Subject: CVS commit: [pkgsrc-2005Q1] pkgsrc/mail/poppassd
To: None <>
From: Lubomir Sedlacik <>
List: pkgsrc-changes
Date: 06/05/2005 18:40:05
Module Name:	pkgsrc
Committed By:	salo
Date:		Sun Jun  5 18:40:05 UTC 2005

Modified Files:
	pkgsrc/mail/poppassd [pkgsrc-2005Q1]: MESSAGE Makefile distinfo

Log Message:
Pullup ticket 540 - requested by Adrian Portelli
security update for poppassd

Revisions pulled up:
- pkgsrc/mail/poppassd/Makefile		1.15-1.16
- pkgsrc/mail/poppassd/MESSAGE		1.3
- pkgsrc/mail/poppassd/distinfo		1.11

   Module Name:		pkgsrc
   Committed By:	taca
   Date:		Sat May 28 02:57:22 UTC 2005

   Modified Files:
   	pkgsrc/mail/poppassd: Makefile

   Log Message:
   - Share MASTER_SITES and HOMEPAGE with qpopper package using

   No functional change.
   Module Name:		pkgsrc
   Committed By:	adrianp
   Date:		Wed Jun  1 21:00:39 UTC 2005

   Modified Files:
   	pkgsrc/mail/poppassd: MESSAGE Makefile distinfo

   Log Message:
   - Update poppassd to 4.0.8
   - Thanks to taca@ and gavan@ for feedback and patch review
   - This also enables experimental PAM support (on platforms that support it)
   - Security fixes included
   - From the ChangeLog:
   Changes from 4.0.7 to 4.0.8:
   > ---------------------------
   >  1.  Fix compilation error on HPUX.
   >  2.  Fix some compilation warnings.
   >  3.  Update man page with '-x' option.
   >  4.  Fix problems with 'make install'
   > Changes from 4.0.6 to 4.0.7:
   > ---------------------------
   >  1.  Fix '-V' for standalone.
   >  2.  Include 'man' directory in tarball.
   > Changes from 4.0.5 to 4.0.6:
   > ----------------------------
   >  1.  Minor fixes for true64.
   >  2.  Patch from Uli Zappe to fix SCRAM compilation bugs.
   >  3.  Minor fixes for true64.
   >  4.  poppassd now runs smbpasswd as user, not root, to avoid exploit
   >  5.  Remove -traditional-cpp from the compiler options for Darwin
   >      builds (otherwise build fails)
   >  6.  Open stdout and stderr as O_WRONLY instead of O_RDONLY so that
   >      should anything actually be written to them it will show up
   >  7.  When configured as --with-pam and required,
   >      include <pam/pam_appl.h> instead of <security/pam_appl.h>
   >      (otherwise build fails)
   >  8.  strdup the pw.pw_name field from getpwnam so that it's still
   >      valid by the time genpath is called; also added corresponding
   >      free (without this fix when the bug manifests, clients are
   >      erroneously told there are 0 messages in the mail drop
   >      regardless of the actual number)
   >  9.  Add a pam bug workaround at the beginning of main to do a
   >      pam_start and pam_end immediately when the program starts up
   >      in order to avoid bogus authentication failed messages from
   >      pam_authenticate later (only when configured as --with-pam)
   >      [ Thanks to Kyle McKay for changes 5-9 ]
   > 10.  Fixed error in configure script for Mac OS / Darwin.
   > 11.  Support chained certs for OpenSSL [from Daniel Senie].
   > 12.  Fixes to compile better on Linux [from Daniel Senie].
   > 13.  X-UIDL header no longer written when Update_status_hdrs is false
   >      [thanks to Helge Oldach]
   > 14.  Now calling SSL_shutdown() again if it fails the first time.
   > 15.  Now logging TLS errors when compiled with debugging and debug is
   >      enabled (instead of either) [thanks to Maks N. Polunin].
   > 16.  Config file now always closed (not just on error).
   > 17.  When using pam, Kerberos tickets are now destroyed.
   >      Otherwise dead tickets accumulate in cache directory which runs
   >      out of space quickly on busy server.  Problem noted by Rodney
   >      McDuff ITS UQ.   (Directory permissions on ticket cache dir need
   >      to be 1777).
   > 18.  Always log "Servicing request" (instead of just when debugging is
   >      on).   This allows start of pop sessions to be logged always which
   >      is useful for diagnosis of problems.
   > 19.  Worked around problem on some systems causing SIGALRM to be masked,
   >      leaving hung pop processes which should have timed out waiting
   >      for a command from the client.
   >      [ Thanks to David Shrimpton for changes 16-19 ]
   > 20.  Now defaulting to "EXPIRE NEVER" instead of "EXPIRE 0".
   > 21.  Fix core dump on 64-bit Solaris 2.8 [thanks to Kenny Nguyen]
   > 22.  Log facility set on command line now applies to daemon as well.
   >      [Thanks to Helge Oldach]
   > 23.  '-y' to set log facility on command line now works again.
   > 24.  Allow '-V' as synonym for '-v' (to see version).
   > 25.  Process user and spool config files as user, not as root (fix
   >      security hole reported by Jens Steube)
   > 26.  Added "xtnd_xmit" as a boolean option to permit/deny XTND XMIT
   >      and 'x' as a command-line option to disable it.  You should
   >      disable it unless you really need it, and even then it is better
   >      to move to SMTP AUTH.
   > 27.  popauth now opens trace file as user, not root (fix security
   >      hole reported by Jens Steube); also umask now set.
   > 28.  Fix race crash on FreeBSD (thanks to Martin Haller).
   > 29.  Resolve some compiler warnings.
   > 30.  Fix check for libcrypt on FreeBSD.
   > 31.  Added sample pam configuration file (also installed by 'make
   >      install')
   > 32.  Use generic error msg and sleep in more auth failure cases.
   > 33.  Added code to use mkstemp() instead of our perfectly safe usage
   >      of tempnam() because some compilers issue overly broad warnings
   >      implying that all uses of tempnam() are unsafe.  To bypass,
   >      use '--enable-tempnam' with ./configure.

To generate a diff of this commit:
cvs rdiff -r1.2 -r1.2.14.1 pkgsrc/mail/poppassd/MESSAGE
cvs rdiff -r1.13 -r1.13.4.1 pkgsrc/mail/poppassd/Makefile
cvs rdiff -r1.10 -r1.10.2.1 pkgsrc/mail/poppassd/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.