head 1.7; access; symbols pkgsrc-2026Q1:1.7.0.2 pkgsrc-2026Q1-base:1.7 pkgsrc-2025Q4:1.6.0.8 pkgsrc-2025Q4-base:1.6 pkgsrc-2025Q3:1.6.0.6 pkgsrc-2025Q3-base:1.6 pkgsrc-2025Q2:1.6.0.4 pkgsrc-2025Q2-base:1.6 pkgsrc-2025Q1:1.6.0.2 pkgsrc-2025Q1-base:1.6 pkgsrc-2024Q4:1.5.0.18 pkgsrc-2024Q4-base:1.5 pkgsrc-2024Q3:1.5.0.16 pkgsrc-2024Q3-base:1.5 pkgsrc-2024Q2:1.5.0.14 pkgsrc-2024Q2-base:1.5 pkgsrc-2024Q1:1.5.0.12 pkgsrc-2024Q1-base:1.5 pkgsrc-2023Q4:1.5.0.10 pkgsrc-2023Q4-base:1.5 pkgsrc-2023Q3:1.5.0.8 pkgsrc-2023Q3-base:1.5 pkgsrc-2023Q2:1.5.0.6 pkgsrc-2023Q2-base:1.5 pkgsrc-2023Q1:1.5.0.4 pkgsrc-2023Q1-base:1.5 pkgsrc-2022Q4:1.5.0.2 pkgsrc-2022Q4-base:1.5 pkgsrc-2022Q3:1.3.0.4 pkgsrc-2022Q3-base:1.3 pkgsrc-2022Q2:1.3.0.2 pkgsrc-2022Q2-base:1.3 pkgsrc-2022Q1:1.2.0.2 pkgsrc-2022Q1-base:1.2 pkgsrc-2021Q4:1.1.0.10 pkgsrc-2021Q4-base:1.1 pkgsrc-2021Q3:1.1.0.8 pkgsrc-2021Q3-base:1.1 pkgsrc-2021Q2:1.1.0.6 pkgsrc-2021Q2-base:1.1 pkgsrc-2021Q1:1.1.0.4 pkgsrc-2021Q1-base:1.1 pkgsrc-2020Q4:1.1.0.2 pkgsrc-2020Q4-base:1.1; locks; strict; comment @# @; 1.7 date 2025.12.31.07.44.11; author triaxx; state Exp; branches; next 1.6; commitid ZE05bLrOoqws8xoG; 1.6 date 2024.12.28.22.09.58; author triaxx; state Exp; branches; next 1.5; commitid 5e5jYe4oY4NHKjDF; 1.5 date 2022.10.16.20.34.30; author triaxx; state Exp; branches; next 1.4; commitid 4XIjnHVmbwfp4ZXD; 1.4 date 2022.09.29.19.26.56; author triaxx; state Exp; branches; next 1.3; commitid LSOTptGrLcv6fNVD; 1.3 date 2022.05.26.06.18.23; author triaxx; state Exp; branches; next 1.2; commitid 55qhENlMnndHVwFD; 1.2 date 2022.01.31.14.12.59; author triaxx; state Exp; branches; next 1.1; commitid Xqsa7LRwOluifNqD; 1.1 date 2020.12.14.00.41.03; author dbj; state Exp; branches; next ; commitid tyDVQNyQVeSd2EzC; desc @@ 1.7 log @fetchmail: Update to 6.6.2 pkgsrc changes: --------------- * Remove obsolete MESSAGE file. upstream changes: ----------------- fetchmail-6.6.2 (released 2025-12-09, 32386 LoC): ## BUGFIX: * fetchmail 6.6.0 and 6.6.1 could not be configured without SSL, it would break compiling sink.c. Fix compilation. Report by Toralf Förster, analysis and different patch suggested by Holger Hoffstätte, fixes #86. https://bugs.gentoo.org/967258 and https://gitlab.com/fetchmail/fetchmail/-/issues/86 ------------------------------------------------------------------------------- fetchmail-6.6.1 (released 2025-11-12, 32381 LoC): ## TRANSLATIONS were updated by these fine people (randomized order): * sr: Мирослав Николић [Serbian] * es: Cristian Othón Martínez Vera [Spanish] ------------------------------------------------------------------------------- fetchmail-6.6.0 (released 2025-10-27, 32381 LoC): ## FEATURE: * SMTP TLS and STARTTLS support. By default, this works opportunistically, attempting to set up a TLS connection to the smtphost if it understands EHLO and offers STARTTLS, but will not enforce peer certificate validity for compatibility, esp. because "localhost" (the default SMTP host) usually isn't listed in the X.509 certificates. Behavior can be tweaked by adding /notls (cleartext connection), /tls (TLS-wrapped connection, negotiating TLS before conversing otherwise), or /starttls (requiring EHLO to offer STARTTLS, requesting the latter and requiring the server certificate to validate) to the SMTP host's name. Also, you can add /tlsproto=... where ... accepts the same parameters as the --sslproto option, which see. Ports, if not specified, default to 25 for opportunistic and /notls modes, 465 for /tls and 587 for /starttls, but can be overridden either by giving, say /25 or /smtp for /starttls. ## TRANSLATIONS were updated by these fine people (randomized order): * it: Luca Vercelli [Italian] * pl: Jakub Bogusz [Polish] * fr: