[Fetchmail-announce] ANNOUNCE: fetchmail 6.4.3 is now available (bug fixes)

[Matthias A. <mat...@gm...>]

Greetings,

The 6.4.3 release of fetchmail is now available at the usual locations,
including <https://downloads.sourceforge.net/project/fetchmail/branch_6.4/>.

NOTE:
I intend this to be the last 6.4.x version with functional changes, and new
6.4.x are not planned, except if regressions, critical fixes, or new
translations or important documentation fixes appear and 6.5.0 is too far out.

Fetchmail 6.4.x is the last branch that will tolerate OpenSSL 1.0.2 and C89 compilers,
and support Python 2.7.x (for newer x) for fetchmailconf.

== EXCURSION ---------
The direction for the near future is to do some bugfixing and possibly minor
features on the Git branch 'legacy_6x', for now called 6.5.0.dev*, it is a
branch that will require newer operating systems, toolchains, library, for
instance, OpenSSL 1.1.1 with TLSv1.3 support, C99 (for long long support) or
possibly C11 (TBD) and possibly newer IEEE Std 1003.1 compliance.
== END EXCURSION -----

The source archive is available with the same content but different compression format at:
<https://downloads.sourceforge.net/project/fetchmail/branch_6.4/fetchmail-6.4.3.tar.lz>
<https://downloads.sourceforge.net/project/fetchmail/branch_6.4/fetchmail-6.4.3.tar.xz>

Detached GnuPG signatures are at:
<https://downloads.sourceforge.net/project/fetchmail/branch_6.4/fetchmail-6.4.3.tar.lz.asc>
<https://downloads.sourceforge.net/project/fetchmail/branch_6.4/fetchmail-6.4.3.tar.xz.asc>

Digests (obtained from openssl dgst -sha256):
SHA256(fetchmail-6.4.3.tar.lz)= b22217beb0a1545a84a111baada2008f00887afe395a8514805e5297366385d0
SHA256(fetchmail-6.4.3.tar.xz)= b0360e14b9aa5d065eef8ff99ad0347ef6cbbfc934c8114908295a402a09d3e4

Here are the release notes:

fetchmail-6.4.3 (released 2020-04-05, 27530 LoC):

## BUGFIXES:
* Plug memory leaks when parts of the configuration (defaults, rcfile, command 
  line) override one another.
* fetchmail terminated the placeholder command string too late and included
  garbage from the heap at the end of the string. Workaround: don't use place-
  holders %h or %p in the --plugin string. Bug added in 6.4.0 when merging
  Gitlab merge request !5 in order to fix an input buffer overrun.
  Faulty commit 418cda65f752e367fa663fd13884a45fcbc39ddd.
  Reported by Stefan Thurner, Gitlab issue #16.
* Fetchmail now checks for errors when trying to read the .idfile,
  Gitlab issue #3.
* Fetchmail's error messages that reports that the defaults entry isn't the 
  first was made more precise. It could be misleading if there was a poll or
  skip statement before the defaults.

## CHANGES:
* Fetchmail documentation was updated to require OpenSSL 1.1.1.
  OpenSSL 1.0.2 reached End Of Life status at the end of the year 2019.
  Fetchmail will tolerate, but warn about, 1.0.2 for now on the assumption that 
  distributors backport security fixes as the need arises.
  Fetchmail will also warn if another SSL library that is API-compatible
  with OpenSSL lacks TLS v1.3 support.
* If the trust anchor is missing, fetchmail refers the user to README.SSL.

## INTERNAL CHANGES:
* The AC_DECLS(getenv) check was removed, its only user was broken and not 
  accounting for that AC_DECLS always defines HAVE_DECL_... to 0 or 1, so
  fetchmail never declared a missing getenv() symbol (it was testing with 
  #ifdef).  Remove the backup declaration. getenv is mandated by SUSv2 anyways.

## UPDATED TRANSLATION - WITH THANKS TO THE TRANSLATORS:
* sq:    Besnik Bleta [Albanian]
* zh_CN: Boyuan Yang [Chinese (simplified)]
* pl:    Jakub Bogusz [Polish]
* cs:    Petr Pisar [Czech]
* fr:    Frédéric Marchal [French]
* sv:    Göran Uddeborg [Swedish]
* eo:    Felipe Castro [Esperanto]

--------------------------------------------------------------------------------