SHA256
1
0
forked from pool/fetchmail
fetchmail/fetchmail.spec

208 lines
7.2 KiB
RPMSpec
Raw Normal View History

#
# spec file for package fetchmail
#
# Copyright (c) 2022 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
#Compat macro for new _fillupdir macro introduced in Nov 2017
%if ! %{defined _fillupdir}
%define _fillupdir %{_localstatedir}/adm/fillup-templates
%endif
Name: fetchmail
Version: 6.4.33
Release: 0
Summary: Full-Featured POP and IMAP Mail Retrieval Daemon
License: GPL-2.0-or-later
Accepting request 829815 from home:pmonrealgonzalez:branches:server:mail - Update fetchmail.keyring file - Use %{_prefix}/lib instead of %{_libexecdir} - update to 6.4.8: * Add a test program fm_realpath, and a t.realpath script, neither to be installed. These will test resolution of the current working directory. * TRANSLATION UPDATES * Plug memory leaks when parts of the configuration (defaults, rcfile, command line) override one another. * fetchmail terminated the placeholder command string too late and included garbage from the heap at the end of the string. Workaround: don't use place- holders %h or %p in the --plugin string. Bug added in 6.4.0 when merging Gitlab merge request !5 in order to fix an input buffer overrun. Faulty commit 418cda65f752e367fa663fd13884a45fcbc39ddd. * Fetchmail now checks for errors when trying to read the .idfile * Fetchmail's error messages that reports that the defaults entry isn't the first was made more precise. It could be misleading if there was a poll or skip statement before the defaults. * Fetchmail documentation was updated to require OpenSSL 1.1.1. OpenSSL 1.0.2 reached End Of Life status at the end of the year 2019. Fetchmail will tolerate, but warn about, 1.0.2 for now on the assumption that distributors backport security fixes as the need arises. Fetchmail will also warn if another SSL library that is API-compatible with OpenSSL lacks TLS v1.3 support. * If the trust anchor is missing, fetchmail refers the user to README.SSL. * The AC_DECLS(getenv) check was removed, its only user was broken and not accounting for that AC_DECLS always defines HAVE_DECL_... to 0 or 1, so fetchmail never declared a missing getenv() symbol (it was testing with #ifdef). Remove the backup declaration. getenv is mandated by SUSv2 anyways. * fetchmailconf now supports Python 3 and currently requires the "future" OBS-URL: https://build.opensuse.org/request/show/829815 OBS-URL: https://build.opensuse.org/package/show/server:mail/fetchmail?expand=0&rev=96
2020-08-27 18:26:56 +02:00
URL: https://www.fetchmail.info/
Accepting request 892934 from home:jeff_mahoney:branches:server:mail - Backported support for OAUTH2 authentication from Fetchmail 7.0. - add imap oauthbearer support - support oauthbearer/xoauth2 with pop3 - add passwordfile and passwordfd options - add contrib/fetchnmail-oauth2.py token acquisition utility - FAQ: list gmail options including oauthbearer and app password - give each ctl it's own copy of password - re-read passwordfile on every poll - add query_to64_outsize() utility function - Chase and integrate interface change. - oauth2.c: calculate and pass in correct buffer size to to64frombits() - Increase max password length to handle oauth tokens - Bump max. passwordlen to 10000 bytes. - Add README.OAUTH2 - Added patches: * fetchmail-add-imap-oauthbearer-support.patch * fetchmail-support-oauthbearer-xoauth2-with-pop3.patch * fetchmail-add-passwordfile-and-passwordfd-options.patch * fetchmail-add-contrib-fetchnmail-oauth2.py-token-acquisition-u.patch * fetchmail-FAQ-list-gmail-options-including-oauthbearer-and-app.patch * fetchmail-give-each-ctl-it-s-own-copy-of-password.patch * fetchmail-re-read-passwordfile-on-every-poll.patch * fetchmail-add-query_to64_outsize-utility-function.patch * fetchmail-chase-and-integrate-interface-change.patch * fetchmail-oauth2-c-calculate-and-pass-in-correct-buffer-size-to-to64frombits.patch * fetchmail-increase-max-password-length-to-handle-oauth-tokens.patch * fetchmail-bump-max-passwordlen-to-1bytes.patch * fetchmail-add-readme-oauth2-issue-27.patch OBS-URL: https://build.opensuse.org/request/show/892934 OBS-URL: https://build.opensuse.org/package/show/server:mail/fetchmail?expand=0&rev=113
