pool/fetchmail
SHA256
3
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 737166 from home:pmonrealgonzalez:branches:server:mail

Browse Source 
- Update to 6.4.1 [bsc#1152964]
  ## REGRESSION FIXES:
  * The bug fix Debian Bug#941129 was incomplete and caused
    - a regression in the default file locations, so that fetchmail was
      no longer able to find its configuration files in some situations.
    - a regression under _FORTIFY_SOURCE where PATH_MAX > minimal _POSIX_PATH_MAX.
- Update to 6.4.0
  ## SECURITY FIXES THAT AFFECT BEHAVIOUR AND MAY REQUIRE RECONFIGURATION
  * Fetchmail no longer supports SSLv2.
  * Fetchmail no longer attempts to negotiate SSLv3 by default,
    even with --sslproto ssl23. Fetchmail can now use SSLv3, or TLSv1.1 or a newer
    TLS version, with STLS/STARTTLS (it would previously force TLSv1.0 with
    STARTTLS).  If the OpenSSL version used at build and run-time supports these
    versions, --sslproto ssl3 and --sslproto ssl3+ can be used to re-enable SSLv3.
    Doing so is discouraged because the SSLv3 protocol is broken.
    While this change is supposed to be compatible with common configurations,
    users may have to and are advised to change all explicit --sslproto ssl2
    (change to newer protocols required), --sslproto ssl3, --sslproto tls1 to
    --sslproto auto, so that they can benefit from TLSv1.1 and TLSv1.2 where
    supported by the server.
    The --sslproto option now understands the values auto, ssl3+, tls1+, tls1.1,
    tls1.1+, tls1.2, tls1.2+, tls1.3, tls1.3+ (case insensitively), see CHANGES
    below for details.
  * Fetchmail defaults to --sslcertck behaviour. A new option --nosslcertck to
    override this has been added, but may be removed in future fetchmail versions
    in favour of another configuration option that makes the insecurity in using
    this option clearer.
  ## SECURITY FIXES
  * Fetchmail prevents buffer overruns in GSSAPI authentication with user names
    beyond c. 6000 characters in length. Reported by Greg Hudson.

OBS-URL: https://build.opensuse.org/request/show/737166
OBS-URL: https://build.opensuse.org/package/show/server:mail/fetchmail?expand=0&rev=88
This commit is contained in:
Tomáš Chvátal 2019-10-10 17:30:47 +00:00 committed by Git OBS Bridge
parent 17efa87819
commit 790324228f
10 changed files with 153 additions and 5045 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
fetchmail-6.3.26.tar.xz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:79b4c54cdbaf02c1a9a691d9948fcb1a77a1591a813e904283a8b614b757e850
size 1283816

7
fetchmail-6.3.26.tar.xz.asc
View File

@ -1,7 +0,0 @@
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iEYEABECAAYFAlF2/zAACgkQvmGDOQUufZU65ACgsCpaBSklzY/wF9lYX8xLeOPZ
KFAAniIj07N3WeMmWtOHUcmqbJjbl0QU
=3T6y
-----END PGP SIGNATURE-----

12
fetchmail-6.3.8-smtp_errors.patch
View File

@ -6,11 +6,11 @@
# be considered that important.
# 2) use the 501 error code to mark spam - in such a case
# the 'antispam' option should be used
Index: fetchmail-6.3.10-beta1/sink.c
Index: fetchmail-6.4.1/sink.c
===================================================================
--- fetchmail-6.3.10-beta1.orig/sink.c 2009-05-25 17:55:07.000000000 +0200
+++ fetchmail-6.3.10-beta1/sink.c 2009-06-01 14:37:12.000000000 +0200
@@ -553,6 +553,19 @@ static int handle_smtp_report(struct que
--- fetchmail-6.4.1.orig/sink.c
+++ fetchmail-6.4.1/sink.c
@@ -536,6 +536,19 @@ static int handle_smtp_report(struct que
free(responses[0]);
return(PS_TRANSIENT);
@ -30,8 +30,8 @@ Index: fetchmail-6.3.10-beta1/sink.c
default:
/* bounce non-transient errors back to the sender */
if (smtperr >= 500 && smtperr <= 599)
@@ -622,7 +635,7 @@ static int handle_smtp_report_without_bo
#endif /* __DONT_FEED_THE_SPAMMERS__ */
@@ -601,7 +614,7 @@ static int handle_smtp_report_without_bo
case 553: /* invalid sending domain */
return(PS_REFUSED);
- default:

