fetchmail

rpm/fetchmail

SHA256

Fork 0

forked from pool/fetchmail

Commit Graph

Author	SHA256	Message	Date
David Anes	d3007028df	Accepting request 991826 from home:mcepl:branches:server:mail - Update to 6.4.32: * Use configure to find rst2html, some systems install it only with .py suffix, others only without, and some install both. * Update README.maintainer * Translations updated. - Reapplied patches - Add 44-uncorrupt_runfetchmail.patch to clean up some contrib/ scripts (gl#fetchmail/fetchmail#44). OBS-URL: https://build.opensuse.org/request/show/991826 OBS-URL: https://build.opensuse.org/package/show/server:mail/fetchmail?expand=0&rev=137	2022-08-01 07:35:53 +00:00
Dirk Stoecker	21432f8641	Accepting request 923570 from home:pmonrealgonzalez:branches:server:mail - Update to 6.4.22: [bsc#1190069, CVE-2021-39272] * OPENSSL AND LICENSING NOTE: - fetchmail 6.4.22 is compatible with OpenSSL 1.1.1 and 3.0.0. OpenSSL's licensing changed between these releases from dual OpenSSL/SSLeay license to Apache License v2.0, which is considered incompatible with GPL v2 by the FSF. For implications and details, see the file COPYING. * SECURITY FIXES: - CVE-2021-39272: fetchmail-SA-2021-02: On IMAP connections, without --ssl and with nonempty --sslproto, meaning that fetchmail is to enforce TLS, and when the server or an attacker sends a PREAUTH greeting, fetchmail used to continue an unencrypted connection. Now, log the error and abort the connection. --Recommendation for servers that support SSL/TLS-wrapped or "implicit" mode on a dedicated port (default 993): use --ssl, or the ssl user option in an rcfile. - On IMAP and POP3 connections, --auth ssh no longer prevents STARTTLS negotiation. - On IMAP connections, fetchmail does not permit overriding a server-side LOGINDISABLED with --auth password any more. - On POP3 connections, the possibility for RPA authentication (by probing with an AUTH command without arguments) no longer prevents STARTTLS negotiation. - For POP3 connections, only attempt RPA if the authentication type is "any". * BUG FIXES: - On IMAP connections, when AUTHENTICATE EXTERNAL fails and we have received the tagged (= final) response, do not send "*". - On IMAP connections, AUTHENTICATE EXTERNAL without username will properly send a "=" for protocol compliance. OBS-URL: https://build.opensuse.org/request/show/923570 OBS-URL: https://build.opensuse.org/package/show/server:mail/fetchmail?expand=0&rev=120	2021-10-12 09:48:34 +00:00
Pedro Monreal Gonzalez	fe4b96277c	Accepting request 892934 from home:jeff_mahoney:branches:server:mail - Backported support for OAUTH2 authentication from Fetchmail 7.0. - add imap oauthbearer support - support oauthbearer/xoauth2 with pop3 - add passwordfile and passwordfd options - add contrib/fetchnmail-oauth2.py token acquisition utility - FAQ: list gmail options including oauthbearer and app password - give each ctl it's own copy of password - re-read passwordfile on every poll - add query_to64_outsize() utility function - Chase and integrate interface change. - oauth2.c: calculate and pass in correct buffer size to to64frombits() - Increase max password length to handle oauth tokens - Bump max. passwordlen to 10000 bytes. - Add README.OAUTH2 - Added patches: * fetchmail-add-imap-oauthbearer-support.patch * fetchmail-support-oauthbearer-xoauth2-with-pop3.patch * fetchmail-add-passwordfile-and-passwordfd-options.patch * fetchmail-add-contrib-fetchnmail-oauth2.py-token-acquisition-u.patch * fetchmail-FAQ-list-gmail-options-including-oauthbearer-and-app.patch * fetchmail-give-each-ctl-it-s-own-copy-of-password.patch * fetchmail-re-read-passwordfile-on-every-poll.patch * fetchmail-add-query_to64_outsize-utility-function.patch * fetchmail-chase-and-integrate-interface-change.patch * fetchmail-oauth2-c-calculate-and-pass-in-correct-buffer-size-to-to64frombits.patch * fetchmail-increase-max-password-length-to-handle-oauth-tokens.patch * fetchmail-bump-max-passwordlen-to-1bytes.patch * fetchmail-add-readme-oauth2-issue-27.patch OBS-URL: https://build.opensuse.org/request/show/892934 OBS-URL: https://build.opensuse.org/package/show/server:mail/fetchmail?expand=0&rev=113	2021-06-04 12:09:36 +00:00

Author

SHA256

Message

Date

David Anes

d3007028df

Accepting request 991826 from home:mcepl:branches:server:mail

- Update to 6.4.32:
  * Use configure to find rst2html, some systems install it only
    with .py suffix, others only without, and some install both.
  * Update README.maintainer
  * Translations updated.
- Reapplied patches
- Add 44-uncorrupt_runfetchmail.patch to clean up some contrib/
  scripts (gl#fetchmail/fetchmail#44).

