From 9cb38e6f9d76aabbd396b34a99e1ffb3aa4cddd7ca17997363a0b430c6522250 Mon Sep 17 00:00:00 2001
From: OBS User buildservice-autocommit <null@suse.de>
Date: Mon, 23 Aug 2010 15:20:16 +0000
Subject: [PATCH] Updating link to change in openSUSE:Factory/fetchmail
 revision 39.0

OBS-URL: https://build.opensuse.org/package/show/server:mail/fetchmail?expand=0&rev=f3cc7335e5244bc89e535de3197d6b95
---
 fetchmail-6.3.16.tar.bz2   |  3 --
 fetchmail-6.3.17.tar.bz2   |  3 ++
 fetchmail-SA-2010-02.patch | 96 --------------------------------------
 fetchmail.changes          | 27 +++++++++++
 fetchmail.spec             |  8 ++--
 5 files changed, 33 insertions(+), 104 deletions(-)
 delete mode 100644 fetchmail-6.3.16.tar.bz2
 create mode 100644 fetchmail-6.3.17.tar.bz2
 delete mode 100644 fetchmail-SA-2010-02.patch

diff --git a/fetchmail-6.3.16.tar.bz2 b/fetchmail-6.3.16.tar.bz2
deleted file mode 100644
index 0cd850e..0000000
--- a/fetchmail-6.3.16.tar.bz2
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:2e316c8ebef47e1266217e5f0e1aa453707f19cf8ddbfacfcbc9eab101757d86
-size 1628808
diff --git a/fetchmail-6.3.17.tar.bz2 b/fetchmail-6.3.17.tar.bz2
new file mode 100644
index 0000000..eddfe1a
--- /dev/null
+++ b/fetchmail-6.3.17.tar.bz2
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:d7a01ceac184c7ebde9a42982e310beec467deb5b3d05c4e413e48cd2619ca24
+size 1642598
diff --git a/fetchmail-SA-2010-02.patch b/fetchmail-SA-2010-02.patch
deleted file mode 100644
index 18c9f84..0000000
--- a/fetchmail-SA-2010-02.patch
+++ /dev/null
@@ -1,96 +0,0 @@
-Index: fetchmail-6.3.16/rfc822.c
-===================================================================
---- fetchmail-6.3.16.orig/rfc822.c	2010-04-06 10:59:13.000000000 +0200
-+++ fetchmail-6.3.16/rfc822.c	2010-04-19 14:32:14.000000000 +0200
-@@ -25,6 +25,7 @@ MIT license.  Compile with -DMAIN to bui
- #include  <stdlib.h>
- 
- #include "fetchmail.h"
-+#include "sdump.h"
- 
- #ifndef MAIN
- #include "i18n.h"
-@@ -74,9 +75,10 @@ char *reply_hack(
-     }
- 
- #ifndef MAIN
--    if (outlevel >= O_DEBUG)
--	report_build(stdout, GT_("About to rewrite %.*s...\n"),
--			(int)BEFORE_EOL(buf), buf);
-+    if (outlevel >= O_DEBUG) {
-+	report_build(stdout, GT_("About to rewrite %s...\n"), (cp = sdump(buf, BEFORE_EOL(buf))));
-+	xfree(cp);
-+    }
- 
-     /* make room to hack the address; buf must be malloced */
-     for (cp = buf; *cp; cp++)
-@@ -211,9 +213,12 @@ char *reply_hack(
-     }
- 
- #ifndef MAIN
--    if (outlevel >= O_DEBUG)
--	report_complete(stdout, GT_("...rewritten version is %.*s.\n"),
--			(int)BEFORE_EOL(buf), buf);
-+    if (outlevel >= O_DEBUG) {
-+	report_complete(stdout, GT_("...rewritten version is %s.\n"),
-+			(cp = sdump(buf, BEFORE_EOL(buf))));
-+	xfree(cp)
-+    }
-+
- #endif /* MAIN */
-     *length = strlen(buf);
-     return(buf);
-Index: fetchmail-6.3.16/uid.c
-===================================================================
---- fetchmail-6.3.16.orig/uid.c	2010-04-06 10:59:13.000000000 +0200
-+++ fetchmail-6.3.16/uid.c	2010-04-19 14:32:14.000000000 +0200
-@@ -20,6 +20,7 @@
- 
- #include "fetchmail.h"
- #include "i18n.h"
-+#include "sdump.h"
- 
- /*
-  * Machinery for handling UID lists live here.  This is mainly to support
-@@ -260,8 +261,11 @@ void initialize_saved_lists(struct query
- 	if (uidlcount)
- 	{
- 	    report_build(stdout, GT_("Scratch list of UIDs:"));
--	    for (idp = scratchlist; idp; idp = idp->next)
--		report_build(stdout, " %s", idp->id);
-+	    for (idp = scratchlist; idp; idp = idp->next) {
-+		char *t = sdump(idp->id, strlen(idp->id));
-+		report_build(stdout, " %s", t);
-+		free(t);
-+	    }
- 	    if (!idp)
- 		report_build(stdout, GT_(" <empty>"));
- 	    report_complete(stdout, "\n");
-@@ -517,8 +521,11 @@ void uid_swap_lists(struct query *ctl)
- 	    report_build(stdout, GT_("Merged UID list from %s:"), ctl->server.pollname);
- 	else
- 	    report_build(stdout, GT_("New UID list from %s:"), ctl->server.pollname);
--	for (idp = dofastuidl ? ctl->oldsaved : ctl->newsaved; idp; idp = idp->next)
--	    report_build(stdout, " %s = %d", idp->id, idp->val.status.mark);
-+	for (idp = dofastuidl ? ctl->oldsaved : ctl->newsaved; idp; idp = idp->next) {
-+	    char *t = sdump(idp->id, strlen(idp->id));
-+	    report_build(stdout, " %s = %d", t, idp->val.status.mark);
-+	    free(t);
-+        }
- 	if (!idp)
- 	    report_build(stdout, GT_(" <empty>"));
- 	report_complete(stdout, "\n");
-@@ -567,8 +574,11 @@ void uid_discard_new_list(struct query *
- 	/* this is now a merged list! the mails which were seen in this
- 	 * poll are marked here. */
- 	report_build(stdout, GT_("Merged UID list from %s:"), ctl->server.pollname);
--	for (idp = ctl->oldsaved; idp; idp = idp->next)
--	    report_build(stdout, " %s = %d", idp->id, idp->val.status.mark);
-+	for (idp = ctl->oldsaved; idp; idp = idp->next) {
-+	    char *t = sdump(idp->id, strlen(idp->id));
-+	    report_build(stdout, " %s = %d", t, idp->val.status.mark);
-+	    free(t);
-+	}
- 	if (!idp)
- 	    report_build(stdout, GT_(" <empty>"));
- 	report_complete(stdout, "\n");
diff --git a/fetchmail.changes b/fetchmail.changes
index 271b91f..ee8a638 100644
--- a/fetchmail.changes
+++ b/fetchmail.changes
@@ -1,3 +1,30 @@
+-------------------------------------------------------------------
+Tue Aug 17 14:20:47 UTC 2010 - puzel@novell.com
+
+- update to fetchmail-6.3.17
+ # SECURITY FIX
+  * CVE-2010-1167: Fetchmail before release 6.3.17 did not properly
+    sanitize external input (mail headers and UID). 
+ # FEATURES
+  * Fetchmail now supports a --sslcertfile <file> option to
+    specify a "CA bundle" file (a file that contains trusted CA
+    certificates).
+  * Fetchmail now supports a
+    FETCHMAIL_INCLUDE_DEFAULT_X509_CA_CERTS environment variable
+    to force loading the default SSL CA certificate locations even
+    if --sslcertfile or --sslcertpath is used.  If neither option
+    is in effect, fetchmail loads the default locations.
+ # REGRESSION FIX
+  * Fix string handling in rcfile scanner, which caused fetchmail
+    to misparse a run control file in certain circumstances.
+ # BUG FIXES
+  * Plug memory leak when using a "defaults" entry in the run
+    control file.
+  * Do not print SSL certificate mismatches unless verbose or
+    --sslcertck is enabled.
+  * Do not lose "set invisible" in fetchmailconf. (Michael Barnack)
+- drop fetchmail-SA-2010-02.patch (in upstream)
+
 -------------------------------------------------------------------
 Mon Apr 19 12:36:27 UTC 2010 - puzel@novell.com
 