3
fetchmail-6.4.1.tar.xz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:3f33f11dd08c3e8cc3e9d18eec686b1626d4818f4d5a72791507bbc4dce6a9a0
size 1257488

3074
fetchmail-fetchmailconf-python3-1of3.patch
View File

File diff suppressed because it is too large Load Diff

280
fetchmail-fetchmailconf-python3-2of3.patch
View File

@ -1,280 +0,0 @@
From ff279a5697992730bc885ddd171456c06c09fb10 Mon Sep 17 00:00:00 2001
From: Samuel Martin <s.martin49@gmail.com>
Date: Wed, 8 Jun 2016 21:36:29 +0200
Subject: [PATCH] fetchmailconf.py: make fetchmailconf.py python{2, 3}-compliant
This change does:
- use repr(...) instead of `...` (see [1]);
- fix print call;
- fix octal numbers.
[1] https://docs.python.org/release/3.0.1/whatsnew/3.0.html#removed-syntax
Signed-off-by: Samuel Martin <s.martin49@gmail.com>
Signed-off-by: Matthias Andree <matthias.andree@gmx.de>
---
fetchmailconf.py | 94 ++++++++++++++++++++++++++++++++++++++++++++++++----------------------------------------------
1 file changed, 48 insertions(+), 46 deletions(-)
diff --git a/fetchmailconf.py b/fetchmailconf.py
index d64556e..697e4f7 100755
--- a/fetchmailconf.py
+++ b/fetchmailconf.py
@@ -5,6 +5,8 @@
# Matthias Andree <matthias.andree@gmx.de>
# Requires Python with Tkinter, and the following OS-dependent services:
# posix, posixpath, socket
+from __future__ import print_function
+
version = "1.57"
from Tkinter import *
@@ -64,7 +66,7 @@ class Configuration:
if self.properties != ConfigurationDefaults.properties:
str = str + ("set properties \"%s\"\n" % (self.properties,));
if self.poll_interval > 0:
- str = str + "set daemon " + `self.poll_interval` + "\n"
+ str = str + "set daemon " + repr(self.poll_interval) + "\n"
if self.invisible:
str = str + ("set invisible\n")
for site in self.servers:
@@ -145,12 +147,12 @@ class Server:
if self.service and self.protocol and self.service != defaultports[self.protocol] and defaultports[self.protocol] and self.service != ianaservices[defaultports[self.protocol]]:
res = res + " service " + self.service
if self.timeout != ServerDefaults.timeout:
- res = res + " timeout " + `self.timeout`
+ res = res + " timeout " + repr(self.timeout)
if self.interval != ServerDefaults.interval:
- res = res + " interval " + `self.interval`
+ res = res + " interval " + repr(self.interval)
if self.envelope != ServerDefaults.envelope or self.envskip != ServerDefaults.envskip:
if self.envskip:
- res = res + " envelope " + `self.envskip` + " " + self.envelope
+ res = res + " envelope " + repr(self.envskip) + " " + self.envelope
else:
res = res + " envelope " + self.envelope
if self.qvirtual:
@@ -189,15 +191,15 @@ class Server:
if self.monitor:
res = res + " monitor " + str(self.monitor)
if self.plugin:
- res = res + " plugin " + `self.plugin`
+ res = res + " plugin " + repr(self.plugin)
if self.plugout:
- res = res + " plugout " + `self.plugout`
+ res = res + " plugout " + repr(self.plugout)
if self.principal:
- res = res + " principal " + `self.principal`
+ res = res + " principal " + repr(self.principal)
if self.esmtpname:
- res = res + " esmtpname " + `self.esmtpname`
+ res = res + " esmtpname " + repr(self.esmtpname)
if self.esmtppassword:
- res = res + " esmtppassword " + `self.esmtppassword`
+ res = res + " esmtppassword " + repr(self.esmtppassword)
if self.interface or self.monitor or self.principal or self.plugin or self.plugout:
if folded:
res = res + "\n"
@@ -230,7 +232,7 @@ class User:
elif os.environ.has_key("LOGNAME"):
self.remote = os.environ["LOGNAME"]
else:
- print "Can't get your username!"
+ print("Can't get your username!")
sys.exit(1)
self.localnames = [self.remote,]# Local names
self.password = None # Password for mail account access
