[fetchmail-devel] fetchmail 6.3.6-rc2 release candidate

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Greetings,

I have uploaded a new fetchmail 6.3.6 release candidate to the usual
download location: <http://home.pages.de/~mandree/fetchmail/>

WARNING: This message sets the Reply-To: header.
When replying to me personally, you need to edit the To: header!

Important changes in fetchmail 6.3.6-rc2 since 6.3.5:

# SECURITY FIX (INCOMPATIBLE):
* Using at least one of the options "sslproto 'tls1'", "sslfingerprint" or
  "sslcertck" enforces STARTTLS for POP3 and IMAP and terminates the connection
  if unsuccessful. The same configuration causes permanent connection failure
  with POP2 unless --ssl is used.
  fetchmail 6.3.5 and older had no way to enforce TLS. With those older
  versions, TLS was always opportunistic, but fetchmail would happily transmit
  the password in cleartext if STARTTLS failed. --ssl --sslcertck
  configurations however have been safe.
  Reported by and fixed in cooperation with Isaac Wilcox.

# BUG FIXES:
* Repair --logfile, broken in 6.3.5. BerliOS Bug #9059,
  reported by Brian Harring.

Happy fetching,
Matthias Andree
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iD8DBQFFV601vmGDOQUufZURAryzAKDzJkmHq8v353OmWZ7OuSHe+eepEACgnqnQ
l2VReNobhAHaFXTw+QOJisg=
=TFX+
-----END PGP SIGNATURE-----

[fetchmail-devel] fetchmail 6.3.6-rc2 release candidate

Client daemon to move mail from POP and IMAP to your local computer

[fetchmail-devel] fetchmail 6.3.6-rc2 release candidate