From 539d5701362e6009a0e79ce96f20c58d9b4882d94cddbd8131880d47e9a4901c Mon Sep 17 00:00:00 2001 From: OBS User unknown Date: Thu, 19 Apr 2007 19:30:01 +0000 Subject: [PATCH] OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/fetchmail?expand=0&rev=5 --- bug-223507_fix-kpop-regression.diff | 24 ----------- bug-223507_fix-tlsfail-repoll.diff | 64 ----------------------------- fetchmail-6.3.6.tar.bz2 | 3 -- fetchmail-6.3.8.tar.bz2 | 3 ++ fetchmail.changes | 19 +++++++++ fetchmail.spec | 32 ++++++++++----- 6 files changed, 43 insertions(+), 102 deletions(-) delete mode 100644 bug-223507_fix-kpop-regression.diff delete mode 100644 bug-223507_fix-tlsfail-repoll.diff delete mode 100644 fetchmail-6.3.6.tar.bz2 create mode 100644 fetchmail-6.3.8.tar.bz2 diff --git a/bug-223507_fix-kpop-regression.diff b/bug-223507_fix-kpop-regression.diff deleted file mode 100644 index 1061190..0000000 --- a/bug-223507_fix-kpop-regression.diff +++ /dev/null @@ -1,24 +0,0 @@ -diff -u branches/BRANCH_6-3/pop3.c branches/BRANCH_6-3/pop3.c ---- branches/BRANCH_6-3/pop3.c 2007-02-02 23:34:11 UTC (rev 5020) -+++ branches/BRANCH_6-3/pop3.c 2007-02-02 23:47:15 UTC (rev 5021) -@@ -610,6 +610,20 @@ - } - #endif /* OPIE_ENABLE */ - -+ /* KPOP uses out-of-band authentication and does not check what -+ * we send here, so send some random fixed string, to avoid -+ * users switching *to* KPOP accidentally revealing their -+ * password */ -+ if ((ctl->server.authenticate == A_ANY -+ || ctl->server.authenticate == A_KERBEROS_V4 -+ || ctl->server.authenticate == A_KERBEROS_V5) -+ && (ctl->server.service != NULL -+ && strcmp(ctl->server.service, KPOP_PORT) == 0)) -+ { -+ ok = gen_transact(sock, "PASS krb_ticket"); -+ break; -+ } -+ - /* check if we are actually allowed to send the password */ - if (ctl->server.authenticate == A_ANY - || ctl->server.authenticate == A_PASSWORD) { diff --git a/bug-223507_fix-tlsfail-repoll.diff b/bug-223507_fix-tlsfail-repoll.diff deleted file mode 100644 index ab68b52..0000000 --- a/bug-223507_fix-tlsfail-repoll.diff +++ /dev/null @@ -1,64 +0,0 @@ -Author: m-a -Date: 2007-02-02 18:13:12 -0600 (Fri, 02 Feb 2007) -New Revision: 5022 - -Modified: - branches/BRANCH_6-3/NEWS - branches/BRANCH_6-3/pop3.c -Log: -Fix 6.3.6 regression: repoll upon socket error after STLS failure. -Berlios Bug #10133, reported by Andrej Kacian. - -# FIXES FOR REGRESSIONS IN 6.3.6 -* Fix KPOP. Patch by Miloslav Trmac. -* Fix repoll when server disconnects after opportunistic TLS failed for POP3. - Berlios Bug #10133, reported by Andrej Kacian. - -Modified: branches/BRANCH_6-3/pop3.c -=================================================================== ---- branches/BRANCH_6-3/pop3.c 2007-02-02 23:47:15 UTC (rev 5021) -+++ branches/BRANCH_6-3/pop3.c 2007-02-03 00:13:12 UTC (rev 5022) -@@ -635,17 +635,6 @@ - } - memset(shroud, 0x55, sizeof(shroud)); - shroud[0] = '\0'; --#ifdef SSL_ENABLE -- /* this is for servers which claim to support TLS, but actually -- * don't! */ -- if (connection_may_have_tls_errors && ok == PS_SOCKET) -- { -- xfree(ctl->sslproto); -- ctl->sslproto = xstrdup(""); -- /* repoll immediately without TLS */ -- ok = PS_REPOLL; -- } --#endif - break; - - case P_APOP: -@@ -694,6 +683,18 @@ - ok = PS_ERROR; - } - -+#ifdef SSL_ENABLE -+ /* this is for servers which claim to support TLS, but actually -+ * don't! */ -+ if (connection_may_have_tls_errors && ok == PS_SOCKET) -+ { -+ xfree(ctl->sslproto); -+ ctl->sslproto = xstrdup(""); -+ /* repoll immediately without TLS */ -+ ok = PS_REPOLL; -+ } -+#endif -+ - if (ok != 0) - { - /* maybe we detected a lock-busy condition? */ - -_______________________________________________ -fetchmail-svn mailing list -fetchmail-svn@lists.berlios.de -https://lists.berlios.de/mailman/listinfo/fetchmail-svn - - diff --git a/fetchmail-6.3.6.tar.bz2 b/fetchmail-6.3.6.tar.bz2 deleted file mode 100644 index 295a15e..0000000 --- a/fetchmail-6.3.6.