2021-06-04 14:09:36 +02:00
Source0: https://sourceforge.net/projects/%{name}/files/branch_6.4/%{name}-%{version}.tar.xz
Accepting request 829815 from home:pmonrealgonzalez:branches:server:mail - Update fetchmail.keyring file - Use %{_prefix}/lib instead of %{_libexecdir} - update to 6.4.8: * Add a test program fm_realpath, and a t.realpath script, neither to be installed. These will test resolution of the current working directory. * TRANSLATION UPDATES * Plug memory leaks when parts of the configuration (defaults, rcfile, command line) override one another. * fetchmail terminated the placeholder command string too late and included garbage from the heap at the end of the string. Workaround: don't use place- holders %h or %p in the --plugin string. Bug added in 6.4.0 when merging Gitlab merge request !5 in order to fix an input buffer overrun. Faulty commit 418cda65f752e367fa663fd13884a45fcbc39ddd. * Fetchmail now checks for errors when trying to read the .idfile * Fetchmail's error messages that reports that the defaults entry isn't the first was made more precise. It could be misleading if there was a poll or skip statement before the defaults. * Fetchmail documentation was updated to require OpenSSL 1.1.1. OpenSSL 1.0.2 reached End Of Life status at the end of the year 2019. Fetchmail will tolerate, but warn about, 1.0.2 for now on the assumption that distributors backport security fixes as the need arises. Fetchmail will also warn if another SSL library that is API-compatible with OpenSSL lacks TLS v1.3 support. * If the trust anchor is missing, fetchmail refers the user to README.SSL. * The AC_DECLS(getenv) check was removed, its only user was broken and not accounting for that AC_DECLS always defines HAVE_DECL_... to 0 or 1, so fetchmail never declared a missing getenv() symbol (it was testing with #ifdef). Remove the backup declaration. getenv is mandated by SUSv2 anyways. * fetchmailconf now supports Python 3 and currently requires the "future" OBS-URL: https://build.opensuse.org/request/show/829815 OBS-URL: https://build.opensuse.org/package/show/server:mail/fetchmail?expand=0&rev=96
2020-08-27 18:26:56 +02:00
Source1: https://sourceforge.net/projects/%{name}/files/branch_6.4/%{name}-%{version}.tar.xz.asc
Source2: %{name}.logrotate
Source3: sysconfig.%{name}
Source5: %{name}.keyring
Source6: %{name}.service
Source7: %{name}.tmpfiles
Source8: %{name}.exec
Source9: %{name}.sysusers
Patch0: fetchmail-6.3.8-smtp_errors.patch
Accepting request 892934 from home:jeff_mahoney:branches:server:mail - Backported support for OAUTH2 authentication from Fetchmail 7.0. - add imap oauthbearer support - support oauthbearer/xoauth2 with pop3 - add passwordfile and passwordfd options - add contrib/fetchnmail-oauth2.py token acquisition utility - FAQ: list gmail options including oauthbearer and app password - give each ctl it's own copy of password - re-read passwordfile on every poll - add query_to64_outsize() utility function - Chase and integrate interface change. - oauth2.c: calculate and pass in correct buffer size to to64frombits() - Increase max password length to handle oauth tokens - Bump max. passwordlen to 10000 bytes. - Add README.OAUTH2 - Added patches: * fetchmail-add-imap-oauthbearer-support.patch * fetchmail-support-oauthbearer-xoauth2-with-pop3.patch * fetchmail-add-passwordfile-and-passwordfd-options.patch * fetchmail-add-contrib-fetchnmail-oauth2.py-token-acquisition-u.patch * fetchmail-FAQ-list-gmail-options-including-oauthbearer-and-app.patch * fetchmail-give-each-ctl-it-s-own-copy-of-password.patch * fetchmail-re-read-passwordfile-on-every-poll.patch * fetchmail-add-query_to64_outsize-utility-function.patch * fetchmail-chase-and-integrate-interface-change.patch * fetchmail-oauth2-c-calculate-and-pass-in-correct-buffer-size-to-to64frombits.patch * fetchmail-increase-max-password-length-to-handle-oauth-tokens.patch * fetchmail-bump-max-passwordlen-to-1bytes.patch * fetchmail-add-readme-oauth2-issue-27.patch OBS-URL: https://build.opensuse.org/request/show/892934 OBS-URL: https://build.opensuse.org/package/show/server:mail/fetchmail?expand=0&rev=113
