pool/fetchmail
SHA256
3
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update to fetchmail-6.3.18

Browse Source 
OBS-URL: https://build.opensuse.org/package/show/server:mail/fetchmail?expand=0&rev=26
This commit is contained in:
Petr Uzel 2010-10-11 08:43:03 +00:00 committed by Git OBS Bridge
parent 9cb38e6f9d
commit 67e900f5f2
4 changed files with 42 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
fetchmail-6.3.17.tar.bz2
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:d7a01ceac184c7ebde9a42982e310beec467deb5b3d05c4e413e48cd2619ca24
size 1642598

3
fetchmail-6.3.18.tar.bz2 Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:cd916c8409bfbf6c869a2892b429f6d6cc6270072a138356c091c2992474faaf
size 1683949

37
fetchmail.changes
View File

@ -1,3 +1,40 @@
-------------------------------------------------------------------
Mon Oct 11 08:37:09 UTC 2010 - puzel@novell.com
- update to fetchmail-6.3.18
# SECURITY IMPROVEMENTS TO DEFANG X.509 CERTIFICATE ABUSE
* Fetchmail now only accepts wildcard certificate common names
and subject alternative names if they start with "*.". Previous
versions would accept wildcards even if no period followed
immediately.
* Fetchmail now disallows wildcards in certificates to match
domain literals (such as 10.9.8.7), or wildcards in domain
literals ("*.168.23.23"). The test is overly picky and
triggers if the pattern (after skipping the initial wildcard
"*") or domain consists solely of digits and dots, and thus
matches more than needed.
* Fetchmail now disallows wildcarding top-level domains.
# CRITICAL BUG FIXES AND REGRESSION FIXES
* Fetchmail 6.3.15, 6.3.16, and 6.3.17 would pick up libmd5 to
obtain MD5* functions, as an effect of an undocumented Solaris
MD5 fix. This caused all MD5-related functions to malfunction
if, for instance, libmd5.so was installed on other operating
systems as part of libwww on machines where long isn't
32-bits, i. e. usually on 64-bit computers.
* Fetchmail 6.3.17 warned about insecure SSL/TLS connections
even if a matching --sslfingerprint was specified. This is an
omission from an SSL usability change made in 6.3.17.
* Fetchmail will now apply timeouts to the authentication stage.
This stage encompasses STARTTLS/STLS negotiation in IMAP/POP3.
Reported missing by Thomas Jarosch.
* Fetchmail now cancels GSSAPI authentication properly when
encountering GSS errors, such as no or unsuitable credentials.
It now sends an asterisk on a line by its own, as required in
SASL. This fixes protocol synchronization issues that cause
Authentication failures, often observed with kerberized MS
Exchange servers.
* Other fixes.
------------------------------------------------------------------- -------------------------------------------------------------------
Tue Aug 17 14:20:47 UTC 2010 - puzel@novell.com Tue Aug 17 14:20:47 UTC 2010 - puzel@novell.com

4
fetchmail.spec
View File

@ -1,5 +1,5 @@
# #
# spec file for package fetchmail (Version 6.3.17) # spec file for package fetchmail (Version 6.3.18)
# #
# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany. # Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany.
# #
@ -29,7 +29,7 @@ BuildRequires: krb5-devel
License: GPLv2+ ; Other uncritical OpenSource License ; Public Domain, Freeware License: GPLv2+ ; Other uncritical OpenSource License ; Public Domain, Freeware
Group: Productivity/Networking/Email/Utilities Group: Productivity/Networking/Email/Utilities
AutoReqProv: on AutoReqProv: on
Version: 6.3.17 Version: 6.3.18
Release: 1 Release: 1
Source: %{name}-%{version}.tar.bz2 Source: %{name}-%{version}.tar.bz2
Source1: %{name}.init Source1: %{name}.init