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:3c81e7776617b78f18d9cd8b5e5f62944e70f1d7bd47a840fd8d44bcded784ff -size 1307730 diff --git a/fetchmail-6.3.8.tar.bz2 b/fetchmail-6.3.8.tar.bz2 new file mode 100644 index 0000000..e3b20b2 --- /dev/null +++ b/fetchmail-6.3.8.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:5612f9af367f641e0efd084f44fcf1889669e711dbd8c60f6b7953e494d1b09b +size 1323515 diff --git a/fetchmail.changes b/fetchmail.changes index 35b6a1a..43b34f8 100644 --- a/fetchmail.changes +++ b/fetchmail.changes @@ -1,3 +1,22 @@ +------------------------------------------------------------------- +Thu Apr 19 14:15:51 CEST 2007 - sbrabec@suse.cz + +- Updated to version 6.3.8: + * Make the APOP challenge parser more distrustful and have it + reject challenges that do not conform to RFC-822 msg-id format + (CVE-2007-1558). + * Repoll immediately if a protocol error happens during the + authentication attempt after a failed opportunistic TLS upgrade + (#262450). + * Do not crash with a null pointer dereference when opening the + BSMTP file fails. + * Make BSMTP output actually work. + * Add delete-later and delete-later.README. + * Fix KPOP. + * Fix repoll when server disconnects after opportunistic TLS + failed for POP3. + * Documentation and string fixes. + ------------------------------------------------------------------- Fri Mar 30 02:22:36 CEST 2007 - ro@suse.de diff --git a/fetchmail.spec b/fetchmail.spec index f336eac..8361e76 100644 --- a/fetchmail.spec +++ b/fetchmail.spec @@ -1,5 +1,5 @@ # -# spec file for package fetchmail (Version 6.3.6) +# spec file for package fetchmail (Version 6.3.8) # # Copyright (c) 2007 SUSE LINUX Products GmbH, Nuernberg, Germany. # This file and all modifications and additions to the pristine @@ -15,25 +15,21 @@ BuildRequires: dante-devel ed krb5-devel openssl-devel opie postfix procmail pw License: GNU General Public License (GPL), Other uncritical OpenSource License Group: Productivity/Networking/Email/Utilities Autoreqprov: on -Version: 6.3.6 -Release: 12 +Version: 6.3.8 +Release: 1 Source: %{name}-%{version}.tar.bz2 Source1: %{name}.init Source2: %{name}.logrotate Source3: sysconfig.%{name} -#Patch: fetchmail-6.3.6-kpop.patch -Patch: bug-223507_fix-kpop-regression.diff -Patch1: bug-223507_fix-tlsfail-repoll.diff %if %suse_version > 800 PreReq: %insserv_prereq %fillup_prereq coreutils %endif URL: http://fetchmail.berlios.de/ -Icon: fetchmail.xpm +Icon: fetchmail.xpm Requires: smtp_daemon -Provides: fetchml pop:/usr/bin/fetchmail +Provides: pop:/usr/bin/fetchmail BuildRoot: %{_tmppath}/%{name}-%{version}-build Summary: Full-Featured POP and IMAP Mail Retrieval Daemon -Obsoletes: fetchml %description Fetchmail is a robust and well-documented remote mail retrieval and @@ -80,8 +76,6 @@ Authors: %prep %setup -q -%patch -p2 -%patch1 -p2 cp -a %{S:1} %{S:2} %{S:3} . %build @@ -164,6 +158,22 @@ rm -rf $RPM_BUILD_ROOT %{py_sitedir}/fetchmailconf.* %changelog +* Thu Apr 19 2007 - sbrabec@suse.cz +- Updated to version 6.3.8: + * Make the APOP challenge parser more distrustful and have it + reject challenges that do not conform to RFC-822 msg-id format + (CVE-2007-1558). + * Repoll immediately if a protocol error happens during the + authentication attempt after a failed opportunistic TLS upgrade + (#262450). + * Do not crash with a null pointer dereference when opening the + BSMTP file fails. + * Make BSMTP output actually work. + * Add delete-later and delete-later.README. + * Fix KPOP. + * Fix repoll when server disconnects after opportunistic TLS + failed for POP3. + * Documentation and string fixes. * Fri Mar 30 2007 - ro@suse.de - added pwdutils to buildreq * Tue Feb 06 2007 - sbrabec@suse.cz