2021-06-04 14:09:36 +02:00
Patch1: fetchmail-add-imap-oauthbearer-support.patch
Patch2: fetchmail-support-oauthbearer-xoauth2-with-pop3.patch
Patch3: fetchmail-add-passwordfile-and-passwordfd-options.patch
Patch4: fetchmail-add-contrib-fetchnmail-oauth2.py-token-acquisition-u.patch
Patch5: fetchmail-FAQ-list-gmail-options-including-oauthbearer-and-app.patch
Patch6: fetchmail-give-each-ctl-it-s-own-copy-of-password.patch
Patch7: fetchmail-re-read-passwordfile-on-every-poll.patch
Patch8: fetchmail-add-query_to64_outsize-utility-function.patch
Patch9: fetchmail-chase-and-integrate-interface-change.patch
Patch10: fetchmail-oauth2-c-calculate-and-pass-in-correct-buffer-size-to-to64frombits.patch
Patch11: fetchmail-increase-max-password-length-to-handle-oauth-tokens.patch
Patch12: fetchmail-bump-max-passwordlen-to-1bytes.patch
Patch13: fetchmail-add-readme-oauth2-issue-27.patch
BuildRequires: automake
Accepting request 892934 from home:jeff_mahoney:branches:server:mail - Backported support for OAUTH2 authentication from Fetchmail 7.0. - add imap oauthbearer support - support oauthbearer/xoauth2 with pop3 - add passwordfile and passwordfd options - add contrib/fetchnmail-oauth2.py token acquisition utility - FAQ: list gmail options including oauthbearer and app password - give each ctl it's own copy of password - re-read passwordfile on every poll - add query_to64_outsize() utility function - Chase and integrate interface change. - oauth2.c: calculate and pass in correct buffer size to to64frombits() - Increase max password length to handle oauth tokens - Bump max. passwordlen to 10000 bytes. - Add README.OAUTH2 - Added patches: * fetchmail-add-imap-oauthbearer-support.patch * fetchmail-support-oauthbearer-xoauth2-with-pop3.patch * fetchmail-add-passwordfile-and-passwordfd-options.patch * fetchmail-add-contrib-fetchnmail-oauth2.py-token-acquisition-u.patch * fetchmail-FAQ-list-gmail-options-including-oauthbearer-and-app.patch * fetchmail-give-each-ctl-it-s-own-copy-of-password.patch * fetchmail-re-read-passwordfile-on-every-poll.patch * fetchmail-add-query_to64_outsize-utility-function.patch * fetchmail-chase-and-integrate-interface-change.patch * fetchmail-oauth2-c-calculate-and-pass-in-correct-buffer-size-to-to64frombits.patch * fetchmail-increase-max-password-length-to-handle-oauth-tokens.patch * fetchmail-bump-max-passwordlen-to-1bytes.patch * fetchmail-add-readme-oauth2-issue-27.patch OBS-URL: https://build.opensuse.org/request/show/892934 OBS-URL: https://build.opensuse.org/package/show/server:mail/fetchmail?expand=0&rev=113
2021-06-04 14:09:36 +02:00
BuildRequires: bison
BuildRequires: fdupes
Accepting request 892934 from home:jeff_mahoney:branches:server:mail - Backported support for OAUTH2 authentication from Fetchmail 7.0. - add imap oauthbearer support - support oauthbearer/xoauth2 with pop3 - add passwordfile and passwordfd options - add contrib/fetchnmail-oauth2.py token acquisition utility - FAQ: list gmail options including oauthbearer and app password - give each ctl it's own copy of password - re-read passwordfile on every poll - add query_to64_outsize() utility function - Chase and integrate interface change. - oauth2.c: calculate and pass in correct buffer size to to64frombits() - Increase max password length to handle oauth tokens - Bump max. passwordlen to 10000 bytes. - Add README.OAUTH2 - Added patches: * fetchmail-add-imap-oauthbearer-support.patch * fetchmail-support-oauthbearer-xoauth2-with-pop3.patch * fetchmail-add-passwordfile-and-passwordfd-options.patch * fetchmail-add-contrib-fetchnmail-oauth2.py-token-acquisition-u.patch * fetchmail-FAQ-list-gmail-options-including-oauthbearer-and-app.patch * fetchmail-give-each-ctl-it-s-own-copy-of-password.patch * fetchmail-re-read-passwordfile-on-every-poll.patch * fetchmail-add-query_to64_outsize-utility-function.patch * fetchmail-chase-and-integrate-interface-change.patch * fetchmail-oauth2-c-calculate-and-pass-in-correct-buffer-size-to-to64frombits.patch * fetchmail-increase-max-password-length-to-handle-oauth-tokens.patch * fetchmail-bump-max-passwordlen-to-1bytes.patch * fetchmail-add-readme-oauth2-issue-27.patch OBS-URL: https://build.opensuse.org/request/show/892934 OBS-URL: https://build.opensuse.org/package/show/server:mail/fetchmail?expand=0&rev=113
2021-06-04 14:09:36 +02:00
BuildRequires: flex
BuildRequires: krb5-devel
BuildRequires: openssl-devel
BuildRequires: opie
BuildRequires: postfix
BuildRequires: procmail
BuildRequires: python3-base
BuildRequires: shadow
BuildRequires: systemd-rpm-macros
BuildRequires: sysuser-shadow
BuildRequires: sysuser-tools
BuildRequires: xz
Requires: logrotate
Requires(pre): %fillup_prereq
Suggests: smtp_daemon
%sysusers_requires
%description
Fetchmail is a robust and well-documented remote mail retrieval and
forwarding utility intended to be used over on-demand TCP/IP links
(such as SLIP or PPP connections).
Fetchmail retrieves mail from remote mail servers and forwards it to
your local machine's delivery system, so it can be read by normal mail
user agents, such as mutt, elm, pine, (x)emacs/gnus, or mailx.
fetchmailconf, an interactive GUI configurator suitable for end-users,
is included in the fetchmailconf package.
%package -n fetchmailconf
Summary: Fetchmail Configuration Utility
Requires: %{name} = %{version}
Accepting request 829815 from home:pmonrealgonzalez:branches:server:mail - Update fetchmail.keyring file - Use %{_prefix}/lib instead of %{_libexecdir} - update to 6.4.8: * Add a test program fm_realpath, and a t.realpath script, neither to be installed. These will test resolution of the current working directory. * TRANSLATION UPDATES * Plug memory leaks when parts of the configuration (defaults, rcfile, command line) override one another. * fetchmail terminated the placeholder command string too late and included garbage from the heap at the end of the string. Workaround: don't use place- holders %h or %p in the --plugin string. Bug added in 6.4.0 when merging Gitlab merge request !5 in order to fix an input buffer overrun. Faulty commit 418cda65f752e367fa663fd13884a45fcbc39ddd. * Fetchmail now checks for errors when trying to read the .idfile * Fetchmail's error messages that reports that the defaults entry isn't the first was made more precise. It could be misleading if there was a poll or skip statement before the defaults. * Fetchmail documentation was updated to require OpenSSL 1.1.1. OpenSSL 1.0.2 reached End Of Life status at the end of the year 2019. Fetchmail will tolerate, but warn about, 1.0.2 for now on the assumption that distributors backport security fixes as the need arises. Fetchmail will also warn if another SSL library that is API-compatible with OpenSSL lacks TLS v1.3 support. * If the trust anchor is missing, fetchmail refers the user to README.SSL. * The AC_DECLS(getenv) check was removed, its only user was broken and not accounting for that AC_DECLS always defines HAVE_DECL_... to 0 or 1, so fetchmail never declared a missing getenv() symbol (it was testing with #ifdef). Remove the backup declaration. getenv is mandated by SUSv2 anyways. * fetchmailconf now supports Python 3 and currently requires the "future" OBS-URL: https://build.opensuse.org/request/show/829815 OBS-URL: https://build.opensuse.org/package/show/server:mail/fetchmail?expand=0&rev=96
2020-08-27 18:26:56 +02:00
Requires: python3-future
Requires: python3-tk
%description -n fetchmailconf
A GUI configuration utility for generating fetchmail configuration
files (.fetchmailrc).