@@ -316,13 +318,13 @@ class User:
def __repr__(self):
res = " "
- res = res + "user " + `self.remote` + " there ";
+ res = res + "user " + repr(self.remote) + " there ";
if self.password:
- res = res + "with password " + `self.password` + " "
+ res = res + "with password " + repr(self.password) + " "
if self.localnames:
res = res + "is"
for x in self.localnames:
- res = res + " " + `x`
+ res = res + " " + repr(x)
res = res + " here"
if (self.keep != UserDefaults.keep
or self.flush != UserDefaults.flush
@@ -362,35 +364,35 @@ class User:
if self.idle != UserDefaults.idle:
res = res + flag2str(self.idle, 'idle')
if self.limit != UserDefaults.limit:
- res = res + " limit " + `self.limit`
+ res = res + " limit " + repr(self.limit)
if self.warnings != UserDefaults.warnings:
- res = res + " warnings " + `self.warnings`
+ res = res + " warnings " + repr(self.warnings)
if self.fetchlimit != UserDefaults.fetchlimit:
- res = res + " fetchlimit " + `self.fetchlimit`
+ res = res + " fetchlimit " + repr(self.fetchlimit)
if self.fetchsizelimit != UserDefaults.fetchsizelimit:
- res = res + " fetchsizelimit " + `self.fetchsizelimit`
+ res = res + " fetchsizelimit " + repr(self.fetchsizelimit)
if self.fastuidl != UserDefaults.fastuidl:
- res = res + " fastuidl " + `self.fastuidl`
+ res = res + " fastuidl " + repr(self.fastuidl)
if self.batchlimit != UserDefaults.batchlimit:
- res = res + " batchlimit " + `self.batchlimit`
+ res = res + " batchlimit " + repr(self.batchlimit)
if self.ssl and self.ssl != UserDefaults.ssl:
res = res + flag2str(self.ssl, 'ssl')
if self.sslkey and self.sslkey != UserDefaults.sslkey:
- res = res + " sslkey " + `self.sslkey`
+ res = res + " sslkey " + repr(self.sslkey)
if self.sslcert and self.sslcert != UserDefaults.sslcert:
- res = res + " sslcert " + `self.sslcert`
+ res = res + " sslcert " + repr(self.sslcert)
if self.sslproto and self.sslproto != UserDefaults.sslproto:
- res = res + " sslproto " + `self.sslproto`
+ res = res + " sslproto " + repr(self.sslproto)
if self.sslcertck and self.sslcertck != UserDefaults.sslcertck:
res = res + flag2str(self.sslcertck, 'sslcertck')
if self.sslcertpath and self.sslcertpath != UserDefaults.sslcertpath:
- res = res + " sslcertpath " + `self.sslcertpath`
+ res = res + " sslcertpath " + repr(self.sslcertpath)
if self.sslcommonname and self.sslcommonname != UserDefaults.sslcommonname:
- res = res + " sslcommonname " + `self.sslcommonname`
+ res = res + " sslcommonname " + repr(self.sslcommonname)
if self.sslfingerprint and self.sslfingerprint != UserDefaults.sslfingerprint:
- res = res + " sslfingerprint " + `self.sslfingerprint`
+ res = res + " sslfingerprint " + repr(self.sslfingerprint)
if self.expunge != UserDefaults.expunge:
- res = res + " expunge " + `self.expunge`
+ res = res + " expunge " + repr(self.expunge)
res = res + "\n"
trimmed = self.smtphunt;
if trimmed != [] and trimmed[len(trimmed) - 1] == "localhost":
@@ -417,7 +419,7 @@ class User:
res = res + "\n"
for fld in ('smtpaddress', 'preconnect', 'postconnect', 'mda', 'bsmtp', 'properties'):
if getattr(self, fld):
- res = res + " %s %s\n" % (fld, `getattr(self, fld)`)
+ res = res + " %s %s\n" % (fld, repr(getattr(self, fld)))
if self.lmtp != UserDefaults.lmtp:
res = res + flag2str(self.lmtp, 'lmtp')
if self.antispam != UserDefaults.antispam:
@@ -904,15 +906,15 @@ class ConfigurationEdit(Frame, MyWidget):
# Pre-1.5.2 compatibility...
except os.error:
pass
- oldumask = os.umask(077)
+ oldumask = os.umask(0o77)
fm = open(self.outfile, 'w')
os.umask(oldumask)
if fm:
# be paranoid
if fm != sys.stdout:
- os.chmod(self.outfile, 0600)
+ os.chmod(self.outfile, 0o600)
fm.write("# Configuration created %s by fetchmailconf %s\n" % (time.ctime(time.time()), version))
