Overview
Request 1045487 accepted
- Update to 1.1.0:
* CVE-2019-19977: avoid potential stack overflow in NTLM authenticator.
* Migrate build system to Meson
* Remove GNU libltdl support, assume dlopen() always available.
* Use a linker map to restrict public symbols to API only.
* Add sentinel and ‘format printf’ attributes to function declarations.
* Remove getaddrinfo() implementation.
* Use strlcpy() for safer string copies, provide implementation
for systems that need it.
* Update ‘application data’ APIs
* Add ‘smtp_get_server_name()’ API.
* Collect replacement functions into missing.c
* Prohibit Resent-Reply-To: header.
* Use canonic domain name of MTA where known
* Implement rfc2822date() with strftime() if available.
* add option for XDG file layout convention instead of ~/.authenticate
* OpenSSL
+ Remove support for OpenSSL versions before v1.1.0
+ Update OpenSSL API calls used for modern versions
+ Require TLS v1 or higher
* Add add_ntlm.patch
* Drop the following patches:
+ libesmtp-removedecls.diff
+ libesmtp-1.0.4-bloat.patch
+ libesmtp-fix-cve-2019-19977.patch
+ libesmtp-openssl11.patch
+ libesmtp-tlsv12.patch
Request History
polslinux created request
- Update to 1.1.0:
* CVE-2019-19977: avoid potential stack overflow in NTLM authenticator.
* Migrate build system to Meson
* Remove GNU libltdl support, assume dlopen() always available.
* Use a linker map to restrict public symbols to API only.
* Add sentinel and ‘format printf’ attributes to function declarations.
* Remove getaddrinfo() implementation.
* Use strlcpy() for safer string copies, provide implementation
for systems that need it.
* Update ‘application data’ APIs
* Add ‘smtp_get_server_name()’ API.
* Collect replacement functions into missing.c
* Prohibit Resent-Reply-To: header.
* Use canonic domain name of MTA where known
* Implement rfc2822date() with strftime() if available.
* add option for XDG file layout convention instead of ~/.authenticate
* OpenSSL
+ Remove support for OpenSSL versions before v1.1.0
+ Update OpenSSL API calls used for modern versions
+ Require TLS v1 or higher
* Add add_ntlm.patch
* Drop the following patches:
+ libesmtp-removedecls.diff
+ libesmtp-1.0.4-bloat.patch
+ libesmtp-fix-cve-2019-19977.patch
+ libesmtp-openssl11.patch
+ libesmtp-tlsv12.patch
jengelh accepted request
@Mailaender, @Marcus_H, @WernerFink, @anicka, @computersalat, @darix, @dirkmueller, @dstoecker, @elvigia, @gerberb, @jengelh, @kssingvo, @lrupp, @pbleser, @peternixon, @poeml, @psmt, @seife, @varkoly, @wrosenauer: review reminder