diff --git a/fetchmail.spec b/fetchmail.spec
index 47b7e75..06359f1 100644
--- a/fetchmail.spec
+++ b/fetchmail.spec
@@ -1,5 +1,5 @@
 #
-# spec file for package fetchmail (Version 6.3.16)
+# spec file for package fetchmail (Version 6.3.17)
 #
 # Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
@@ -29,14 +29,13 @@ BuildRequires:  krb5-devel
 License:        GPLv2+ ; Other uncritical OpenSource License ; Public Domain, Freeware
 Group:          Productivity/Networking/Email/Utilities
 AutoReqProv:    on
-Version:        6.3.16
-Release:        3
+Version:        6.3.17
+Release:        1
 Source:         %{name}-%{version}.tar.bz2
 Source1:        %{name}.init
 Source2:        %{name}.logrotate
 Source3:        sysconfig.%{name}
 Patch0:         fetchmail-6.3.8-smtp_errors.patch
-Patch1:         fetchmail-SA-2010-02.patch
 PreReq:         %insserv_prereq %fillup_prereq coreutils pwdutils
 Url:            http://fetchmail.berlios.de/
 Icon:	        fetchmail.xpm
@@ -89,7 +88,6 @@ Authors:
 %prep
 %setup -q
 %patch0 -p1
-%patch1 -p1
 cp -a %{S:1} %{S:2} %{S:3} .
 
 %build