aboutsummaryrefslogtreecommitdiffstats
path: root/Changelog
diff options
context:
space:
mode:
authorGuilhem Moulin <guilhem@fripost.org>2020-08-03 20:51:42 +0200
committerGuilhem Moulin <guilhem@fripost.org>2020-08-03 20:51:42 +0200
commit531e27c2dfd67b4ad600c2ad5e13e608a75f04d8 (patch)
treed669f8caf9c795d88ce3e72736157901dbcaec15 /Changelog
parent887526e77f7a3b707c53457b076d098a1edefeb7 (diff)
parentfe5501d4bb4c7c6365ceb009ea715356cca27a50 (diff)
Merge tag 'upstream/0.5.2' into debian
Upstream version 0.5.2
Diffstat (limited to 'Changelog')
-rw-r--r--Changelog15
1 files changed, 15 insertions, 0 deletions
diff --git a/Changelog b/Changelog
index 43648d0..6ee44fc 100644
--- a/Changelog
+++ b/Changelog
@@ -1,3 +1,18 @@
+interimap (0.5.2) upstream;
+
+ - Makefile: remove 'smart' extension from pandoc call to generate
+ manuals (it's no longer supported by pandoc 2.9 which generates \[lq]
+ and \[rq] in the groff output anyway).
+ - libinterimap: fix response injection vulnerability after STARTTLS.
+ For background see https://gitlab.com/muttmua/mutt/-/issues/248 .
+ - libinterimap: abort on PREAUTH greeting received on plaintext
+ connections (set "STARTTLS = NO" to ignore). This is similar to
+ CVE-2020-12398 and CVE-2020-14093.
+ * libinterimap: fail when a capability to ENABLE is missing from the
+ server's CAPABILITY listing.
+
+ -- Guilhem Moulin <guilhem@fripost.org> Mon, 03 Aug 2020 20:50:41 +0200
+
interimap (0.5.1) upstream;
+ pullimap: also compare RFC 5322 date and envelope information in