- fm.write(`self.configuration`)
+ fm.write(repr(self.configuration))
if self.outfile:
fm.close()
self.destruct()
@@ -1988,15 +1990,15 @@ def copy_instance(toclass, fromdict):
if 'typemap' in class_sig:
class_sig.remove('typemap')
if tuple(class_sig) != tuple(dict_keys):
- print "Fields don't match what fetchmailconf expected:"
-# print "Class signature: " + `class_sig`
-# print "Dictionary keys: " + `dict_keys`
+ print("Fields don't match what fetchmailconf expected:")
+# print("Class signature: " + repr(class_sig))
+# print("Dictionary keys: " + repr(dict_keys))
diff = setdiff(class_sig, common)
if diff:
- print "Not matched in class `" + toclass.__class__.__name__ + "' signature: " + `diff`
+ print("Not matched in class `" + toclass.__class__.__name__ + "' signature: " + repr(diff))
diff = setdiff(dict_keys, common)
if diff:
- print "Not matched in dictionary keys: " + `diff`
+ print("Not matched in dictionary keys: " + repr(diff))
sys.exit(1)
else:
for x in fromdict.keys():
@@ -2028,7 +2030,7 @@ def copy_instance(toclass, fromdict):
if __name__ == '__main__':
if not os.environ.has_key("DISPLAY"):
- print "fetchmailconf must be run under X"
+ print("fetchmailconf must be run under X")
sys.exit(1)
fetchmail_icon = """
@@ -2068,7 +2070,7 @@ gUSiYASJpMEHhilJTEnhAlGoQqYAZQ1AiqEMZ0jDGtqQImhwwA13yMMevoQAGvGhEAWHGMOAAAA7
# The base64 data in the string above was generated by the following procedure:
#
# import base64
-# print base64.encodestring(open("fetchmail.gif", "rb").read())
+# print(base64.encodestring(open("fetchmail.gif", "rb").read()))
#
# Process options
@@ -2081,22 +2083,22 @@ gUSiYASJpMEHhilJTEnhAlGoQqYAZQ1AiqEMZ0jDGtqQImhwwA13yMMevoQAGvGhEAWHGMOAAAA7
elif (switch == '-f'):
rcfile = val
elif (switch == '-h' or switch == '--help'):
- print """
+ print("""
Usage: fetchmailconf {[-d] [-f fetchmailrc]|-h|--help|-V|--version}
-d - dump configuration (for debugging)
-f fmrc - read alternate fetchmailrc file
--help, -h - print this help text and quit
--version, -V - print fetchmailconf version and quit
-"""
+""")
sys.exit(0)
elif (switch == '-V' or switch == '--version'):
- print "fetchmailconf %s" % version
- print """
+ print("fetchmailconf %s" % version)
+ print("""
Copyright (C) 1997 - 2003 Eric S. Raymond
Copyright (C) 2005, 2006, 2008, 2009 Matthias Andree
fetchmailconf comes with ABSOLUTELY NO WARRANTY. This is free software, you are
welcome to redistribute it under certain conditions. Please see the file
-COPYING in the source or documentation directory for details."""
+COPYING in the source or documentation directory for details.""")
sys.exit(0)
# Get client host's FQDN
@@ -2119,17 +2121,17 @@ COPYING in the source or documentation directory for details."""
try:
s = os.system(cmd)
if s != 0:
- print "`" + cmd + "' run failure, status " + `s`
+ print("`" + cmd + "' run failure, status " + repr(s))
raise SystemExit
except:
- print "Unknown error while running fetchmail --configdump"
+ print("Unknown error while running fetchmail --configdump")
os.remove(tmpfile)
sys.exit(1)
try:
execfile(tmpfile)
except:
- print "Can't read configuration output of fetchmail --configdump."
+ print("Can't read configuration output of fetchmail --configdump.")
os.remove(tmpfile)
sys.exit(1)
@@ -2156,7 +2158,7 @@ COPYING in the source or documentation directory for details."""
# We may want to display the configuration and quit
if dump:
- print "This is a dump of the configuration we read:\n"+`Fetchmailrc`
+ print("This is a dump of the configuration we read:\n" + repr(Fetchmailrc))
# The theory here is that -f alone sets the rcfile location,
# but -d and -f together mean the new configuration should go to stdout.
--
libgit2 0.26.0