%prep
%autosetup -p1
cp -a %{SOURCE2} %{SOURCE3} .
ACLOCAL="aclocal -I m4 -I m4-local" autoreconf -fvi
%build
export CFLAGS="%{optflags} -fPIE"
%configure \
--enable-POP2 \
--enable-RPA \
--enable-NTLM \
--enable-SDPS \
--enable-opie \
--with-kerberos5 \
--with-gssapi \
--with-ssl=%{_prefix}
%make_build LDFLAGS="-pie"
%sysusers_generate_pre %{SOURCE9} fetchmail
%install
%make_install
ln -sf fetchmail.1.gz %{buildroot}%{_mandir}/man1/fetchmailconf.1.gz
%if 0%{?suse_version} > 1500
mkdir -p %{buildroot}%{_sysconfdir}
mkdir -p %{buildroot}%{_distconfdir}/logrotate.d
cp fetchmail.logrotate %{buildroot}%{_distconfdir}/logrotate.d/fetchmail
%else
mkdir -p %{buildroot}%{_sysconfdir}/logrotate.d
cp fetchmail.logrotate %{buildroot}%{_sysconfdir}/logrotate.d/fetchmail
%endif
mkdir -p %{buildroot}/sbin
mkdir -p %{buildroot}%{_unitdir}
mkdir -p %{buildroot}%{_tmpfilesdir}
mkdir -p %{buildroot}%{_sysusersdir}
sed -e 's-@LIBEXECDIR@-%{_libexecdir}-g' -i %{SOURCE6}
install -m 0644 %{SOURCE6} %{buildroot}%{_unitdir}/%{name}.service
install -m 0644 %{SOURCE7} %{buildroot}%{_tmpfilesdir}/%{name}.conf
install -m 0644 %{SOURCE9} %{buildroot}%{_sysusersdir}/%{name}.conf
mkdir -p %{buildroot}%{_libexecdir}
install -m 0755 %{SOURCE8} %{buildroot}%{_libexecdir}/%{name}-systemd-exec
mkdir -p %{buildroot}%{_sbindir}
ln -s service %{buildroot}%{_sbindir}/rc%{name}
touch %{buildroot}%{_sysconfdir}/fetchmailrc
mkdir -p %{buildroot}%{_fillupdir}
cp sysconfig.%{name} %{buildroot}%{_fillupdir}
mkdir -p %{buildroot}%{_localstatedir}/log
touch %{buildroot}%{_localstatedir}/log/fetchmail
mkdir -p %{buildroot}%{_localstatedir}/lib/fetchmail
# Deduplicate Python files
%fdupes %{buildroot}%{python3_sitelib}
Accepting request 159960 from home:vitezslav_cizek:branches:server:mail - update to 6.3,25 # CRITICAL AND REGRESSION FIXES * Plug a memory leak in OpenSSL's certificate verification callback. This would affect fetchmail configurations running with SSL in daemon mode more than one-shot runs. Reported by Erik Thiele, and pinned by Dominik Heeg, fixes Debian Bug #688015. This bug was introduced into fetchmail 6.3.0 (committed 2005-10-29) when support for subjectAltName was added through a patch by Roland Stigge, submitted as Debian Bug#201113. * The --logfile option now works again outside daemon mode, reported by Heinz Diehl. The documentation that I had been reading was inconsistent with the code, and only parts of the manual page claimed that --logfile was only effective in daemon mode. # BUG FIXES * Fix a memory leak in out-of-memory error condition while handling plugins. Report and patch by John Beck (found with Parfait static code analyzer). * Fix a NULL pointer dereference in out-of-memory error condition while handling plugins. Report and patch by John Beck (found with Parfait static code analyzer). # CHANGES * Improved reporting when SSL/TLS X.509 certificate validation has failed, working around a not-so-recent swapping of two OpenSSL error codes, and a practical impossibility to distinguish broken certification chains from missing trust anchors (root certificates). * OpenSSL decoded errors are now reported through report(), rather than dumped to stderr, so that they should show up in logfiles and/or syslog. * The fetchmail manual page no longer claims that MD5 were the default OpenSSL hash format (for use with --sslfingerprint). Reported by Jakob Wilk, PARTIAL fix for Debian Bug#700266. OBS-URL: https://build.opensuse.org/request/show/159960 OBS-URL: https://build.opensuse.org/package/show/server:mail/fetchmail?expand=0&rev=48
