Revisions of fetchmail
- De-hardcode /usr/lib path for launch executable (bsc#1174075) - Spec file cleanups
buildservice-autocommit
accepted
request 830042
from
Pedro Monreal Gonzalez (pmonrealgonzalez)
(revision 97)
baserev update by copy to link target
- Update fetchmail.keyring file - Use %{_prefix}/lib instead of %{_libexecdir} - update to 6.4.8: * Add a test program fm_realpath, and a t.realpath script, neither to be installed. These will test resolution of the current working directory. * TRANSLATION UPDATES * Plug memory leaks when parts of the configuration (defaults, rcfile, command line) override one another. * fetchmail terminated the placeholder command string too late and included garbage from the heap at the end of the string. Workaround: don't use place- holders %h or %p in the --plugin string. Bug added in 6.4.0 when merging Gitlab merge request !5 in order to fix an input buffer overrun. Faulty commit 418cda65f752e367fa663fd13884a45fcbc39ddd. * Fetchmail now checks for errors when trying to read the .idfile * Fetchmail's error messages that reports that the defaults entry isn't the first was made more precise. It could be misleading if there was a poll or skip statement before the defaults. * Fetchmail documentation was updated to require OpenSSL 1.1.1. OpenSSL 1.0.2 reached End Of Life status at the end of the year 2019. Fetchmail will tolerate, but warn about, 1.0.2 for now on the assumption that distributors backport security fixes as the need arises. Fetchmail will also warn if another SSL library that is API-compatible with OpenSSL lacks TLS v1.3 support. * If the trust anchor is missing, fetchmail refers the user to README.SSL. * The AC_DECLS(getenv) check was removed, its only user was broken and not accounting for that AC_DECLS always defines HAVE_DECL_... to 0 or 1, so fetchmail never declared a missing getenv() symbol (it was testing with #ifdef). Remove the backup declaration. getenv is mandated by SUSv2 anyways. * fetchmailconf now supports Python 3 and currently requires the "future"
buildservice-autocommit
accepted
request 827754
from
Dirk Mueller (dirkmueller)
(revision 95)
baserev update by copy to link target
- Fix invalid usage of libexecdir where %_tmpfilesdir was meant to be used.
buildservice-autocommit
accepted
request 769353
from
Tomáš Chvátal (scarabeus_iv)
(revision 93)
baserev update by copy to link target
- pwdutils is gone long time ago
buildservice-autocommit
accepted
request 761914
from
Tomáš Chvátal (scarabeus_iv)
(revision 91)
baserev update by copy to link target
- switch to python3 - don't require python*-devel
buildservice-autocommit
accepted
request 737175
from
Tomáš Chvátal (scarabeus_iv)
(revision 89)
baserev update by copy to link target
- Update to 6.4.1 [bsc#1152964] ## REGRESSION FIXES: * The bug fix Debian Bug#941129 was incomplete and caused - a regression in the default file locations, so that fetchmail was no longer able to find its configuration files in some situations. - a regression under _FORTIFY_SOURCE where PATH_MAX > minimal _POSIX_PATH_MAX. - Update to 6.4.0 ## SECURITY FIXES THAT AFFECT BEHAVIOUR AND MAY REQUIRE RECONFIGURATION * Fetchmail no longer supports SSLv2. * Fetchmail no longer attempts to negotiate SSLv3 by default, even with --sslproto ssl23. Fetchmail can now use SSLv3, or TLSv1.1 or a newer TLS version, with STLS/STARTTLS (it would previously force TLSv1.0 with STARTTLS). If the OpenSSL version used at build and run-time supports these versions, --sslproto ssl3 and --sslproto ssl3+ can be used to re-enable SSLv3. Doing so is discouraged because the SSLv3 protocol is broken. While this change is supposed to be compatible with common configurations, users may have to and are advised to change all explicit --sslproto ssl2 (change to newer protocols required), --sslproto ssl3, --sslproto tls1 to --sslproto auto, so that they can benefit from TLSv1.1 and TLSv1.2 where supported by the server. The --sslproto option now understands the values auto, ssl3+, tls1+, tls1.1, tls1.1+, tls1.2, tls1.2+, tls1.3, tls1.3+ (case insensitively), see CHANGES below for details. * Fetchmail defaults to --sslcertck behaviour. A new option --nosslcertck to override this has been added, but may be removed in future fetchmail versions in favour of another configuration option that makes the insecurity in using this option clearer. ## SECURITY FIXES * Fetchmail prevents buffer overruns in GSSAPI authentication with user names beyond c. 6000 characters in length. Reported by Greg Hudson.
buildservice-autocommit
accepted
request 706625
from
Tomáš Chvátal (scarabeus_iv)
(revision 87)
baserev update by copy to link target
- Remove comment about not available FETCHMAIL_USER configuration variable in sysconfig.fetchmail (bsc#1136538)
- Use Debian 02_remove_SSLv3 change set based on beta 6.4.0 to modernize the patch fetchmail-openssl11.patch for modern TLS (auto) support
buildservice-autocommit
accepted
request 587601
from
Tomáš Chvátal (scarabeus_iv)
(revision 84)
baserev update by copy to link target
* fetchmail-fetchmailconf-python3-1of3.patch * fetchmail-fetchmailconf-python3-2of3.patch * fetchmail-fetchmailconf-python3-3of3.patch
- Fix fetchmailconf to compile with python{2,3} [bsc#1082694]
buildservice-autocommit
accepted
request 582073
from
Tomáš Chvátal (scarabeus_iv)
(revision 81)
baserev update by copy to link target
- By default, the status messages are redirected to /var/log/fetchmail. The syslog option or no-logging are also available. (bsc#1033081)
buildservice-autocommit
accepted
request 545043
from
Tomáš Chvátal (scarabeus_iv)
(revision 79)
baserev update by copy to link target
Displaying revisions 61 - 80 of 158