Frédéric Marchal [French] * sv: Göran Uddeborg [Swedish] * sq: Besnik Bleta [Albanian] * ro: Remus-Gabriel Chelu [Romanian] * ja: Takeshi Hamasaki [Japanese] * de: Matthias Andree [German] * cs: Petr Pisar [Czech] * eo: Keith Bowes [Esperanto] ------------------------------------------------------------------------------- fetchmail-6.5.7 (released 2025-10-18, 32215 LoC): ## BUGFIXES: * When authenticating to an SMTP server, the AUTH LOGIN method (which didn't become a proposed standard, and is only the third method fetchmail would try, if CRAM-MD5 and PLAIN weren't offered) required that the server returned a 334 code followed by a blank and by a decodable base64 challenge we ignored anyways. This is in line with RFC 4952. However, to improve compatibility, fetchmail now accepts anything that starts with "334 " and disregards the remainder of the line. At the same time, AUTH LOGIN was deprecated. AUTH PLAIN should be available everywhere AUTH LOGIN is, and is specified in IETF RFC 4616. * When authenticating to an SMTP server, i. e. esmtpname/esmtppassword are defined, check for errors, and skip servers that do not understand EHLO, because we cannot negotiate supported authentication schemes with them. This should avoid attempting to send a lot of messages and see them rejected. * When authenticating to an SMTP server, do not send client abort "*" when we receive any other server reply but 334. * Extend 6.5.6's RFC-5321 address-literal fix to MAIL FROM. This might apply when we only have a server's IP address and need to quality addresses without domain. Fixes Debian Bug#1080025. * SMTP AUTH can now look up passwords from the .netrc file - for that, fetchmail's esmtpname setting must match the login for the given host in .netrc. Fixes Debian Bug#1056651 by Ticker Berkin. * Improve the GSSAPI (Kerberos V) build, which was pretty hard to get working. This was improved. Recommendation: - For autoconf builds (./configure), be sure to have the desired krb5-config executable early on $PATH before running ./configure. - For meson builds, be sure to list the path to your krb5-gssapi.pc file on PKG_CONFIG_PATH. (meson will fall back to krb5-config, so if that's on PATH, that should also work.) ## TRANSLATION UPDATES were contributed by these fine people - thank you! * The Italian translation is back - it had been missing from earlier 6.5.X since it had fallen too far behind with the last update in 2010. * cs: Petr Pisar [Czech] * eo: Keith Bowes [Esperanto] * es: Cristian Othón Martínez Vera [Spanish] * fr: Frédéric Marchal [French] * it: Luca Vercelli [Italian] * ja: Takeshi Hamasaki [Japanese] * pl: Jakub Bogusz [Polish] * ro: Remus-Gabriel Chelu [Romanian] * sq: Besnik Bleta [Albanian] * sv: Göran Uddeborg [Swedish] ------------------------------------------------------------------------------- fetchmail-6.5.6 (released 2025-10-03, 31795 LoC): ## SECURITY BUGFIX: * fetchmail-SA-2025-01.txt: CVE-2025-61962 An SMTP server advertising EHLO and AUTH, and if fetchmail is configured to authenticate (esmtpname and esmtppassword given and non-empty), the server might crash fetchmail by sending a "334" response without further blank to fetchmail's AUTH request. This is in violation of applicable RFC-4952 though. Fetchmail now detects this situation and reports it separately as malformed server reply. Fetchmail 6.5.6 has been released without waiting for translation updates or CVE identifier, these will be provided in followup releases. ## BUGFIXES: * RFC-5321: When the --smtpaddress, --smtphost, --smtpname, -D or -S argument is an numeric address literal such as 192.0.2.2 or 2001:0DB8::4321, properly format that as such in the SMTP RCPT command as user@@[192.0.2.2] or