pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc/mail/fetchmail
Module Name: pkgsrc
Committed By: triaxx
Date: Wed Dec 31 07:44:11 UTC 2025
Modified Files:
pkgsrc/mail/fetchmail: Makefile PLIST distinfo
pkgsrc/mail/fetchmail/patches: patch-Makefile.in patch-configure
patch-configure.ac
Removed Files:
pkgsrc/mail/fetchmail: MESSAGE
Log Message:
fetchmail: Update to 6.6.2
pkgsrc changes:
---------------
* Remove obsolete MESSAGE file.
upstream changes:
-----------------
fetchmail-6.6.2 (released 2025-12-09, 32386 LoC):
## BUGFIX:
* fetchmail 6.6.0 and 6.6.1 could not be configured without SSL, it would break
compiling sink.c. Fix compilation. Report by Toralf Förster, analysis and
different patch suggested by Holger Hoffstätte, fixes #86.
https://bugs.gentoo.org/967258 and
https://gitlab.com/fetchmail/fetchmail/-/issues/86
-------------------------------------------------------------------------------
fetchmail-6.6.1 (released 2025-11-12, 32381 LoC):
## TRANSLATIONS were updated by these fine people (randomized order):
* sr: Мирослав Николић [Serbian]
* es: Cristian Othón Martínez Vera [Spanish]
-------------------------------------------------------------------------------
fetchmail-6.6.0 (released 2025-10-27, 32381 LoC):
## FEATURE:
* SMTP TLS and STARTTLS support. By default, this works opportunistically,
attempting to set up a TLS connection to the smtphost if it understands EHLO
and offers STARTTLS, but will not enforce peer certificate validity for
compatibility, esp. because "localhost" (the default SMTP host) usually
isn't listed in the X.509 certificates.
Behavior can be tweaked by adding /notls (cleartext connection), /tls
(TLS-wrapped connection, negotiating TLS before conversing otherwise),
or /starttls (requiring EHLO to offer STARTTLS, requesting the latter and
requiring the server certificate to validate) to the SMTP host's name.
Also, you can add /tlsproto=... where ... accepts the same parameters
as the --sslproto option, which see.
Ports, if not specified, default to 25 for opportunistic and /notls modes,
465 for /tls and 587 for /starttls, but can be overridden either by giving,
say /25 or /smtp for /starttls.
## TRANSLATIONS were updated by these fine people (randomized order):
* it: Luca Vercelli [Italian]
* pl: Jakub Bogusz [Polish]
* fr: Frédéric Marchal [French]
* sv: Göran Uddeborg [Swedish]
* sq: Besnik Bleta [Albanian]
* ro: Remus-Gabriel Chelu [Romanian]
* ja: Takeshi Hamasaki [Japanese]
* de: Matthias Andree [German]
* cs: Petr Pisar [Czech]
* eo: Keith Bowes [Esperanto]
-------------------------------------------------------------------------------
fetchmail-6.5.7 (released 2025-10-18, 32215 LoC):
## BUGFIXES:
* When authenticating to an SMTP server, the AUTH LOGIN method (which didn't
become a proposed standard, and is only the third method fetchmail would try,
if CRAM-MD5 and PLAIN weren't offered) required that the server returned
a 334 code followed by a blank and by a decodable base64 challenge we ignored
anyways. This is in line with RFC 4952.
However, to improve compatibility, fetchmail now accepts anything that
starts with "334 " and disregards the remainder of the line.
At the same time, AUTH LOGIN was deprecated. AUTH PLAIN should be available
everywhere AUTH LOGIN is, and is specified in IETF RFC 4616.
* When authenticating to an SMTP server, i. e. esmtpname/esmtppassword are
defined, check for errors, and skip servers that do not understand EHLO,
because we cannot negotiate supported authentication schemes with them.
This should avoid attempting to send a lot of messages and see them rejected.
* When authenticating to an SMTP server, do not send client abort "*" when
we receive any other server reply but 334.
* Extend 6.5.6's RFC-5321 address-literal fix to MAIL FROM. This might
apply when we only have a server's IP address and need to quality
addresses without domain. Fixes Debian Bug#1080025.
