From 5e6ab45f6ebdb05cf926374bd180362aa09355f9de423ed1bef6013ba6a3b480 Mon Sep 17 00:00:00 2001 From: OBS User unknown Date: Fri, 28 Mar 2008 17:56:13 +0000 Subject: [PATCH] OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/fetchmail?expand=0&rev=11 --- fetchmail-6.3.8-smtp_errors.patch | 44 ++++++++ fetchmail-6.3.8-starttls.patch | 29 ------ fetchmail.changes | 7 ++ fetchmail.spec | 160 ++++++++++++++++-------------- 4 files changed, 134 insertions(+), 106 deletions(-) create mode 100644 fetchmail-6.3.8-smtp_errors.patch delete mode 100644 fetchmail-6.3.8-starttls.patch diff --git a/fetchmail-6.3.8-smtp_errors.patch b/fetchmail-6.3.8-smtp_errors.patch new file mode 100644 index 0000000..41820a1 --- /dev/null +++ b/fetchmail-6.3.8-smtp_errors.patch @@ -0,0 +1,44 @@ +# Patches fetchmail's behaviour for SMTP servers which: +# 1) insist on using TLS - we do not want messages which cannot +# be sent due to server negotiation problems lost - rather we +# keep them on the mailserver. As users should realize rather +# quickly that something went wrong, the overhead shouldn't +# be considered that important. +# 2) use the 501 error code to mark spam - in such a case +# the 'antispam' option should be used +--- fetchmail-6.3.8.orig/sink.c 2007-03-30 00:45:17.000000000 +0200 ++++ fetchmail-6.3.8/sink.c 2007-09-25 17:37:49.332165910 +0200 +@@ -535,7 +535,32 @@ + free(responses[0]); + return(PS_REFUSED); + +- default: ++ case 530: /* must issue STARTTLS error */ ++ /* ++ * Some SMTP servers insist on encrypted communication ++ * Let's set PS_TRANSIENT, otherwise all messages to be sent ++ * over such server would be blackholed ++ */ ++ free(responses[0]); ++ if (outlevel > O_SILENT) ++ report_complete(stdout, ++ GT_(" SMTP server requires STARTTLS, keeping message.\n")); ++ return(PS_TRANSIENT); ++ ++ case 501: /* Syntax error in parameters or arguments */ ++ /* ++ * Some SMTP servers use this error code to refuse spam, however ++ * as we don't want to delete message if e.g. the address is (possibly ++ * by mistake) malformed, user has to use the 'antispam' option to ++ * treat this as spam symptom ++ */ ++ free(responses[0]); ++ if (outlevel > O_SILENT) ++ report_complete(stdout, ++ GT_(" SMTP 501 error - if the server uses this code to report spam, include '501' in the 'antispam' option .\n")); ++ return(PS_TRANSIENT); ++ ++ default: + /* bounce non-transient errors back to the sender */ + if (smtperr >= 500 && smtperr <= 599) + { diff --git a/fetchmail-6.3.8-starttls.patch b/fetchmail-6.3.8-starttls.patch deleted file mode 100644 index 2855ad6..0000000 --- a/fetchmail-6.3.8-starttls.patch +++ /dev/null @@ -1,29 +0,0 @@ -# Patches fetchmail's behaviour for SMTP servers which insist -# on using TLS - we do not want messages which cannot be -# sent due to server negotiation problems lost - rather we -# keep them on the mailserver. As users should realize rather -# quickly that something went wrong, the overhead shouldn't -# be considered that important. ---- fetchmail-6.3.8.orig/sink.c 2007-03-30 00:45:17.000000000 +0200 -+++ fetchmail-6.3.8.new/sink.c 2007-09-25 17:37:49.332165910 +0200 -@@ -535,7 +535,19 @@ - free(responses[0]); - return(PS_REFUSED); - -- default: -+ case 530: /* must issue STARTTLS error */ -+ /* -+ * Some SMTP servers insist on encrypted communication -+ * Let's set PS_TRANSIENT, otherwise all messages to be sent -+ * over such server would be blackholed -+ */ -+ free(responses[0]); -+ if (outlevel > O_SILENT) -+ report_complete(stdout, -+ GT_(" SMTP server requires STARTTLS, keeping message.