aboutsummaryrefslogtreecommitdiffstats
path: root/NEWS
Commit message (Collapse)AuthorAgeFilesLines
* case-insensitive check of SSL fingerprints (Daniel Richard G.)Matthias Andree2009-01-221-0/+3
| | | | | | | | | | | | | | | | | | | | Daniel Richard G. writes: | I was clearing out an old Fetchmail SVN checkout I had lying around | here, and came across one small change that I forgot to send in. | | In socket.c, there's a bit of code that compares SSL certificate | fingerprints: [...] | | That strcmp() call should be an strcasecmp(). At one point, I | encountered a certificate where the fingerprint's hex digits were in a | different case than what was expected, and the connection attempt failed | because of that. Not exactly what you'd call a potential MitM attack | :-) He's right, we can compare case-insensitively without sacrificing fetchmail's security, so let's just do that for the sake of ease of use. svn path=/branches/BRANCH_6-3/; revision=5262
* Fix: Do not overlap source and destination fields in snprintf() inMatthias Andree2009-01-061-0/+2
| | | | | | interface.c. Courtesy of Nico Golde, Debian. svn path=/branches/BRANCH_6-3/; revision=5260
* Revise future plans part a bit.Matthias Andree2009-01-041-5/+9
| | | | svn path=/branches/BRANCH_6-3/; revision=5259
* Berlios Patch #2525, courtesy of Diego E. "Flameeyes" Pettenò:Matthias Andree2009-01-041-0/+5
| | | | | | | | | | | | | "The AC_CANONICAL_TARGET macro and the $target_os variables are used for the target of compilers and other code-generation tools, and should not be used during cross-compile of generic software. Replace them with AC_CANONICAL_HOST and $host_os instead, as they should have been from the start. For a breakdown of what host, build and target machines are, please see http://blog.flameeyes.eu/s/canonical-target ." svn path=/branches/BRANCH_6-3/; revision=5258
* Fix Debian Bug#508667: do not lose PS_MAXFETCH (13) exit status.Matthias Andree2008-12-151-0/+4
| | | | | | Reported by Michelle Konzack. svn path=/branches/BRANCH_6-3/; revision=5255
* Add Italian translation, courtesy of Vincenzo Campanella.Matthias Andree2008-11-211-0/+5
| | | | svn path=/branches/BRANCH_6-3/; revision=5251
* Prepare release 6.3.9.Matthias Andree2008-11-161-1/+1
| | | | svn path=/branches/BRANCH_6-3/; revision=5242
* Escalate SSL plug to a critical fix.Matthias Andree2008-11-131-4/+4
| | | | svn path=/branches/BRANCH_6-3/; revision=5238
* SSL_free(context) when SSL_connect fails, plugging memleak. By Seiichi Ikarashi.Matthias Andree2008-11-131-0/+4
| | | | svn path=/branches/BRANCH_6-3/; revision=5237
* Mention update of German (de) and British English (en_GB) translations.Matthias Andree2008-11-041-0/+2
| | | | svn path=/branches/BRANCH_6-3/; revision=5232
* Mention translation updates, additions, and enablings.Matthias Andree2008-11-041-5/+16
| | | | svn path=/branches/BRANCH_6-3/; revision=5229
* Improve documentation: --logfile requires --daemon modeMatthias Andree2008-07-081-0/+2
| | | | | | | | | | Make this clearer, and document that --daemon is the wait interval after completing a cycle before starting the next, so that poll time count towards the interval. Also take a note to make logfile more useful (used more often). svn path=/branches/BRANCH_6-3/; revision=5216
* SSL fix: check and report if SSL_set_fd fails.Matthias Andree2008-07-031-0/+2
| | | | | | SSL change: enable all workarounds with SSL_CTX_set_options(ctx,SSL_OP_ALL) svn path=/branches/BRANCH_6-3/; revision=5214