* SMTP AUTH can now look up passwords from the .netrc file - for that,
fetchmail's esmtpname setting must match the login for the given host in
.netrc. Fixes Debian Bug#1056651 by Ticker Berkin.
* Improve the GSSAPI (Kerberos V) build, which was pretty hard to get working.
This was improved. Recommendation:
- For autoconf builds (./configure), be sure to have the desired krb5-config
executable early on $PATH before running ./configure.
- For meson builds, be sure to list the path to your krb5-gssapi.pc file on
PKG_CONFIG_PATH. (meson will fall back to krb5-config, so if that's on PATH,
that should also work.)
## TRANSLATION UPDATES were contributed by these fine people - thank you!
* The Italian translation is back - it had been missing from earlier 6.5.X
since it had fallen too far behind with the last update in 2010.
* cs: Petr Pisar [Czech]
* eo: Keith Bowes [Esperanto]
* es: Cristian Othón Martínez Vera [Spanish]
* fr: Frédéric Marchal [French]
* it: Luca Vercelli [Italian]
* ja: Takeshi Hamasaki [Japanese]
* pl: Jakub Bogusz [Polish]
* ro: Remus-Gabriel Chelu [Romanian]
* sq: Besnik Bleta [Albanian]
* sv: Göran Uddeborg [Swedish]
-------------------------------------------------------------------------------
fetchmail-6.5.6 (released 2025-10-03, 31795 LoC):
## SECURITY BUGFIX:
* fetchmail-SA-2025-01.txt: CVE-2025-61962
An SMTP server advertising EHLO and AUTH, and if fetchmail is configured to
authenticate (esmtpname and esmtppassword given and non-empty), the server
might crash fetchmail by sending a "334" response without further blank to
fetchmail's AUTH request. This is in violation of applicable RFC-4952 though.
Fetchmail now detects this situation and reports it separately as
malformed server reply.
Fetchmail 6.5.6 has been released without waiting for translation updates
or CVE identifier, these will be provided in followup releases.
## BUGFIXES:
* RFC-5321: When the --smtpaddress, --smtphost, --smtpname, -D or -S argument
is an numeric address literal such as 192.0.2.2 or 2001:0DB8::4321, properly
format that as such in the SMTP RCPT command as user@[192.0.2.2] or
user@[IPv6:2001:0DB8::4321].
* When printing output on the console while fetching mail, do not intersperse
another copy of our program name and date in the middle of a log line.
Workaround for older versions: --logfile /dev/tty (might also use
--logfile /dev/stderr) - but note this changes buffering behavior and may
output to appear later and without ticker marks.
* A few low-priority memory leaks in the command-line options parser were
fixed. Since this parser runs only once, leaks are harmless.
* Some minor code cleanups and robustness fixes were made, and we should
see fewer compiler warnings as a result.
## CHANGES:
* Given the slow update schedules of some distributions, already add code
that checks if time_t() is good beyond the year 2038,
meaning time_t is either unsigned (which would last until 2106) or
64 bits wide. If the system isn't safe, warn on every launch of fetchmail
beginning 2028-01-01 at 00:00 GMT so users have 10 years to plan.
Fetchmail will also print a warning if time(time_t *t) overflows.
-------------------------------------------------------------------------------
fetchmail-6.5.5 (released 2025-09-24, 31528 LoC):
## LICENSING CHANGE OF WOLFSSL:
* Note that wolfSSL 5.8.2 switched license from GPLv2 to GPLv3, so if
a distribution links fetchmail against wolfSSL, this implies the use
of the "or-any-later-version" clause of the GPLv2-or-later licensed material
in fetchmail, and the combined work can also only ship as GPLv3.
This may or may not apply to later versions of wolfSSL - be sure to check!
## BUGFIXES:
==-- note that these comprise C23 compatibility fixes (GCC 15) --==
* Support t.operation when the running user is different from the one
mentioned in the $USER variable. Fix courtesy of Corey Halpin.
* The kerberos*_auth() functions for v4 and v5 have prototypes now,
so they can be compiled by the most modern C compilers.
* AC_TYPE_* type-checking macros seem unnecessary, strip them, also from
config.h.meson which would not fill them from build.meson. We expect
the operating system to provide us pid_t, size_t, uint32_t.