2013-03-19 13:38:13 +01:00
# we don't need this, it's aimed at fetchmail developers
# and rpmlint is complaining that we have a binary in /usr/share
rm -r contrib/gai*
%find_lang %{name}
%pre -f fetchmail.pre
%service_add_pre %{name}.service
%if 0%{?suse_version} > 1500
# Prepare for migration to /usr/etc; save any old .rpmsave
for i in logrotate.d/fetchmail ; do
test -f %{_sysconfdir}/${i}.rpmsave && mv -v %{_sysconfdir}/${i}.rpmsave %{_sysconfdir}/${i}.rpmsave.old ||:
done
%endif
%post
%fillup_only
%tmpfiles_create %{name}.conf
%service_add_post %{name}.service
%if 0%{?suse_version} > 1500
%posttrans
# Migration to /usr/etc, restore just created .rpmsave
for i in logrotate.d/fetchmail ; do
test -f %{_sysconfdir}/${i}.rpmsave && mv -v %{_sysconfdir}/${i}.rpmsave %{_sysconfdir}/${i} ||:
done
%endif
%preun
%service_del_preun %{name}.service
%postun
%service_del_postun %{name}.service
Accepting request 737166 from home:pmonrealgonzalez:branches:server:mail - Update to 6.4.1 [bsc#1152964] ## REGRESSION FIXES: * The bug fix Debian Bug#941129 was incomplete and caused - a regression in the default file locations, so that fetchmail was no longer able to find its configuration files in some situations. - a regression under _FORTIFY_SOURCE where PATH_MAX > minimal _POSIX_PATH_MAX. - Update to 6.4.0 ## SECURITY FIXES THAT AFFECT BEHAVIOUR AND MAY REQUIRE RECONFIGURATION * Fetchmail no longer supports SSLv2. * Fetchmail no longer attempts to negotiate SSLv3 by default, even with --sslproto ssl23. Fetchmail can now use SSLv3, or TLSv1.1 or a newer TLS version, with STLS/STARTTLS (it would previously force TLSv1.0 with STARTTLS). If the OpenSSL version used at build and run-time supports these versions, --sslproto ssl3 and --sslproto ssl3+ can be used to re-enable SSLv3. Doing so is discouraged because the SSLv3 protocol is broken. While this change is supposed to be compatible with common configurations, users may have to and are advised to change all explicit --sslproto ssl2 (change to newer protocols required), --sslproto ssl3, --sslproto tls1 to --sslproto auto, so that they can benefit from TLSv1.1 and TLSv1.2 where supported by the server. The --sslproto option now understands the values auto, ssl3+, tls1+, tls1.1, tls1.1+, tls1.2, tls1.2+, tls1.3, tls1.3+ (case insensitively), see CHANGES below for details. * Fetchmail defaults to --sslcertck behaviour. A new option --nosslcertck to override this has been added, but may be removed in future fetchmail versions in favour of another configuration option that makes the insecurity in using this option clearer. ## SECURITY FIXES * Fetchmail prevents buffer overruns in GSSAPI authentication with user names beyond c. 6000 characters in length. Reported by Greg Hudson. OBS-URL: https://build.opensuse.org/request/show/737166 OBS-URL: https://build.opensuse.org/package/show/server:mail/fetchmail?expand=0&rev=88
2019-10-10 19:30:47 +02:00
%check
%make_build check