\n")); -+ return(PS_TRANSIENT); -+ -+ default: - /* bounce non-transient errors back to the sender */ - if (smtperr >= 500 && smtperr <= 599) - { diff --git a/fetchmail.changes b/fetchmail.changes index 6c5a8e5..38fb6a7 100644 --- a/fetchmail.changes +++ b/fetchmail.changes @@ -1,3 +1,10 @@ +------------------------------------------------------------------- +Fri Mar 28 18:31:11 CET 2008 - pcerny@suse.cz + +- additional fix for bnc#246829 + [fetchmail-6.3.8-starttls.patch -> + fetchmail-6.3.8-smtp_errors.patch] + ------------------------------------------------------------------- Wed Nov 28 14:53:25 CET 2007 - pv@suse.de diff --git a/fetchmail.spec b/fetchmail.spec index 84cbc36..57be4dd 100644 --- a/fetchmail.spec +++ b/fetchmail.spec @@ -1,7 +1,7 @@ # # spec file for package fetchmail (Version 6.3.8) # -# Copyright (c) 2007 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2008 SUSE LINUX Products GmbH, Nuernberg, Germany. # This file and all modifications and additions to the pristine # package are under the same license as the package itself. # @@ -10,19 +10,20 @@ # norootforbuild + Name: fetchmail BuildRequires: dante-devel ed krb5-devel openssl-devel opie postfix procmail pwdutils python-devel License: GPL v2 or later; Other uncritical OpenSource License; Public Domain, Freeware Group: Productivity/Networking/Email/Utilities AutoReqProv: on Version: 6.3.8 -Release: 77 +Release: 113 Source: %{name}-%{version}.tar.bz2 Source1: %{name}.init Source2: %{name}.logrotate Source3: sysconfig.%{name} Patch0: fetchmail-6.3.8-CVE-2007-4565.patch -Patch1: fetchmail-6.3.8-starttls.patch +Patch1: fetchmail-6.3.8-smtp_errors.patch PreReq: %insserv_prereq %fillup_prereq coreutils pwdutils Url: http://www.fetchmail.info/ Icon: fetchmail.xpm @@ -54,6 +55,7 @@ Authors: Sunil Shetye %package -n fetchmailconf +License: GPL v2 or later Summary: Fetchmail Configuration Utility Group: Productivity/Networking/Email/Utilities Requires: %{name} = %{version} python-tk @@ -159,20 +161,24 @@ rm -rf $RPM_BUILD_ROOT %{py_sitedir}/fetchmailconf.* %changelog -* Wed Nov 28 2007 - pv@suse.de +* Fri Mar 28 2008 pcerny@suse.cz +- additional fix for bnc#246829 + [fetchmail-6.3.8-starttls.patch -> + fetchmail-6.3.8-smtp_errors.patch] +* Wed Nov 28 2007 pv@suse.de - add PreReq pwdutils #327550 - yast2-mail fetchmail error -* Thu Sep 27 2007 - pcerny@suse.de +* Thu Sep 27 2007 pcerny@suse.de - Fix for DoS vulnerability (#308271 CVE-2007-4565) - Do not remove messages if SMTP insists on TLS (#246829) [fetchmail-6.3.8-starttls.patch] -* Tue Sep 11 2007 - ro@suse.de +* Tue Sep 11 2007 ro@suse.de - remove librsaref2-devel from buildrequires (unused) -* Fri Aug 31 2007 - pcerny@suse.cz +* Fri Aug 31 2007 pcerny@suse.cz - librsaref2 => librsaref2-devel [#302599] - removed %%suseversion > 800 check (insserv) -* Mon Jul 02 2007 - lrupp@suse.de +* Mon Jul 02 2007 lrupp@suse.de - rsaref => librsaref2 -* Thu Apr 19 2007 - sbrabec@suse.cz +* Thu Apr 19 2007 sbrabec@suse.cz - Updated to version 6.3.8: * Make the APOP challenge parser more distrustful and have it reject challenges that do not conform to RFC-822 msg-id format @@ -188,16 +194,16 @@ rm -rf $RPM_BUILD_ROOT * Fix repoll when server disconnects after opportunistic TLS failed for POP3. * Documentation and string fixes. -* Fri Mar 30 2007 - ro@suse.de +* Fri Mar 30 2007 ro@suse.de - added pwdutils to buildreq -* Tue Feb 06 2007 - sbrabec@suse.cz +* Tue Feb 06 2007 sbrabec@suse.cz - Repair repoll after opportunistic TLS failed (#223507#c27, Berlios#10133). - Use upstream fix of KPOP regression (#223507#c26). -* Thu Jan 25 2007 - sbrabec@suse.cz +* Thu Jan 25 2007 sbrabec@suse.cz - Fixed regression in KPOP support (#223507#c8). http://lists.berlios.de/pipermail/fetchmail-devel/2007-January/000857.html -* Wed Jan 24 2007 - sbrabec@suse.cz +* Wed Jan 24 2007 sbrabec@suse.cz - Updated to version 6.3.6 (#223507): * Password disclosure vulnerability fixed (CVE-2006-5867). * Repairs a regression in 6.3.5 that crashes fetchmail when a @@ -213,9 +219,9 @@ rm -rf $RPM_BUILD_ROOT * When HOME and FETCHMAILHOME are unset, be sure to copy user database information. - Spec file cleanup. -* Wed Oct 25 2006 - sbrabec@suse.cz +* Wed Oct 25 2006 sbrabec@suse.cz - Fixed problems caused by calling daemon as non-root (#207305). -* Mon Oct 23 2006 - sbrabec@suse.cz +* Mon Oct 23 2006 sbrabec@suse.cz - Updated to version 6.3.5: * Bug fixes. * Translation updates. @@ -226,157 +232,157 @@ rm -rf $RPM_BUILD_ROOT * Improved IMAP and SDPS behavior. * See NEWS for deprecated features and major incompatible change advance warnings. -* Sat Oct 21 2006 - schwab@suse.de +* Sat Oct 21 2006 schwab@suse.de - Run automake. -* Thu Jun 01 2006 - sbrabec@suse.cz +* Thu Jun 01 2006 sbrabec@suse.cz - By default run as non-root user fetchmail (159764#c1). - Implemented "oneshot" in the init script (159764#c8). -* Mon Apr 03 2006 - sbrabec@suse.cz +* Mon Apr 03 2006 sbrabec@suse.cz - Backported fixes for two crashes (159764#c9, 159764#c10). -* Wed Jan 25 2006 - mls@suse.de +* Wed Jan 25 2006 mls@suse.de - converted neededforbuild to BuildRequires -* Mon Jan 23 2006 - sbrabec@suse.cz +* Mon Jan 23 2006 sbrabec@suse.cz - Updated to version 6.3.2 (fixes CVE-2006-0321). -* Tue Jan 10 2006 - sbrabec@suse.cz +* Tue Jan 10 2006 sbrabec@suse.cz - Updated to version 6.3.1 (fixes #140475). -* Mon Dec 05 2005 - sbrabec@suse.cz +* Mon Dec 05 2005 sbrabec@suse.cz - Updated to version 6.3.0 (fixes #131232). -* Wed Jul 27 2005 - sbrabec@suse.cz +* Wed Jul 27 2005 sbrabec@suse.cz - Updated to version 6.2.5.2 (#97555). -* Mon Apr 25 2005 - sbrabec@suse.cz +* Mon Apr 25 2005 sbrabec@suse.cz - Prevent lost mails with NULL envelope (#80331). -* Thu Feb 03 2005 - ro@suse.de +* Thu Feb 03 2005 ro@suse.de - fix build on older distributions -* Wed Jan 19 2005 - sbrabec@suse.cz +* Wed Jan 19 2005 sbrabec@suse.cz - Turned on GSSAPI, SOCKS and RSAREF support. - Fixed implicit declaration and random result warnings. -* Fri Sep 24 2004 - sbrabec@suse.cz +* Fri Sep 24 2004 sbrabec@suse.cz - Added more sysconfig