |
|
| |
|
|
|
|
|
| |
The fetchmail manual page now refers the user to --softbounce from the
SMTP/ESMTP ERROR HANDLING section. Reported by Anton Shterenlikht.
|
|
|
|
|
|
|
| |
The fetchmail manual page no longer claims that MD5 were the default OpenSSL
hash format (for use with --sslfingerprint).
Reported by Jakob Wilk, PARTIAL fix for Debian Bug#700266.
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
While running a static code analysis tool (Parfait) on fetchmail, it found some
bugs:
Error: Memory leak (CWE 401)
Memory leak of pointer 'plugin_copy' allocated with malloc((plugin_copy_len + 1))
at line 137 of components/fetchmail/fetchmail-6.3.22/socket.c in function 'parse_plugin'.
'plugin_copy' allocated at line 107 with malloc((plugin_copy_len + 1)).
plugin_copy leaks when plugin_copy_offset >= plugin_copy_len at line 114.
Error: Null pointer dereference (CWE 476)
Read from null pointer 'argvec'
at line 189 of components/fetchmail/fetchmail-6.3.22/socket.c in function 'handle_plugin'.
Function 'parse_plugin' may return constant 'NULL' at line 137, called at line 188.
Null pointer introduced at line 137 in function 'parse_plugin'.
at line 190 of components/fetchmail/fetchmail-6.3.22/socket.c in function 'handle_plugin'.
Function 'parse_plugin' may return constant 'NULL' at line 137, called at line 188.
Null pointer introduced at line 137 in function 'parse_plugin'.
(I realize these are on 6.3.22; I checked and verified that this portion of
the code is the same in 6.3.24.)
The attached patch fixes each of these.
(Note by Matthias Andree:
The NULL pointer dereference fix does not require error reporting,
because parse_plugin() will already have reported the out-of-memory
error that causes the NULL to be returned.)
|
|
|
|
|
|
|
|
|
| |
* Improved reporting when SSL/TLS X.509 certificate validation has failed,
working around a not-so-recent swapping of two OpenSSL error codes, and
a practical impossibility to distinguish broken certification chains from
missing trust anchors (root certificates).
* OpenSSL decoded errors are now reported through report(), rather than dumped
to stderr, so that they should show up in logfiles and/or syslog.
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Older systems that provide the older RFC-2553 implementation of
getaddrinfo, rather than the current RFC-3493, and systems that do not
provide this getaddrinfo() interface at all and thus use the replacement
functions from libesmtp/getaddrinfo.?, might return EAI_NODATA when a
host is registered in DNS as MX or similar, but without A or AAAA
records. Handle this situation when checking for multidrop aliases and
treat EAI_NODATA the same as EAI_NONAME, i. e. name cannot be resolved.
The proper fix, however, is to upgrade the operating system.
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
| |
IBiblio no longer accepts submissions, and considers itself an archive.
There is no point in our carrying forward any related material, if
needed for reference purposes, it can be fetched from older versions in
the Git repository.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This would affect fetchmail configurations running with SSL in daemon mode
more than one-shot runs.
Reported by Erik Thiele, and pinned by Dominik, Debian Bug #688015.
This bug was introduced into fetchmail 6.2.9 (committed 2005-10-29)
when support for subjectAltName was added through a patch by Roland
Stigge, submitted as Debian Bug#201113.
|