* Only print "Deleting fetchids file" if there actually is one.Matthias Andree2008-07-031-0/+2
| | | | | | Fixes Debian Bug#374514, reported by Dan Jacobson. svn path=/branches/BRANCH_6-3/; revision=5213
* Documentation and program output now /consistently/ claim that theMatthias Andree2008-06-301-0/+5
| | | | | | | | | rcfile must not have more than 0700 (u=rwx,g=,o=) permissions, but fetchmail will still silently accept additional g=x permissions for compatibility with previous 6.2.X and 6.3.X versions. Inconsistency (program 0710, manpage 0600) reported by Petr Uzel. svn path=/branches/BRANCH_6-3/; revision=5211
* Change CRLF to LF in contrib/delete-later. Reported by Petr Uzel.Matthias Andree2008-06-281-0/+1
| | | | svn path=/branches/BRANCH_6-3/; revision=5210
* Fix one more CVE-2008-2711 va_start() messup. Found by Petr Uzel.Matthias Andree2008-06-241-0/+2
| | | | | | Bump release to -rc2. svn path=/branches/BRANCH_6-3/; revision=5205
* Merge security/critical sections, fix grammar.Matthias Andree2008-06-241-3/+1
| | | | svn path=/branches/BRANCH_6-3/; revision=5204
* Mention fetchmail-SA-2008-01.txt in DOCUMENTATION section of 6.3.9 again.Matthias Andree2008-06-241-1/+1
| | | | svn path=/branches/BRANCH_6-3/; revision=5202
* Record BerliOS patch ID for CVE-2008-2711.Matthias Andree2008-06-171-2/+2
| | | | svn path=/branches/BRANCH_6-3/; revision=5200
* Add CVE Name CVE-2008-2711 for fetchmail-SA-2008-01.Matthias Andree2008-06-171-1/+1
| | | | svn path=/branches/BRANCH_6-3/; revision=5196
* Fix Novell Bug #354291, fetchmail crashes in -v -v mode when logging long To:Matthias Andree2008-06-131-0/+8
| | | | | | headers (in excess of 2048 bytes). svn path=/branches/BRANCH_6-3/; revision=5193
* Document autoconf requirement.Matthias Andree2008-05-241-0/+2
| | | | svn path=/branches/BRANCH_6-3/; revision=5187
* Add notes about Google mail.Matthias Andree2008-04-241-1/+3
| | | | svn path=/branches/BRANCH_6-3/; revision=5175
* State that --logfile must pre-exist to be effective, after hint fromMatthias Andree2008-03-311-1/+3
| | | | | | N. J. Mann on fetchmail-users. svn path=/branches/BRANCH_6-3/; revision=5171
* Credit Daniel Richard G.Matthias Andree2008-03-071-1/+1
| | | | svn path=/branches/BRANCH_6-3/; revision=5166
* Merge Daniel Richard G.'s --sslcommonname option.Matthias Andree2008-03-071-0/+3
| | | | | | | | Exception from no-features policy on 6.3.X is made to keep people away from doing more dangerous things in order to get rid of CommonName mismatch warnings. svn path=/branches/BRANCH_6-3/; revision=5165
* quote folder name when writing configuration, Berlios Bug #13207, report + ↵Matthias Andree2008-02-251-0/+2
| | | | | | fix by Terry Brown. svn path=/branches/BRANCH_6-3/; revision=5163
* Revise manual page, fixing Debian bug #467010 (ssl cannot come before user)Matthias Andree2008-02-231-0/+8
| | | | | | reported by Francesco Potortì. svn path=/branches/BRANCH_6-3/; revision=5162
* Redo commit 'In verbose mode, log if --check mode is enabled.'Matthias Andree2008-02-221-0/+1
| | | | svn path=/branches/BRANCH_6-3/; revision=5160
* Drop dead code under FORCE_STUFFING condition.Matthias Andree2008-01-311-1/+2
| | | | svn path=/branches/BRANCH_6-3/; revision=5156
* Add grammar fixes from Dan Jacobson to fetchmail.man. Debian Bug #461642.Matthias Andree2008-01-211-0/+1
| | | | svn path=/branches/BRANCH_6-3/; revision=5153
* Fix Berlios Bug #11797, imap_mark_seen doesn't consider expunged messagesMatthias Andree2007-12-261-1/+7