options for init script. -* Thu Sep 16 2004 - aj@suse.de +* Thu Sep 16 2004 aj@suse.de - Remove wrong definition. -* Tue Aug 31 2004 - sbrabec@suse.cz +* Tue Aug 31 2004 sbrabec@suse.cz - Added sendmail to Required-Start/Stop (#44500). -* Wed May 05 2004 - sbrabec@suse.cz +* Wed May 05 2004 sbrabec@suse.cz - Added sysconfig variable for polling interval (#39777). - Init script adapted to conform latest LSB. -* Tue Apr 27 2004 - ro@suse.de +* Tue Apr 27 2004 ro@suse.de - fix missing return value in pop2.c -* Tue Mar 30 2004 - sbrabec@suse.cz +* Tue Mar 30 2004 sbrabec@suse.cz - Added /etc/fetchmailrc to file list. -* Thu Mar 25 2004 - mmj@suse.de +* Thu Mar 25 2004 mmj@suse.de - Add postfix to # neededforbuild -* Wed Mar 10 2004 - sbrabec@suse.cz +* Wed Mar 10 2004 sbrabec@suse.cz - Set fetchsizelimit for APOP and RPOP (bug #35555). http://lists.ccil.org/pipermail/fetchmail-friends/2003-October/003958.html -* Wed Feb 04 2004 - sbrabec@suse.cz +* Wed Feb 04 2004 sbrabec@suse.cz - Updated to version 6.2.5. -* Sat Jan 10 2004 - adrian@suse.de +* Sat Jan 10 2004 adrian@suse.de - add %%defattr -* Thu Oct 23 2003 - kukuk@suse.de +* Thu Oct 23 2003 kukuk@suse.de - Remove wrong requires -* Thu Aug 07 2003 - sbrabec@suse.cz +* Thu Aug 07 2003 sbrabec@suse.cz - Updated to version 6.2.3. -* Tue May 20 2003 - mmj@suse.de +* Tue May 20 2003 mmj@suse.de - Fix typo -* Wed Mar 26 2003 - sbrabec@suse.cz +* Wed Mar 26 2003 sbrabec@suse.cz - Updated to version 6.2.2. - Created startup script. -* Thu Jan 16 2003 - sbrabec@suse.cz +* Thu Jan 16 2003 sbrabec@suse.cz - Updated to version 6.2.1. -* Fri Dec 13 2002 - mmj@suse.de +* Fri Dec 13 2002 mmj@suse.de - Update to 6.2.0 which has security fix for rfc822.c and some translations plus an SMTP timeout patch -* Tue Dec 10 2002 - sbrabec@suse.cz +* Tue Dec 10 2002 sbrabec@suse.cz - Updated to version 6.1.3. -* Wed Nov 20 2002 - sbrabec@suse.cz +* Wed Nov 20 2002 sbrabec@suse.cz - Spec file cleanup (bug #21912). -* Thu Oct 24 2002 - sbrabec@suse.cz +* Thu Oct 24 2002 sbrabec@suse.cz - Update to version 6.1.1. -* Tue Oct 01 2002 - sbrabec@suse.cz +* Tue Oct 01 2002 sbrabec@suse.cz - Removed --with-included-gettext and re-enabled NLS. - OPIE/OTP fixes. - Spec file cleanup. -* Fri Sep 27 2002 - mmj@suse.de +* Fri Sep 27 2002 mmj@suse.de - Update to 6.1.0 including since 5.9.13: o Support for STARTTLS over IMAP o Cleanups and bugfixes o Translation update o Fix for potential remote vulnerability in multidrop mode, which according to the author is an important security fix. -* Mon Jul 29 2002 - jreuter@suse.de +* Mon Jul 29 2002 jreuter@suse.de - more spec file cleanup -* Mon Jul 29 2002 - jreuter@suse.de +* Mon Jul 29 2002 jreuter@suse.de - added /etc/logrotate.d/fetchmail (Bugzilla #17279) - spec file cleanup -* Fri Jul 19 2002 - jreuter@suse.de +* Fri Jul 19 2002 jreuter@suse.de - removed /usr/share/locale/*/LC_MESSAGES/fetchmail.mo from file list -* Wed Jul 17 2002 - jreuter@suse.de +* Wed Jul 17 2002 jreuter@suse.de - updated to version 5.9.13 - disabled NLS support because it doesn't compile and esr is about to remove it anyway - complete changelog: http://tuxedo.org/~esr/fetchmail/NEWS -* Sat Mar 23 2002 - kukuk@suse.de +* Sat