user@@[IPv6:2001:0DB8::4321]. * When printing output on the console while fetching mail, do not intersperse another copy of our program name and date in the middle of a log line. Workaround for older versions: --logfile /dev/tty (might also use --logfile /dev/stderr) - but note this changes buffering behavior and may output to appear later and without ticker marks. * A few low-priority memory leaks in the command-line options parser were fixed. Since this parser runs only once, leaks are harmless. * Some minor code cleanups and robustness fixes were made, and we should see fewer compiler warnings as a result. ## CHANGES: * Given the slow update schedules of some distributions, already add code that checks if time_t() is good beyond the year 2038, meaning time_t is either unsigned (which would last until 2106) or 64 bits wide. If the system isn't safe, warn on every launch of fetchmail beginning 2028-01-01 at 00:00 GMT so users have 10 years to plan. Fetchmail will also print a warning if time(time_t *t) overflows. ------------------------------------------------------------------------------- fetchmail-6.5.5 (released 2025-09-24, 31528 LoC): ## LICENSING CHANGE OF WOLFSSL: * Note that wolfSSL 5.8.2 switched license from GPLv2 to GPLv3, so if a distribution links fetchmail against wolfSSL, this implies the use of the "or-any-later-version" clause of the GPLv2-or-later licensed material in fetchmail, and the combined work can also only ship as GPLv3. This may or may not apply to later versions of wolfSSL - be sure to check! ## BUGFIXES: ==-- note that these comprise C23 compatibility fixes (GCC 15) --== * Support t.operation when the running user is different from the one mentioned in the $USER variable. Fix courtesy of Corey Halpin. * The kerberos*_auth() functions for v4 and v5 have prototypes now, so they can be compiled by the most modern C compilers. * AC_TYPE_* type-checking macros seem unnecessary, strip them, also from config.h.meson which would not fill them from build.meson. We expect the operating system to provide us pid_t, size_t, uint32_t. * Our res_search() autoconf check was broken on compilers adhering to newer standards (C23), for instance GCC 15, disabling several DNS-based features in autotools-based builds, but not meson-based builds. Strip the bogus "extern int res_search();" declaration without prototype, we would need to have the prototype from the system either way. ## IMPORTANT CHANGE: * Fetchmail is now more careful to actually clear password and like buffers in memory, so that is less likely that other processes could access them should they happen to access similar memory regions after fetchmail's exit. Fetchmail now uses memset_explicit(), explicit_bzero(), or its own explicit_bzero() implementation to clear memory buffers that contain passwords or like secrets, or their base64 equivalents, and also buffers that it uses to visualize such strings, instead of just using memset(). The motivating reason is that a plain memset() that does not have /observable/ effects, i. e. when we do not read from the buffer or transfer it, can be removed by the compiler's optimizer in the so-called dead store elimination, voiding our attempt to clear the buffer contents before releasing it to the heap. The named alternative functions are not being optimized away. ## WORKAROUND: * IMAP: Recognize SASL_IR advertisement of Cyrus IMAP 3.10.0...3.12.? as synonymous to SASL-IR per RFC4959. Upstream bug reported at https://github.com/cyrusimap/cyrus-imapd/issues/5481 - and it was quickly fixed in all their supported branches by patch releases. ## CHANGES: * Several documentation tweaks. * As long as SOURCE_DATE_EPOCH is set, the source tarball build may be reproducible