File Release Notes and Changelog
Release Name: 5.4.16
Notes: More fixes to 5.4.14/5.4.15, hopefully leading to a useable, stable release incorporating vpopmaild from the 5.5 branch. There is an important security fix in this release, related to cleartext passwords. If cleartext passwords are enabled, and an account doesn't have a cleartext password set, it is possible to authenticate with SMTP AUTH and/or APOP methods using a blank password. Once anonymous CVS is updated (after May 8), this link should show the changes made to vchkpw.c: http://cvs.sourceforge.net/viewcvs.py/vpopmail/vpopmail/vchkpw.c?r1=1.11.2.4&r2=1.11.2.5&diff_format=u
Changes: Michael Krieger - vpalias: Properly handle some empty search results. Ken Jones - vpalias: wasn't allocating enough memory for alias name in valias_select_names (missing one byte for NULL). Jianbin Xiao - vmysql: reconnect to server if connection was dropped. Rick Widmer - vpgsql: fix queries to allow domains starting with digits. John Simpson - vpgsql: fix compile errors introduced in 5.4.14. - vdominfo: undo change from 5.4.14 that displayed alias domains incorrectly. Toshihiko Kyoda - vdelivermail: check for over quota when creating temp mail file. Tom Collins - vpalias: Fix double-free in code ported from 5.5 branch. - valias: exit non-zero on error, send all errors to stderr. - vchkpw: make sure we have cleartext pass before checking SMTP_AUTH or APOP logins. - Remove vactivedir code since it's just a client for a non-existent server.
About SourceForge
Develop Software
Community
Copyright © 2010 Geeknet, Inc. All rights reserved. Terms of Use