* Our res_search() autoconf check was broken on compilers adhering to newer
standards (C23), for instance GCC 15, disabling several DNS-based features
in autotools-based builds, but not meson-based builds.
Strip the bogus "extern int res_search();" declaration without prototype,
we would need to have the prototype from the system either way.
## IMPORTANT CHANGE:
* Fetchmail is now more careful to actually clear password and like buffers
in memory, so that is less likely that other processes could access them
should they happen to access similar memory regions after fetchmail's exit.
Fetchmail now uses memset_explicit(), explicit_bzero(), or its own
explicit_bzero() implementation to clear memory buffers that contain
passwords or like secrets, or their base64 equivalents, and also buffers
that it uses to visualize such strings, instead of just using memset().
The motivating reason is that a plain memset() that does not have
/observable/ effects, i. e. when we do not read from the buffer or
transfer it, can be removed by the compiler's optimizer in the so-called
dead store elimination, voiding our attempt to clear the buffer contents
before releasing it to the heap.
The named alternative functions are not being optimized away.
## WORKAROUND:
* IMAP: Recognize SASL_IR advertisement of Cyrus IMAP 3.10.0...3.12.? as
synonymous to SASL-IR per RFC4959. Upstream bug reported at
https://github.com/cyrusimap/cyrus-imapd/issues/5481 - and it was
quickly fixed in all their supported branches by patch releases.
## CHANGES:
* Several documentation tweaks.
* As long as SOURCE_DATE_EPOCH is set, the source tarball build may
be reproducible now. Tested on Fedora 42.
* The Japanese translation [ja] has been updated by Takeshi Hamasaki.
* The Makefile should be compatible across a wider set of make implementations,
beyond GNU make.
To generate a diff of this commit:
cvs rdiff -u -r1.1 -r0 pkgsrc/mail/fetchmail/MESSAGE
cvs rdiff -u -r1.212 -r1.213 pkgsrc/mail/fetchmail/Makefile
cvs rdiff -u -r1.20 -r1.21 pkgsrc/mail/fetchmail/PLIST
cvs rdiff -u -r1.70 -r1.71 pkgsrc/mail/fetchmail/distinfo
cvs rdiff -u -r1.7 -r1.8 pkgsrc/mail/fetchmail/patches/patch-Makefile.in
cvs rdiff -u -r1.6 -r1.7 pkgsrc/mail/fetchmail/patches/patch-configure
cvs rdiff -u -r1.5 -r1.6 pkgsrc/mail/fetchmail/patches/patch-configure.ac
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: pkgsrc/mail/fetchmail/Makefile
diff -u pkgsrc/mail/fetchmail/Makefile:1.212 pkgsrc/mail/fetchmail/Makefile:1.213
--- pkgsrc/mail/fetchmail/Makefile:1.212 Tue Jul 15 21:35:52 2025
+++ pkgsrc/mail/fetchmail/Makefile Wed Dec 31 07:44:10 2025
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.212 2025/07/15 21:35:52 wiz Exp $