now. Tested on Fedora 42. * The Japanese translation [ja] has been updated by Takeshi Hamasaki. * The Makefile should be compatible across a wider set of make implementations, beyond GNU make. @ text @$NetBSD: patch-configure,v 1.6 2024/12/28 22:09:58 triaxx Exp $ krb5-config errors out unless you give it a library to look for --- configure.orig 2022-08-27 07:08:20.000000000 +0000 +++ configure @@@@ -11428,7 +11428,7 @@@@ printf "%s\n" "#define KERBEROS_V5 1" >> CFLAGS="$CFLAGS -I/usr/include/kerberosV" LIBS="$LIBS -lasn1 -lkrb5 -lcom_err -lkafs" -elif krb5-config 2> /dev/null >/dev/null ; then +elif krb5-config krb5 2> /dev/null >/dev/null ; then krb5_prefix=`krb5-config --prefix krb5` { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: krb5-config points to kerberosV under $krb5_prefix" >&5 printf "%s\n" "krb5-config points to kerberosV under $krb5_prefix" >&6; } @@@@ -11826,7 +11826,7 @@@@ printf "%s\n" "krb4-config points to ker CFLAGS="$CFLAGS `krb4-config --cflags`" LIBS="$LIBS `krb4-config --libs`" KERBEROS_V4=1 -elif krb5-config 2> /dev/null >/dev/null ; then +elif krb5-config krb4 2> /dev/null >/dev/null ; then krb4_prefix=`krb5-config --prefix krb4` { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: krb5-config points to kerberosIV under $krb4_prefix" >&5 printf "%s\n" "krb5-config points to kerberosIV under $krb4_prefix" >&6; } @ 1.6 log @fetchmail: Update to 6.5.1 As of 2024-09-24, fetchmail 6.4 and older releases are no longer supported. Use fetchmail 6.5. @ text @d1 1 a1 1 $NetBSD: patch-configure,v 1.5 2022/10/16 20:34:30 triaxx Exp $ d7 1 a7 1 @@@@ -11088,7 +11088,7 @@@@ printf "%s\n" "#define KERBEROS_V5 1" >> d16 1 a16 1 @@@@ -11433,7 +11433,7 @@@@ printf "%s\n" "krb4-config points to ker @ 1.5 log @fetchmail: Update to 6.4.34 upstream changes: ----------------- fetchmail-6.4.34 (released 2022-10-15, 31701 LoC): # CRITICAL BUG FIXES: * When an SMTP receiver refuses delivery, a message would be deleted from the mail store in spite of a softbounce option that is enabled. Bug report, analysis and patch by Horváth Zsolt. Gitlab, fixes #50. # BUILD NOTE: * If you are reusing config.cache from prior builds, this may cause issues with finding Python or some libraries. In case of trouble, remove config.cache and retry. # TRANSLATIONS: language translations were updated by this fine person: * sr: Мирослав Николић (Miroslav Nikolić) [Serbian] @ text @d1 1 a1 1 $NetBSD: patch-configure,v 1.4 2022/09/29 19:26:56 triaxx Exp $ d7 1 a7 1 @@@@ -12677,7 +12677,7 @@@@ printf "%s\n" "#define KERBEROS_V5 1" >> d16 1 a16 1 @@@@ -13022,7 +13022,7 @@@@ printf "%s\n" "krb4-config points to ker @ 1.4 log @fetchmail: Update to 6.4.33 upstream changes: ----------------- fetchmail-6.4.33 (released 2022-08-27, 31696 LoC): # TRANSLATIONS: language translations were updated by this fine person: * fr: Frédéric Marchal [French] # CONTRIBUTED SCRIPT CHANGES: * contrib/fetchsetup improvements by Matěj Cepl * contrib/runfetchmail improvements by Matěj Cepl -------------------------------------------------------------------------------- fetchmail-6.4.32 (released 2022-07-30, 31696 LoC): # FIXES: * Use configure to find rst2html, some systems install it only with .py suffix, others only without, and some install both. * Update README.maintainer # TRANSLATIONS: language translations were updated by these fine people: (in alphabetical order of language codes so as not to prefer people): * cs: Petr Pisar [Czech] * es: Cristian Othón Martínez Vera [Spanish] * ja: Takeshi Hamasaki [Japanese] * pl: Jakub Bogusz [Polish] * ro: Remus-Gabriel Chelu [Romanian] * sq: Besnik Bleta [Albanian] * sv: Göran Uddeborg [Swedish] -------------------------------------------------------------------------------- fetchmail-6.4.31 (released 2022-07-16, 31694 LoC): # BUG FIXES: * Try to fix ./configure --with-ssl=... for systems that have multiple OpenSSL versions installed. Issues reported by Dennis Putnam. * The netrc parser now reports its errors to syslog or logfile when appropriate, previously it would always log to stderr. * Add error checking to .netrc parser. # CHANGES: * manpage: use .UR/.UE macros instead of .URL for URIs. * manpage: fix contractions. Found with FreeBSD's igor tool. * manpage: HTML now built with pandoc -> python-docutils (manServer.pl was dropped) @ text @d1 1 a1 1 $NetBSD: patch-configure,v 1.3 2022/05/26 06:18:23 triaxx Exp $ d7 1 a7 1 @@@@ -12278,7 +12278,7 @@@@ printf "%s\n" "#define KERBEROS_V5 1" >> d16 1 a16 1 @@@@ -12623,7 +12623,7 @@@@ printf "%s\n" "krb4-config points to ker @ 1.3 log @fetchmail: Update to 6.4.30 upstream changes: ----------------- fetchmail-6.4.30 (released 2022-04-26, 31666 LoC): # BREAKING CHANGES: * Bump wolfSSL minimum required version to 5.2.0 to pull in security fix. # CHANGES: * Using OpenSSL 1.* before 1.1.1n elicits a compile-time warning. * Using OpenSSL 3.* before 3.0.2 elicits a compile-time warning. * configure.ac was tweaked in order to hopefully fix cross-compilation issues report, and different patch suggested, by Fabrice Fontaine, https://gitlab.com/fetchmail/fetchmail/-/merge_requests/42 # TRANSLATIONS: language translations were updated by this fine person: * ro: Remus-Gabriel Chelu [Romanian] -------------------------------------------------------------------------------- fetchmail-6.4.29 (released 2022-03-20, 31661 LoC): # TRANSLATIONS: language translations were updated by this fine person: * vi: Trần Ngọc Quân [Vietnamese] -------------------------------------------------------------------------------- fetchmail-6.4.28 (released 2022-03-05, 31661 LoC): # DOCUMENTATION: * Fix a typo in the manual page, courtesy of Jeremy Petch. # TRANSLATIONS: language translations were updated by this fine person: * es: Cristian Othón Martínez Vera [Spanish] @ text @d1 1 a1 1 $NetBSD: patch-configure,v 1.2 2022/01/31 14:12:59 triaxx Exp $ d5 1 a5 1 --- configure.orig 2020-09-04 08:19:51.000000000 +0000 d7 1 a7 1 @@@@ -10976,7 +10976,7 @@@@ $as_echo "#define KERBEROS_V5 1" >>confd d14 3 a16 3 { $as_echo "$as_me:${as_lineno-$LINENO}: result: krb5-config points to kerberosV under $krb5_prefix" >&5 $as_echo "krb5-config points to kerberosV under $krb5_prefix" >&6; } @@@@ -11324,7 +11324,7 @@@@ $as_echo "krb4-config points to kerberos d23 2 a24 2 { $as_echo "$as_me:${as_lineno-$LINENO}: result: krb5-config points to kerberosIV under $krb4_prefix" >&5 $as_echo "krb5-config points to kerberosIV under $krb4_prefix" >&6; } @ 1.2 log @fetchmail: Update to 6.4.27 upstream changes: ----------------- fetchmail-6.4.27 (released 2022-01-26, 31661 LoC): # BREAKING CHANGES: * Bump wolfSSL minimum required version to 5.1.1 to pull in security fix. # TRANSLATIONS: language translations were updated by this fine person: * ro: Remus-Gabriel Chelu [Romanian] @ text @d1 1 a1 1 $NetBSD: patch-configure,v 1.1 2020/12/14 00:41:03 dbj Exp $ d7 1 a7 1 @@@@ -10975,7 +10975,7 @@@@ $as_echo "#define KERBEROS_V5 1" >>confd d16 1 a16 1 @@@@ -11323,7 +11323,7 @@@@ $as_echo "krb4-config points to kerberos @ 1.1 log @mail/fetchmail: fix build on Darwin with gssapi or kerberos options Darwin doesn't install include files in ${KRB5BASE} (They are in the SDK instead) therefore let fetchmail use krb5-config to determine how to link against kerberos @ text @d1 1 a1 1 $NetBSD$ d7 1 a7 1 @@@@ -10797,7 +10797,7 @@@@ $as_echo "#define KERBEROS_V5 1" >>confd d16 1 a16 1 @@@@ -11145,7 +11145,7 @@@@ $as_echo "krb4-config points to kerberos @