| | | | | | | (and marks the wrong messages seen after expunges, leading to data loss in 'keep flush' configurations). Report and patch by Alexander Cherepanov. Thanks\! svn path=/branches/BRANCH_6-3/; revision=5147
* Revise getnameinfo check to ensure NULL is defined and the result is properlyMatthias Andree2007-12-261-0/+3
| | | | | | | evaluated, to avoid bogus results on for instance FreeBSD and redefinitions of NI_* at compile time. svn path=/branches/BRANCH_6-3/; revision=5146
* Merge portability patch from Peter O'Gorman, fetchmail-devel 2007-10-31.Matthias Andree2007-12-261-0/+17
| | | | | | This requires some minor fixes though. svn path=/branches/BRANCH_6-3/; revision=5145
* .fetchmailrc/.fetchids may now be symlinks, Debian Bug#452907 (Roger Leigh).Matthias Andree2007-12-261-0/+3
| | | | svn path=/branches/BRANCH_6-3/; revision=5144
* Remove FETCHMAIL_DEBUG diversion that couldn't be officially enabled and wasMatthias Andree2007-11-061-0/+5
| | | | | | prone to symlink attacks. Found by Nico Golde. svn path=/branches/BRANCH_6-3/; revision=5134
* Add CVE number.Matthias Andree2007-08-291-2/+2
| | | | svn path=/branches/BRANCH_6-3/; revision=5126
* Add fetchmail-SA-2007-02.txt and promote Earl Chew's bug fix to security.Matthias Andree2007-07-291-6/+10
| | | | svn path=/branches/BRANCH_6-3/; revision=5120
* Fix long-standing (since r2215/v4.6.8) crash on NULL pointer dereferenceMatthias Andree2007-07-291-0/+8
| | | | | | | when the local SMTP listener rejects a warning message of fetchmail's. Report and suggested fix by Earl Chew. svn path=/branches/BRANCH_6-3/; revision=5119
* Document arcane SSL/TLS UI issue and require docs, Debian Bug#432618.Matthias Andree2007-07-241-1/+1
| | | | svn path=/branches/BRANCH_6-3/; revision=5117
* Re-add two lines to the manual page that had accidentally become comments.Matthias Andree2007-07-181-0/+3
| | | | svn path=/branches/BRANCH_6-3/; revision=5116
* Revise recent change comment about .fetchids.Matthias Andree2007-07-151-1/+1
| | | | svn path=/branches/BRANCH_6-3/; revision=5114
* The manual page no longer asserts that .fetchids were for exclusive POP3 use, Matthias Andree2007-07-111-0/+4
| | | | | | since it is planned to use it also with IMAP4. svn path=/branches/BRANCH_6-3/; revision=5113
* No longer complain about invalid sslproto "" when POP3 CAPA probe fails.Matthias Andree2007-06-101-1/+4
| | | | | | | Fixes Debian Bug#421446 (Holger Leskien), Novell Bug #247233 (Jon Nelson). Thanks to Matthias Strauß for a configuration to reproduce the issue. svn path=/branches/BRANCH_6-3/; revision=5109
* Correct NetBSD tested version.Matthias Andree2007-06-101-1/+1
| | | | svn path=/branches/BRANCH_6-3/; revision=5108
* Check for dn_skipname() when checking res_search() to resolve µClibc ↵Matthias Andree2007-06-101-0/+9
| | | | | | | | | compile failures. This works by disabling the DNS alias detection feature, which is however deprecated anyways. svn path=/branches/BRANCH_6-3/; revision=5106
* Update Vietnamese translation to 6.3.8 (Clytie Siddall).Matthias Andree2007-05-281-0/+1
| | | | svn path=/branches/BRANCH_6-3/; revision=5102
* Fix three issues with Spanish translation.Matthias Andree2007-04-281-1/+1
| | | | svn path=/branches/BRANCH_6-3/; revision=5097
* Translation updates for Polish (Jakub Bogusz), Japanese (Takeshi Hamasaki)Matthias Andree2007-04-281-0/+7
| | | | | | and Spanish (Javier Fernández-Sanguino Peña). svn path=/branches/BRANCH_6-3/; revision=5095