Accepting request 737166 from home:pmonrealgonzalez:branches:server:mail - Update to 6.4.1 [bsc#1152964] ## REGRESSION FIXES: * The bug fix Debian Bug#941129 was incomplete and caused - a regression in the default file locations, so that fetchmail was no longer able to find its configuration files in some situations. - a regression under _FORTIFY_SOURCE where PATH_MAX > minimal _POSIX_PATH_MAX. - Update to 6.4.0 ## SECURITY FIXES THAT AFFECT BEHAVIOUR AND MAY REQUIRE RECONFIGURATION * Fetchmail no longer supports SSLv2. * Fetchmail no longer attempts to negotiate SSLv3 by default, even with --sslproto ssl23. Fetchmail can now use SSLv3, or TLSv1.1 or a newer TLS version, with STLS/STARTTLS (it would previously force TLSv1.0 with STARTTLS). If the OpenSSL version used at build and run-time supports these versions, --sslproto ssl3 and --sslproto ssl3+ can be used to re-enable SSLv3. Doing so is discouraged because the SSLv3 protocol is broken. While this change is supposed to be compatible with common configurations, users may have to and are advised to change all explicit --sslproto ssl2 (change to newer protocols required), --sslproto ssl3, --sslproto tls1 to --sslproto auto, so that they can benefit from TLSv1.1 and TLSv1.2 where supported by the server. The --sslproto option now understands the values auto, ssl3+, tls1+, tls1.1, tls1.1+, tls1.2, tls1.2+, tls1.3, tls1.3+ (case insensitively), see CHANGES below for details. * Fetchmail defaults to --sslcertck behaviour. A new option --nosslcertck to override this has been added, but may be removed in future fetchmail versions in favour of another configuration option that makes the insecurity in using this option clearer. ## SECURITY FIXES * Fetchmail prevents buffer overruns in GSSAPI authentication with user names beyond c. 6000 characters in length. Reported by Greg Hudson. OBS-URL: https://build.opensuse.org/request/show/737166 OBS-URL: https://build.opensuse.org/package/show/server:mail/fetchmail?expand=0&rev=88
2019-10-10 19:30:47 +02:00
%files -f %{name}.lang
Accepting request 737166 from home:pmonrealgonzalez:branches:server:mail - Update to 6.4.1 [bsc#1152964] ## REGRESSION FIXES: * The bug fix Debian Bug#941129 was incomplete and caused - a regression in the default file locations, so that fetchmail was no longer able to find its configuration files in some situations. - a regression under _FORTIFY_SOURCE where PATH_MAX > minimal _POSIX_PATH_MAX. - Update to 6.4.0 ## SECURITY FIXES THAT AFFECT BEHAVIOUR AND MAY REQUIRE RECONFIGURATION * Fetchmail no longer supports SSLv2. * Fetchmail no longer attempts to negotiate SSLv3 by default, even with --sslproto ssl23. Fetchmail can now use SSLv3, or TLSv1.1 or a newer TLS version, with STLS/STARTTLS (it would previously force TLSv1.0 with STARTTLS). If the OpenSSL version used at build and run-time supports these versions, --sslproto ssl3 and --sslproto ssl3+ can be used to re-enable SSLv3. Doing so is discouraged because the SSLv3 protocol is broken. While this change is supposed to be compatible with common configurations, users may have to and are advised to change all explicit --sslproto ssl2 (change to newer protocols required), --sslproto ssl3, --sslproto tls1 to --sslproto auto, so that they can benefit from TLSv1.1 and TLSv1.2 where supported by the server. The --sslproto option now understands the values