86
fetchmail-fetchmailconf-python3-3of3.patch
View File

@ -1,86 +0,0 @@
From 1a405368c25f76db054fd3befa7fb72e7a5e1f2e Mon Sep 17 00:00:00 2001
From: Matthias Andree <matthias.andree@gmx.de>
Date: Wed, 8 Jun 2016 22:34:23 +0200
Subject: [PATCH] A few Python 3 compatibility fixes.
Still needs 2to3 to be run under Python 3.
---
fetchmailconf.py | 20 +++++++++++++-------
1 file changed, 13 insertions(+), 7 deletions(-)
diff --git a/fetchmailconf.py b/fetchmailconf.py
index 697e4f7..5c0b8ed 100755
--- a/fetchmailconf.py
+++ b/fetchmailconf.py
@@ -5,12 +5,17 @@
# Matthias Andree <matthias.andree@gmx.de>
# Requires Python with Tkinter, and the following OS-dependent services:
# posix, posixpath, socket
+
+# WARNING: this needs to be updated for fetchmail 6.4's SSL options,
+# and other recent new options;
+# WARNING: to be compatible with Python 3, needs to be run thru 2to3.py.
from __future__ import print_function
-version = "1.57"
+version = "1.58"
from Tkinter import *
from Dialog import *
+
import sys, time, os, string, socket, getopt, tempfile
#
@@ -227,9 +232,9 @@ class Server:
class User:
def __init__(self):
- if os.environ.has_key("USER"):
+ if "USER" in os.environ:
self.remote = os.environ["USER"] # Remote username
- elif os.environ.has_key("LOGNAME"):
+ elif "LOGNAME" in os.environ:
self.remote = os.environ["LOGNAME"]
else:
print("Can't get your username!")
@@ -1123,7 +1128,7 @@ class ServerEdit(Frame, MyWidget):
self.subwidgets[username] = UserEdit(username, self).edit(mode, Toplevel())
def user_delete(self, username):
- if self.subwidgets.has_key(username):
+ if username in self.subwidgets:
self.subwidgets[username].destruct()
del self.server[username]
@@ -1627,7 +1632,7 @@ class UserEdit(Frame, MyWidget):
def destruct(self):
# Yes, this test can fail -- if you delete the parent window.
- if self.parent.subwidgets.has_key(self.user.remote):
+ if self.user.remote in self.parent.subwidgets:
del self.parent.subwidgets[self.user.remote]
self.master.destroy()
@@ -2029,7 +2034,7 @@ def copy_instance(toclass, fromdict):
if __name__ == '__main__':
- if not os.environ.has_key("DISPLAY"):
+ if "DISPLAY" not in os.environ:
print("fetchmailconf must be run under X")
sys.exit(1)
@@ -2130,8 +2135,9 @@ COPYING in the source or documentation directory for details.""")
try:
execfile(tmpfile)
- except:
+ except Exception as e:
print("Can't read configuration output of fetchmail --configdump.")
+ print(repr(e))
os.remove(tmpfile)
sys.exit(1)
--
libgit2 0.26.0