OBS-URL: https://build.opensuse.org/request/show/991826
OBS-URL: https://build.opensuse.org/package/show/server:mail/fetchmail?expand=0&rev=137

2022-08-01 07:35:53 +00:00

Dirk Stoecker

21432f8641

Accepting request 923570 from home:pmonrealgonzalez:branches:server:mail

- Update to 6.4.22: [bsc#1190069, CVE-2021-39272]
  * OPENSSL AND LICENSING NOTE:
    - fetchmail 6.4.22 is compatible with OpenSSL 1.1.1 and 3.0.0.
      OpenSSL's licensing changed between these releases from dual
      OpenSSL/SSLeay license to Apache License v2.0, which is
      considered incompatible with GPL v2 by the FSF. For
      implications and details, see the file COPYING.
  * SECURITY FIXES:
    - CVE-2021-39272: fetchmail-SA-2021-02: On IMAP connections,
      without --ssl and with nonempty --sslproto, meaning that
      fetchmail is to enforce TLS, and when the server or an attacker
      sends a PREAUTH greeting, fetchmail used to continue an
      unencrypted connection. Now, log the error and abort the
      connection. --Recommendation for servers that support
      SSL/TLS-wrapped or "implicit" mode on a dedicated port
      (default 993): use --ssl, or the ssl user option in an rcfile.
    - On IMAP and POP3 connections, --auth ssh no longer prevents
      STARTTLS negotiation.
    - On IMAP connections, fetchmail does not permit overriding
      a server-side LOGINDISABLED with --auth password any more.
    - On POP3 connections, the possibility for RPA authentication
      (by probing with an AUTH command without arguments) no longer
      prevents STARTTLS negotiation.
    - For POP3 connections, only attempt RPA if the authentication
      type is "any".
  * BUG FIXES:
    - On IMAP connections, when AUTHENTICATE EXTERNAL fails and we
      have received the tagged (= final) response, do not send "*".
    - On IMAP connections, AUTHENTICATE EXTERNAL without username
      will properly send a "=" for protocol compliance.

OBS-URL: https://build.opensuse.org/request/show/923570
OBS-URL: https://build.opensuse.org/package/show/server:mail/fetchmail?expand=0&rev=120

2021-10-12 09:48:34 +00:00

Pedro Monreal Gonzalez

fe4b96277c

Accepting request 892934 from home:jeff_mahoney:branches:server:mail

- Backported support for OAUTH2 authentication from Fetchmail 7.0.
  - add imap oauthbearer support
  - support oauthbearer/xoauth2 with pop3
  - add passwordfile and passwordfd options
  - add contrib/fetchnmail-oauth2.py token acquisition utility
  - FAQ: list gmail options including oauthbearer and app password
  - give each ctl it's own copy of password
  - re-read passwordfile on every poll
  - add query_to64_outsize() utility function
  - Chase and integrate interface change.
  - oauth2.c: calculate and pass in correct buffer size to to64frombits()
  - Increase max password length to handle oauth tokens
  - Bump max. passwordlen to 10000 bytes.
  - Add README.OAUTH2
- Added patches:
  * fetchmail-add-imap-oauthbearer-support.patch
  * fetchmail-support-oauthbearer-xoauth2-with-pop3.patch
  * fetchmail-add-passwordfile-and-passwordfd-options.patch
  * fetchmail-add-contrib-fetchnmail-oauth2.py-token-acquisition-u.patch
  * fetchmail-FAQ-list-gmail-options-including-oauthbearer-and-app.patch
  * fetchmail-give-each-ctl-it-s-own-copy-of-password.patch
  * fetchmail-re-read-passwordfile-on-every-poll.patch
  * fetchmail-add-query_to64_outsize-utility-function.patch
  * fetchmail-chase-and-integrate-interface-change.patch
  * fetchmail-oauth2-c-calculate-and-pass-in-correct-buffer-size-to-to64frombits.patch
  * fetchmail-increase-max-password-length-to-handle-oauth-tokens.patch
  * fetchmail-bump-max-passwordlen-to-1bytes.patch
  * fetchmail-add-readme-oauth2-issue-27.patch

OBS-URL: https://build.opensuse.org/request/show/892934
OBS-URL: https://build.opensuse.org/package/show/server:mail/fetchmail?expand=0&rev=113

2021-06-04 12:09:36 +00:00

3 Commits