Mar 23 2002 kukuk@suse.de - Fix fetchmailconf (wrong python widget destroy calls) [Bug #15391] -* Mon Sep 17 2001 - bjacke@suse.de +* Mon Sep 17 2001 bjacke@suse.de - minor fixes in README.SUSE -* Thu Aug 16 2001 - bjacke@suse.de +* Fri Aug 17 2001 bjacke@suse.de - update to 5.9.0 -* Thu Jul 12 2001 - bjacke@suse.de +* Thu Jul 12 2001 bjacke@suse.de - update to 5.8.14 -* Fri Jun 15 2001 - bjacke@suse.de +* Fri Jun 15 2001 bjacke@suse.de - patch to prevent buffer overflow due to long headers -* Tue Apr 03 2001 - bjacke@suse.de +* Tue Apr 03 2001 bjacke@suse.de - update to 5.8.0 -* Thu Mar 22 2001 - ro@suse.de +* Thu Mar 22 2001 ro@suse.de - added split-aliases as provides -* Wed Feb 14 2001 - bjacke@suse.de +* Wed Feb 14 2001 bjacke@suse.de - updated to 5.6.5 (fixes #6245) - fix fetchmailconf nospambounce problem - enable RPA protocol -* Fri Jan 05 2001 - bjacke@suse.de +* Fri Jan 05 2001 bjacke@suse.de - disabled IPv6 support for the time being to fix bug #5111 -* Wed Dec 20 2000 - garloff@suse.de +* Wed Dec 20 2000 garloff@suse.de - pass --enable-NTLM to configure in order to enable M$ Exchange compatible auth proto - explicitly specify the directories with --mandir etc ... - Use DESTDIR= instead of prefix to pass RPM_BUILD_ROOT - add %%{?suse_update_config} -* Mon Dec 18 2000 - bjacke@suse.de +* Mon Dec 18 2000 bjacke@suse.de - some spec file fixes -* Mon Dec 18 2000 - ro@suse.de +* Mon Dec 18 2000 ro@suse.de - Fix requires for fetchmailconf (again) -* Mon Dec 18 2000 - bjacke@suse.de +* Mon Dec 18 2000 bjacke@suse.de - merged ssl stuff from fetchmailssl to fetchmail package -* Wed Nov 29 2000 - bjacke@suse.de +* Wed Nov 29 2000 bjacke@suse.de - updated to 5.6.0 - adjust README to new boot concept -* Fri Nov 10 2000 - bjacke@suse.de +* Fri Nov 10 2000 bjacke@suse.de - updated to version 5.5.5 - switched to long names - added README.SuSE -* Sun Sep 03 2000 - bjacke@suse.de +* Sun Sep 03 2000 bjacke@suse.de - update to fetchmail-5.5.1 -* Tue May 23 2000 - bk@suse.de +* Tue May 23 2000 bk@suse.de - moved fetchmailconf man page to subpackage fetchmcf -* Mon May 15 2000 - bk@suse.de +* Mon May 15 2000 bk@suse.de - update to fetchmail-5.4.0, new major version. -* Wed Mar 01 2000 - werner@suse.de +* Wed Mar 01 2000 werner@suse.de - Fix config.guess selection -* Thu Feb 24 2000 - dipa@suse.de +* Thu Feb 24 2000 dipa@suse.de - update to fetchmail-5.3. update to fetchmail-5.3.00 -* Tue Feb 15 2000 - bk@suse.de +* Tue Feb 15 2000 bk@suse.de - update to fetchmail-5.2.8, that's the code freeze release for 5.3.0 -* Tue Feb 08 2000 - bk@suse.de +* Tue Feb 08 2000 bk@suse.de - update to fetchmail-5.2.7, Eric's changelog to 5.2.6 is very small: * Updated FAQ and * Updated es.po. * Disable mail notification on server unreachable. This turned out to be a very bad idea. -* Tue Feb 01 2000 - ro@suse.de +* Tue Feb 01 2000 ro@suse.de - specfile typo -* Tue Feb 01 2000 - ro@suse.de +* Tue Feb 01 2000 ro@suse.de - create man directory -* Mon Jan 31 2000 - bk@suse.de +* Mon Jan 31 2000 bk@suse.de - restarted spec from package-provided spec, subpackages fetchmcf (fetchmailconf) -* Wed Oct 20 1999 - bk@suse.de +* Wed Oct 20 1999 bk@suse.de - split-off from pop, update to 5.1.2