1576
fetchmail-openssl11.patch
View File

File diff suppressed because it is too large Load Diff

136
fetchmail.changes
View File

@ -1,3 +1,139 @@
-------------------------------------------------------------------
Fri Oct 4 12:41:35 UTC 2019 - Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
- Update to 6.4.1 [bsc#1152964]
## REGRESSION FIXES:
* The bug fix Debian Bug#941129 was incomplete and caused
- a regression in the default file locations, so that fetchmail was
no longer able to find its configuration files in some situations.
- a regression under _FORTIFY_SOURCE where PATH_MAX > minimal _POSIX_PATH_MAX.
- Update to 6.4.0
## SECURITY FIXES THAT AFFECT BEHAVIOUR AND MAY REQUIRE RECONFIGURATION
* Fetchmail no longer supports SSLv2.
* Fetchmail no longer attempts to negotiate SSLv3 by default,
even with --sslproto ssl23. Fetchmail can now use SSLv3, or TLSv1.1 or a newer
TLS version, with STLS/STARTTLS (it would previously force TLSv1.0 with
STARTTLS). If the OpenSSL version used at build and run-time supports these
versions, --sslproto ssl3 and --sslproto ssl3+ can be used to re-enable SSLv3.
Doing so is discouraged because the SSLv3 protocol is broken.
While this change is supposed to be compatible with common configurations,
users may have to and are advised to change all explicit --sslproto ssl2
(change to newer protocols required), --sslproto ssl3, --sslproto tls1 to
--sslproto auto, so that they can benefit from TLSv1.1 and TLSv1.2 where
supported by the server.
The --sslproto option now understands the values auto, ssl3+, tls1+, tls1.1,
tls1.1+, tls1.2, tls1.2+, tls1.3, tls1.3+ (case insensitively), see CHANGES
below for details.
* Fetchmail defaults to --sslcertck behaviour. A new option --nosslcertck to
override this has been added, but may be removed in future fetchmail versions
in favour of another configuration option that makes the insecurity in using
this option clearer.
## SECURITY FIXES
* Fetchmail prevents buffer overruns in GSSAPI authentication with user names
beyond c. 6000 characters in length. Reported by Greg Hudson.
## CHANGED REQUIREMENTS
* fetchmail 6.4.0 is written in C99 and requires a SUSv3 (Single Unix
Specification v3, a superset of POSIX.1-2001 aka. IEEE Std 1003.1-2001 with
XSI extension) compliant system. For now, a C89 compiler should also work
if the system is SUSv3 compliant.
In particular, older fetchmail versions had workaround for several functions
standardized in the Single Unix Specification v3, these have been removed.
The trio/ library has been removed from the distribution.
## CHANGES
* fetchmail 6.3.X is unsupported.
* fetchmail now configures OpenSSL support by default.
* fetchmail now requires OpenSSL v1.0.2 or newer.
* Fetchmail now supports --sslproto auto and --sslproto tls1+ (same as ssl23).
* --sslproto tls1.1+, tls1.2+, and tls1.3+ are now supported for
auto-negotiation with a minimum specified TLS protocol version, and --sslproto
tls1.1, --sslproto tls1.2 and --sslproto tls1.3 to force the specified TLS
protocol version. Note that tls1.3 requires OpenSSL v1.1.1 or newer.
* Fetchmail now detects if the server hangs up prematurely during SSL_connect()
and reports this condition as such, and not just as SSL connection failure.
(OpenSSL 1.0.2 reported incompatible with pop3.live.com by Jerry Seibert).
* A foreground fetchmail can now accept a few more options while another copy is
running in the background.
* fetchmail now handles POP3 --keep UID lists more efficiently, by using Rainer
Weikusat's P-Tree implementation. This reduces the complexity for handling
a large UIDL from O(n^2) to O(n log n) and becomes noticably faster with
thousands of kept messages. (IMAP does not currently track UIDs and is unaffected.)
At the same time, the UIDL emulation code for deficient servers has been
removed. It never worked really well. Servers that do not implement the
optional UIDL command only work with --fetchall option set, which in itself is
incompatible with the --keep option (it would cause message duplication).
* fetchmail, when setting up TLS connections, now uses SSL_set_tlsext_host_name()
to set up the SNI (Server Name Indication). Some servers (for instance
googlemail) require SNI when using newer SSL protocols.
* Fetchmail now sets the expected hostname through OpenSSL 1.0.2's new
