"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "ChangeLog" between
isync-1.4.1.tar.gz and isync-1.4.2.tar.gz

About: isync is a commandline application which synchronizes a local maildir-style mailbox with a remote IMAP4 mailbox, suitable for use in IMAP-disconnected mode.

ChangeLog  (isync-1.4.1):ChangeLog  (isync-1.4.2)
2021-06-03 09:07 Oswald Buddenhagen <ossi@users.sf.net>
* configure.ac:
bump version
2021-06-03 09:02 Oswald Buddenhagen <ossi@users.sf.net>
* configure.ac:
bump version
2021-04-14 14:58 Oswald Buddenhagen <ossi@users.sf.net>
* src/drv_imap.c:
CVE-2021-3578: fix handling of unexpected APPENDUID response code
if the code was sent in response to anything but a STORE, we'd overwrite
a data pointer in one of our imap_cmd subclasses, an allocator data
structure, or the start of the next allocation, with an int that was
completely under the server's control. it's plausible that this could be
exploited for remote code execution.
to avoid this, we could ensure that the object is of the right type
prior to casting, by using a new flag in the parameter block. but it's
easier to just dispose of the out_uid field altogether and reuse the uid
field that is present in the parameter block anyway, but was used only
for FETCH commands so far.
this problem was found by Lukas Braun <koomi@moshbit.net> using a
2021-04-14 14:52 Oswald Buddenhagen <ossi@users.sf.net>
* src/drv_imap.c:
don't crash on malformed CAPABILITY responses
amends 95a83c822.
this problem was found by Lukas Braun <koomi@moshbit.net> using a
2021-03-19 17:21 Oswald Buddenhagen <ossi@users.sf.net>
* src/: driver.h, drv_imap.c, drv_maildir.c:
tolerate INBOX mis-casing in Path
while it's technically reasonable to expect the user to match the
server's casing of INBOX if they set Path, this might come as a
surprise to those who know that the IMAP INBOX is case-insensitive.
so tolerate any casing instead. as a minor side effect, we'd now even be
able to deal with a server using different casing in NAMESPACE and LIST.
2021-02-21 20:24 Oswald Buddenhagen <ossi@users.sf.net> 2021-02-21 20:24 Oswald Buddenhagen <ossi@users.sf.net>
* configure.ac: * configure.ac:
bump version bump version
2021-02-20 21:52 Oswald Buddenhagen <ossi@users.sf.net> 2021-02-20 21:52 Oswald Buddenhagen <ossi@users.sf.net>
* src/sync.c: * src/sync.c:
 End of changes. 1 change blocks. 
0 lines changed or deleted 56 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)