diff --git a/README-security.txt b/README-security.txt deleted file mode 100644 index 464f061..0000000 --- a/README-security.txt +++ /dev/null @@ -1,3 +0,0 @@ -Fetchmail upstream provides detailed description of known security issues which -can not be distributed due to legal reasons, but is available at -http://www.fetchmail.info/security.html diff --git a/fetchmail-6.3.21-repacked.tar.bz2 b/fetchmail-6.3.21-repacked.tar.bz2 deleted file mode 100644 index 2321db6..0000000 --- a/fetchmail-6.3.21-repacked.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:6f9438792d9ead2e2fdc682eb122b6944df7a25b2c391dc0880c61150bdf0da9 -size 1658317 diff --git a/fetchmail-6.3.22.tar.bz2 b/fetchmail-6.3.22.tar.bz2 new file mode 100644 index 0000000..3366305 --- /dev/null +++ b/fetchmail-6.3.22.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:09093168552119e962617f86f2713564cf6e3fe7fd32d6799aa0b87df28f1e89 +size 1724108 diff --git a/fetchmail.changes b/fetchmail.changes index dd16a51..422befa 100644 --- a/fetchmail.changes +++ b/fetchmail.changes @@ -1,3 +1,33 @@ +------------------------------------------------------------------- +Tue Sep 11 09:09:21 UTC 2012 - vcizek@suse.com + +- update to 6.3.22 + # SECURITY FIXES + * CVE-2012-3482 (bnc#775988) + * CVE-2011-3389 + # BUG FIX + * The Server certificate: message in verbose mode now appears on stdout like the + remainder of the output. Reported by Henry Jensen, to fix Debian Bug #639807. + * The GSSAPI-related autoconf code now matches gssapi.c better, and uses + a different check to look for GSS_C_NT_HOSTBASED_SERVICE. + This fixes the GSSAPI-enabled build on NetBSD 6 Beta. + # CHANGES + * The security and errata notices fetchmail-{EN,SA}-20??-??.txt are now + under the more relaxed CC BY-ND 3.0 license (the noncommercial clause + was dropped). The Creative Commons address was updated. + * The Python-related Makefile.am parts were simplified to avoid an automake + 1.11.X bug around noinst_PYTHON, Automake Bug #10995. + * Configuring fetchmail without SSL now triggers a configure warning, + and asks the user to consider running configure --with-ssl. + # WORKAROUNDS + * Some servers, notably Zimbra, return A1234 987 FETCH () in response to + a header request, in the face of message corruption. fetchmail now treats + these as temporary errors. Report and Patch by Mikulas Patocka, Red Hat. + * Some servers, notably Microsoft Exchange, return "A0009 OK FETCH completed." + without any header in response to a header request for meeting reminder + messages (with a "meeting.ics" attachment). fetchmail now treats these as + transient errors. Report by John Connett, Patch by Sunil Shetye. + ------------------------------------------------------------------- Thu Jun 14 11:58:02 UTC 2012 - seife+obs@b1-systems.com diff --git a/fetchmail.spec b/fetchmail.spec index db4ce0d..2de4030 100644 --- a/fetchmail.spec +++ b/fetchmail.spec @@ -30,19 +30,19 @@ BuildRequires: python-devel %if 0%{?with_krb5} BuildRequires: krb5-devel %endif -Version: 6.3.21 +Version: 6.3.22 Release: 0 Summary: Full-Featured POP and IMAP Mail Retrieval Daemon License: GPL-2.0+ Group: Productivity/Networking/Email/Utilities Url: http://fetchmail.berlios.de/ -# Always repack upstream tarball without fetchmail-{EN,SA}-*.txt -# bnc#713698 -Source: %{name}-%{version}-repacked.tar.bz2 +# The fetchmail-{EN,SA}-*.txt security advisories +# were relicensed to CC BY-ND 3.0, so there's no need +# to repack the tarball without them anymore (bnc#713698) +Source: %{name}-%{version}.tar.bz2 Source1: %{name}.init Source2: %{name}.logrotate Source3: sysconfig.%{name} -Source4: README-security.txt Patch0: fetchmail-6.3.8-smtp_errors.patch PreReq: %fillup_prereq PreReq: %insserv_prereq @@ -78,7 +78,7 @@ files (.fetchmailrc). %prep %setup -q -n %{name}-%{version} %patch0 -p1 -cp -a %{SOURCE1} %{SOURCE2} %{SOURCE3} %{SOURCE4} . +cp -a %{SOURCE1} %{SOURCE2} %{SOURCE3} . %build %if 0%{?suse_version} > 1010