+# $NetBSD: Makefile,v 1.213 2025/12/31 07:44:10 triaxx Exp $
# Note to updaters: mail/fetchmailconf reaches over here, make sure it builds.
-DISTNAME= fetchmail-6.5.4
+DISTNAME= fetchmail-6.6.2
CATEGORIES= mail
MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=fetchmail/}
EXTRACT_SUFX= .tar.xz
Index: pkgsrc/mail/fetchmail/PLIST
diff -u pkgsrc/mail/fetchmail/PLIST:1.20 pkgsrc/mail/fetchmail/PLIST:1.21
--- pkgsrc/mail/fetchmail/PLIST:1.20 Sat Dec 28 22:09:58 2024
+++ pkgsrc/mail/fetchmail/PLIST Wed Dec 31 07:44:10 2025
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.20 2024/12/28 22:09:58 triaxx Exp $
+@comment $NetBSD: PLIST,v 1.21 2025/12/31 07:44:10 triaxx Exp $
bin/fetchmail
man/man1/fetchmail.1
share/doc/fetchmail/COPYING
@@ -14,6 +14,7 @@ share/locale/de/LC_MESSAGES/fetchmail.mo
share/locale/eo/LC_MESSAGES/fetchmail.mo
share/locale/es/LC_MESSAGES/fetchmail.mo
share/locale/fr/LC_MESSAGES/fetchmail.mo
+share/locale/it/LC_MESSAGES/fetchmail.mo
share/locale/ja/LC_MESSAGES/fetchmail.mo
share/locale/pl/LC_MESSAGES/fetchmail.mo
share/locale/ro/LC_MESSAGES/fetchmail.mo
Index: pkgsrc/mail/fetchmail/distinfo
diff -u pkgsrc/mail/fetchmail/distinfo:1.70 pkgsrc/mail/fetchmail/distinfo:1.71
--- pkgsrc/mail/fetchmail/distinfo:1.70 Tue Jul 15 21:35:52 2025
+++ pkgsrc/mail/fetchmail/distinfo Wed Dec 31 07:44:10 2025
@@ -1,8 +1,8 @@
-$NetBSD: distinfo,v 1.70 2025/07/15 21:35:52 wiz Exp $
+$NetBSD: distinfo,v 1.71 2025/12/31 07:44:10 triaxx Exp $
-BLAKE2s (fetchmail-6.5.4.tar.xz) = f5f23f7b6593e17ca9c86f25e9980c625a4c4ac7a54b687d27a92b39d2dbbd26
-SHA512 (fetchmail-6.5.4.tar.xz) = 6d8764119636f8f5b60d1f1878c151bbdca1fbda60b24e8695c8a54656003c4bb83950fec40f349d2e0a4ab45511b89fc45a0e898d362363d5f609ca1926a57c
-Size (fetchmail-6.5.4.tar.xz) = 1114764 bytes
-SHA1 (patch-Makefile.in) = 75795ede008ffd7ae92db499a4355121edc237ee
-SHA1 (patch-configure) = caa28c549f1dffedfb851549525da43796e0980a
-SHA1 (patch-configure.ac) = ea2475c262f92869bf5cc8b3dd6a50eb40849b83
+BLAKE2s (fetchmail-6.6.2.tar.xz) = ef5025944506a9106bd89e5b099a3b6a44bfdceb71e248f37dc77922bcfee02b
+SHA512 (fetchmail-6.6.2.tar.xz) = aa285f2113597b52daa478622abfb9a1cf2d12fd68d4d5b103aef8f382281377d16837ad18619c8e459bc861576f58403c77e0d49cc2d9dd0eb39d4beabffebf
+Size (fetchmail-6.6.2.tar.xz) = 1091032 bytes
+SHA1 (patch-Makefile.in) = f7902940785ccfb4295a79520e68e70b95aa2ff5
+SHA1 (patch-configure) = c8a650c5810fc62115bb432181ebc68f464272f8
+SHA1 (patch-configure.ac) = 4c0ebcad99daf0f8fb03e5588b4a1d6f6931026c
Index: pkgsrc/mail/fetchmail/patches/patch-Makefile.in
diff -u pkgsrc/mail/fetchmail/patches/patch-Makefile.in:1.7 pkgsrc/mail/fetchmail/patches/patch-Makefile.in:1.8
--- pkgsrc/mail/fetchmail/patches/patch-Makefile.in:1.7 Sat Dec 28 22:09:58 2024
+++ pkgsrc/mail/fetchmail/patches/patch-Makefile.in Wed Dec 31 07:44:11 2025
@@ -1,11 +1,11 @@
-$NetBSD: patch-Makefile.in,v 1.7 2024/12/28 22:09:58 triaxx Exp $
+$NetBSD: patch-Makefile.in,v 1.8 2025/12/31 07:44:11 triaxx Exp $
Even with disabled python, wrapper around fetchmailconf.py and its
manpage is installed.
---- Makefile.in.orig 2024-11-12 23:44:51.000000000 +0000
+--- Makefile.in.orig 2025-12-30 22:42:27.357702618 +0000
+++ Makefile.in
-@@ -784,10 +784,10 @@ ACLOCAL_AMFLAGS = -I m4 -I m4-local
+@@ -822,10 +822,10 @@ ACLOCAL_AMFLAGS = -I m4 -I m4-local
AM_YFLAGS = -t -d -Wno-yacc
BUILT_SOURCES = rcfile_y.h rcfile_l.h
dist_noinst_SCRIPTS = specgen.sh
@@ -16,5 +16,5 @@ manpage is installed.