X509_VERIFY_PARAM_set1_host() function to enable OpenSSL's native certificate
verification features.
* fetchmail will drop the connection when fetching with IMAP and receiving an
unexpected untagged "* BYE" response, to work around certain faulty servers.
* The FETCHMAIL_POP3_FORCE_RETR environment variable is now documented,
it forces fetchmail, when talking POP3, to always use the RETR command,
even if it would otherwise use the TOP command.
* Fetchmail's configure stage will try to query pkg-config or pkgconf for libssl
and libcrypto, in case other system use .pc files to document specific library dependencies.
* The gethostbyname() API calls and compatibility functions have been removed.
* These translations are shipped but not installed by default because
they have less than 500 translated messages out of 714: el fi gl pt_BR sk tr
-> Greek, Finnish, Galician, Brazilian Portuguese, Slovak, Turkish.
* Fetchmail now refuses delivery if the MDA option contains single-quoted expansions.
## FIXES
* Do not translate header tags such as "Subject:".
* Convert most links from berlios.de to sourceforge.net.
* Report error to stderr, and exit, if --idle is combined with multiple accounts.
* Point to --idle from GENERAL OPERATION to clarify --idle and multiple mailboxes do not mix.
* Fix SSL-enabled build on systems that do not declare SSLv3_client_method(),
or that #define OPENSSL_NO_SSL3 inside #include <openssl/ssl.h>
* Version report lists -SSLv3 on SSL-enabled no-ssl3 builds.
* Fetchmail no longer adds a NUL byte to the username in GSSAPI authentication.
This was reported to break Kerberos-based authentication with Microsoft Exchange 2013
* Set umask properly before writing the .fetchids file, to avoid failing the
security check on the next run.
* When forwarding by LMTP, also check antispam response code when collecting
the responses after the CR LF . CR LF sequence at the end of the DATA phase.
* fetchmail will not try other protocols after a socket error. This avoids mismatches
of how different prococols see messages as "seen" and re-fetches of known mail.
* fetchmail no longer reports "System error during SSL_connect(): Success."
* fetchmailconf would ignore Edit or Delete actions on the first (topmost)
item in a list (no matter if server list, user list, ...).
* The mimedecode feature now properly detects multipart/mixed-type matches, so
that quoted-printable-encoded multipart messages can get decoded.
(Regression in 5.0.0 on 1999-03-27, as a side effect of a PGP-mimedecode fix
attributed to Henrik Storner.)
* FETCHMAILHOME can now safely be a relative path, which will be qualified
through realpath(). Previously, it had to be absolute in daemon mode.
## KNOWN BUGS AND WORKAROUNDS
(This section floats upwards through the NEWS file so it stays with the
current release information)
* Fetchmail does not handle messages without Message-ID header well
(See sourceforge.net bug #780933)
* Fetchmail currently uses 31-bit signed integers in several places
where unsigned and/or wider types should have been used, for instance,
for mailbox sizes, and misreports sizes of 2 GibiB and beyond.
Fixing this requires C89 compatibility to be relinquished.
* BSMTP is mostly untested and errors can cause corrupt output.
* Sun Workshop 6 (SPARC) is known to miscompile the configuration file lexer in
64-bit mode. Either compile 32-bit code or use GCC to compile 64-bit fetchmail.
* Fetchmail does not track pending deletes across crashes.
* The command line interface is sometimes a bit stubborn, for instance,
fetchmail -s doesn't work with a daemon running.
* Linux systems may return duplicates of an IP address in some circumstances if
no or no global IPv6 addresses are configured.
(No workaround. Ubuntu Bug#582585, Novell Bug#606980.)
* Kerberos 5 may be broken, particularly on Heimdal, and provide bogus error
messages. This will not be fixed, because the maintainer has no Kerberos 5
server to test against. Use GSSAPI.
- Remove patches merged upstream:
* fetchmail-openssl11.patch
* fetchmail-fetchmailconf-python3-1of3.patch
* fetchmail-fetchmailconf-python3-2of3.patch
* fetchmail-fetchmailconf-python3-3of3.patch
- Rebase fetchmail-6.3.8-smtp_errors.patch
-------------------------------------------------------------------
Fri May 31 08:05:50 UTC 2019 - Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>

