Merge tag 'upstream/0.5.2' into debian

Upstream version 0.5.2
author: Guilhem Moulin <guilhem@fripost.org> 2020-08-03 20:51:42 +0200
committer: Guilhem Moulin <guilhem@fripost.org> 2020-08-03 20:51:42 +0200
commit: 531e27c2dfd67b4ad600c2ad5e13e608a75f04d8 (patch)
tree: d669f8caf9c795d88ce3e72736157901dbcaec15 /Changelog
parent: 887526e77f7a3b707c53457b076d098a1edefeb7 (diff)
parent: fe5501d4bb4c7c6365ceb009ea715356cca27a50 (diff)
1 files changed, 15 insertions, 0 deletions
diff --git a/Changelog b/Changelog
index 43648d0..6ee44fc 100644
--- a/Changelog
+++ b/Changelog
@@ -1,3 +1,18 @@
+interimap (0.5.2) upstream;
+
+ - Makefile: remove 'smart' extension from pandoc call to generate
+   manuals (it's no longer supported by pandoc 2.9 which generates \[lq]
+   and \[rq] in the groff output anyway).
+ - libinterimap: fix response injection vulnerability after STARTTLS.
+   For background see https://gitlab.com/muttmua/mutt/-/issues/248 .
+ - libinterimap: abort on PREAUTH greeting received on plaintext
+   connections (set "STARTTLS = NO" to ignore).  This is similar to
+   CVE-2020-12398 and CVE-2020-14093.
+ * libinterimap: fail when a capability to ENABLE is missing from the
+   server's CAPABILITY listing.
+
+ -- Guilhem Moulin <guilhem@fripost.org>  Mon, 03 Aug 2020 20:50:41 +0200
+
 interimap (0.5.1) upstream;
 
  + pullimap: also compare RFC 5322 date and envelope information in
author	Guilhem Moulin <guilhem@fripost.org>	2020-08-03 20:51:42 +0200
committer	Guilhem Moulin <guilhem@fripost.org>	2020-08-03 20:51:42 +0200
commit	531e27c2dfd67b4ad600c2ad5e13e608a75f04d8 (patch)
tree	d669f8caf9c795d88ce3e72736157901dbcaec15 /Changelog
parent	887526e77f7a3b707c53457b076d098a1edefeb7 (diff)
parent	fe5501d4bb4c7c6365ceb009ea715356cca27a50 (diff)