auto, ssl3+, tls1+, tls1.1, tls1.1+, tls1.2, tls1.2+, tls1.3, tls1.3+ (case insensitively), see CHANGES below for details. * Fetchmail defaults to --sslcertck behaviour. A new option --nosslcertck to override this has been added, but may be removed in future fetchmail versions in favour of another configuration option that makes the insecurity in using this option clearer. ## SECURITY FIXES * Fetchmail prevents buffer overruns in GSSAPI authentication with user names beyond c. 6000 characters in length. Reported by Greg Hudson. OBS-URL: https://build.opensuse.org/request/show/737166 OBS-URL: https://build.opensuse.org/package/show/server:mail/fetchmail?expand=0&rev=88
2019-10-10 19:30:47 +02:00
%license COPYING
Accepting request 892934 from home:jeff_mahoney:branches:server:mail - Backported support for OAUTH2 authentication from Fetchmail 7.0. - add imap oauthbearer support - support oauthbearer/xoauth2 with pop3 - add passwordfile and passwordfd options - add contrib/fetchnmail-oauth2.py token acquisition utility - FAQ: list gmail options including oauthbearer and app password - give each ctl it's own copy of password - re-read passwordfile on every poll - add query_to64_outsize() utility function - Chase and integrate interface change. - oauth2.c: calculate and pass in correct buffer size to to64frombits() - Increase max password length to handle oauth tokens - Bump max. passwordlen to 10000 bytes. - Add README.OAUTH2 - Added patches: * fetchmail-add-imap-oauthbearer-support.patch * fetchmail-support-oauthbearer-xoauth2-with-pop3.patch * fetchmail-add-passwordfile-and-passwordfd-options.patch * fetchmail-add-contrib-fetchnmail-oauth2.py-token-acquisition-u.patch * fetchmail-FAQ-list-gmail-options-including-oauthbearer-and-app.patch * fetchmail-give-each-ctl-it-s-own-copy-of-password.patch * fetchmail-re-read-passwordfile-on-every-poll.patch * fetchmail-add-query_to64_outsize-utility-function.patch * fetchmail-chase-and-integrate-interface-change.patch * fetchmail-oauth2-c-calculate-and-pass-in-correct-buffer-size-to-to64frombits.patch * fetchmail-increase-max-password-length-to-handle-oauth-tokens.patch * fetchmail-bump-max-passwordlen-to-1bytes.patch * fetchmail-add-readme-oauth2-issue-27.patch OBS-URL: https://build.opensuse.org/request/show/892934 OBS-URL: https://build.opensuse.org/package/show/server:mail/fetchmail?expand=0&rev=113
2021-06-04 14:09:36 +02:00
%doc FAQ FEATURES NEWS NOTES OLDNEWS README README.NTLM README.OAUTH2 README.SSL README.SSL-SERVER TODO contrib *.html *.txt *.pdf
%{_bindir}/fetchmail
%dir %attr(0700, fetchmail, fetchmail) %{_localstatedir}/lib/fetchmail
%ghost %attr(0600, fetchmail, root) %{_localstatedir}/log/fetchmail
%{_mandir}/man1/fetchmail.1%{?ext_man}
%ghost %config(noreplace) %attr(0600, fetchmail, root) %{_sysconfdir}/fetchmailrc
%if 0%{?suse_version} > 1500
%{_distconfdir}/logrotate.d/fetchmail
%else
%config(noreplace) %{_sysconfdir}/logrotate.d/fetchmail
%endif
%{_unitdir}/%{name}.service
%{_sbindir}/rc%{name}
%{_libexecdir}/%{name}-systemd-exec
%{_tmpfilesdir}/%{name}.conf
%{_sysusersdir}/%{name}.conf
%{_fillupdir}/sysconfig.%{name}
%files -n fetchmailconf
%{_bindir}/fetchmailconf
%{_mandir}/man1/fetchmailconf.1%{?ext_man}
%{python3_sitelib}/fetchmailconf.*
%{python3_sitelib}/__pycache__/fetchmailconf*
%changelog