21
fetchmail.spec
View File

@ -22,26 +22,21 @@
%endif
Name: fetchmail
Version: 6.3.26
Version: 6.4.1
Release: 0
Summary: Full-Featured POP and IMAP Mail Retrieval Daemon
License: GPL-2.0-or-later
Group: Productivity/Networking/Email/Utilities
Url: http://www.fetchmail.info/
Source: http://sourceforge.net/projects/fetchmail/files/branch_6.3/%{name}-%{version}.tar.xz
Source: https://sourceforge.net/projects/fetchmail/files/branch_6.4/%{name}-%{version}.tar.xz
#Source1: https://sourceforge.net/projects/fetchmail/files/branch_6.4/%%{name}-%%{version}.tar.xz.asc
Source2: %{name}.logrotate
Source3: sysconfig.%{name}
Source4: http://sourceforge.net/projects/fetchmail/files/branch_6.3/%{name}-%{version}.tar.xz.asc
Source5: %{name}.keyring
Source6: %{name}.service
Source7: %{name}.tmpfiles
Source8: %{name}.exec
Patch0: fetchmail-6.3.8-smtp_errors.patch
Patch1: fetchmail-openssl11.patch
# PATCH-FIX-UPSTREAM bsc#1082694 Fix fetchmailconf to be able to compile with python{2,3}
Patch2: fetchmail-fetchmailconf-python3-1of3.patch
Patch3: fetchmail-fetchmailconf-python3-2of3.patch
Patch4: fetchmail-fetchmailconf-python3-3of3.patch
BuildRequires: automake
BuildRequires: krb5-devel
BuildRequires: openssl-devel
@ -88,10 +83,6 @@ files (.fetchmailrc).
%prep
%setup -q
%patch0 -p1
%patch1 -p1
%patch2 -p1
%patch3 -p1
%patch4 -p1
cp -a %{SOURCE2} %{SOURCE3} .
ACLOCAL="aclocal -I m4 -I m4-local" autoreconf -fvi
@ -159,13 +150,17 @@ if [ $1 = 0 ]; then
rm -rf var/lib/fetchmail
fi
%check
make %{?_smp_mflags} check
%files -f %{name}.lang
%defattr(-, root, root)
%license COPYING
%doc FAQ FEATURES NEWS NOTES OLDNEWS README README.NTLM README.SSL README.SSL-SERVER TODO contrib *.html *.txt *.pdf
%{_bindir}/fetchmail
%dir %attr(0700, fetchmail, root) %{_localstatedir}/lib/fetchmail
%ghost %attr(0600, fetchmail, root) %{_localstatedir}/log/fetchmail
%{_mandir}/man1/fetchmail.1.gz
%doc COPYING FAQ FEATURES NEWS NOTES OLDNEWS README README.NTLM README.SSL README.SSL-SERVER TODO contrib *.html *.txt *.pdf
%ghost %config(noreplace) %attr(0600, fetchmail, root) %{_sysconfdir}/fetchmailrc
%config(noreplace) %{_sysconfdir}/logrotate.d/fetchmail
%{_unitdir}/%{name}.service