-nodist_bin_SCRIPTS = fetchmailconf
+nodist_bin_SCRIPTS =
python_PYTHON = $(pys)
+ DISTCLEANFILES = fetchmail.spec
CLEANFILES = $(nodist_bin_SCRIPTS) \
- fetchmail-man.html \
Index: pkgsrc/mail/fetchmail/patches/patch-configure
diff -u pkgsrc/mail/fetchmail/patches/patch-configure:1.6 pkgsrc/mail/fetchmail/patches/patch-configure:1.7
--- pkgsrc/mail/fetchmail/patches/patch-configure:1.6 Sat Dec 28 22:09:58 2024
+++ pkgsrc/mail/fetchmail/patches/patch-configure Wed Dec 31 07:44:11 2025
@@ -1,10 +1,10 @@
-$NetBSD: patch-configure,v 1.6 2024/12/28 22:09:58 triaxx Exp $
+$NetBSD: patch-configure,v 1.7 2025/12/31 07:44:11 triaxx Exp $
krb5-config errors out unless you give it a library to look for
--- configure.orig 2022-08-27 07:08:20.000000000 +0000
+++ configure
-@@ -11088,7 +11088,7 @@ printf "%s\n" "#define KERBEROS_V5 1" >>
+@@ -11428,7 +11428,7 @@ printf "%s\n" "#define KERBEROS_V5 1" >>
CFLAGS="$CFLAGS -I/usr/include/kerberosV"
LIBS="$LIBS -lasn1 -lkrb5 -lcom_err -lkafs"
@@ -13,7 +13,7 @@ krb5-config errors out unless you give i
krb5_prefix=`krb5-config --prefix krb5`
{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: krb5-config points to kerberosV under $krb5_prefix" >&5
printf "%s\n" "krb5-config points to kerberosV under $krb5_prefix" >&6; }
-@@ -11433,7 +11433,7 @@ printf "%s\n" "krb4-config points to ker
+@@ -11826,7 +11826,7 @@ printf "%s\n" "krb4-config points to ker
CFLAGS="$CFLAGS `krb4-config --cflags`"
LIBS="$LIBS `krb4-config --libs`"
KERBEROS_V4=1
Index: pkgsrc/mail/fetchmail/patches/patch-configure.ac
diff -u pkgsrc/mail/fetchmail/patches/patch-configure.ac:1.5 pkgsrc/mail/fetchmail/patches/patch-configure.ac:1.6
--- pkgsrc/mail/fetchmail/patches/patch-configure.ac:1.5 Sat Dec 28 22:09:58 2024
+++ pkgsrc/mail/fetchmail/patches/patch-configure.ac Wed Dec 31 07:44:11 2025
@@ -1,10 +1,10 @@
-$NetBSD: patch-configure.ac,v 1.5 2024/12/28 22:09:58 triaxx Exp $
+$NetBSD: patch-configure.ac,v 1.6 2025/12/31 07:44:11 triaxx Exp $
krb5-config errors out unless you give it a library to look for
--- configure.ac.orig 2020-09-04 08:03:28.000000000 +0000
+++ configure.ac
-@@ -359,7 +359,7 @@ then
+@@ -373,7 +373,7 @@ then
AC_DEFINE(KERBEROS_V5,1,Define if you have Kerberos V5)
CFLAGS="$CFLAGS -I/usr/include/kerberosV"
LIBS="$LIBS -lasn1 -lkrb5 -lcom_err -lkafs"
@@ -13,7 +13,7 @@ krb5-config errors out unless you give i
krb5_prefix=`krb5-config --prefix krb5`
AC_MSG_RESULT([krb5-config points to kerberosV under $krb5_prefix])
if test -f ${krb5_prefix}/include/et/com_err.h && \
-@@ -457,7 +457,7 @@ elif krb4-config 2> /dev/null >/dev/null
+@@ -471,7 +471,7 @@ elif krb4-config 2> /dev/null >/dev/null
CFLAGS="$CFLAGS `krb4-config --cflags`"
LIBS="$LIBS `krb4-config --libs`"
KERBEROS_V4=1
Home |
Main Index |
Thread Index |
Old Index