From 1d1c07809f7d00e32e8abd14ce2bb1f5f38e122c Mon Sep 17 00:00:00 2001 From: Matthias Andree Date: Fri, 2 Feb 2007 23:34:11 +0000 Subject: Add Miloslav Trmac's patch to fix KPOP regression in 6.3.6. svn path=/branches/BRANCH_6-3/; revision=5020 --- NEWS | 43 ++++++++++++++++++++++++++----------------- pop3.c | 6 +++++- 2 files changed, 31 insertions(+), 18 deletions(-) diff --git a/NEWS b/NEWS index 19e9a584..9e300aa8 100644 --- a/NEWS +++ b/NEWS @@ -42,6 +42,32 @@ be removed from a 6.4.0 or newer release.) -------------------------------------------------------------------------------- +fetchmail 6.3.7 (not yet released): + +# REGRESSION FIX +* Fix KPOP, broken with the 6.3.6 security fix. Patch by Miroslav Trmac. + +# TRANSLATION UPDATES +* Japanese (Takeshi Hamasaki), Polish (Jakub Bogusz) + +# KNOWN BUGS AND WORKAROUNDS: + (this section floats upwards through the NEWS file so it stays with the + current release information) +* fetchmail does not handle messages without Message-ID header well + (See sourceforge.net bug #780933) +* Sun Workshop 6 (SPARC) is known to miscompile the configuration file lexer in + 64-bit mode. Either compile 32-bit code or use GCC to compile 64-bit + fetchmail. Note that fetchmail doesn't take advantage of 64-bit code, + so compiling 32-bit SPARC code should not cause any difficulties. +* fetchmail expects Received: headers in a particular, but undocumented, format + when parsing envelopes. +* fetchmail does not track pending deletes over crashes +* the command line interface is a bit narrow-minded sometimes, for instance, + fetchmail -s doesn't work with a running daemon +* some of the logging output is not very helpful +* some of the documentation is still not up to date + + fetchmail 6.3.6 (released 2007-01-04): # SECURITY FIXES: @@ -129,23 +155,6 @@ fetchmail 6.3.6 (released 2007-01-04): Reported by Isaac Wilcox. * Documented exit codes 24 - 29 as internal. -# KNOWN BUGS AND WORKAROUNDS: - (this section floats upwards through the NEWS file so it stays with the - current release information) -* fetchmail does not handle messages without Message-ID header well - (See sourceforge.net bug #780933) -* Sun Workshop 6 (SPARC) is known to miscompile the configuration file lexer in - 64-bit mode. Either compile 32-bit code or use GCC to compile 64-bit - fetchmail. Note that fetchmail doesn't take advantage of 64-bit code, - so compiling 32-bit SPARC code should not cause any difficulties. -* fetchmail expects Received: headers in a particular, but undocumented, format - when parsing envelopes. -* fetchmail does not track pending deletes over crashes -* the command line interface is a bit narrow-minded sometimes, for instance, - fetchmail -s doesn't work with a running daemon -* some of the logging output is not very helpful -* some of the documentation is still not up to date - fetchmail 6.3.5 (released 2006-10-09): # BUG FIXES: diff --git a/pop3.c b/pop3.c index 3acc5923..f979e838 100644 --- a/pop3.c +++ b/pop3.c @@ -612,7 +612,11 @@ static int pop3_getauth(int sock, struct query *ctl, char *greeting) /* check if we are actually allowed to send the password */ if (ctl->server.authenticate == A_ANY - || ctl->server.authenticate == A_PASSWORD) { + || ctl->server.authenticate == A_PASSWORD + || ((ctl->server.authenticate == A_KERBEROS_V4 + || ctl->server.authenticate == A_KERBEROS_V5) + && ctl->server.service + && strcmp(ctl->server.service, KPOP_PORT) == 0)) { strlcpy(shroud, ctl->password, sizeof(shroud)); ok = gen_transact(sock, "PASS %s", ctl->password); } else { -- cgit v1.2.3