Latest upstream release: 1.8.16 Current version/release in rawhide: 1.8.15-2.fc35 URL: https://marlam.de/msmtp/ Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/ More information about the service that created this bug can be found at: https://fedoraproject.org/wiki/Upstream_release_monitoring Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from anitya: https://release-monitoring.org/project/2024/
Created attachment 1822856 [details] [patch] Update to 1.8.16 (#2003823)
the-new-hotness/release-monitoring.org's scratch build of msmtp-1.8.16-1.fc32.src.rpm for rawhide completed http://koji.fedoraproject.org/koji/taskinfo?taskID=75624289
Latest upstream release: 1.8.17 Current version/release in rawhide: 1.8.15-2.fc35 URL: https://marlam.de/msmtp/ Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/ More information about the service that created this bug can be found at: https://fedoraproject.org/wiki/Upstream_release_monitoring Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from anitya: https://release-monitoring.org/project/2024/
Created attachment 1828614 [details] [patch] Update to 1.8.17 (#2003823)
the-new-hotness/release-monitoring.org's scratch build of msmtp-1.8.17-1.fc32.src.rpm for rawhide completed http://koji.fedoraproject.org/koji/taskinfo?taskID=76634806
Latest upstream release: 1.8.18 Current version/release in rawhide: 1.8.15-2.fc35 URL: https://marlam.de/msmtp/ Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/ More information about the service that created this bug can be found at: https://fedoraproject.org/wiki/Upstream_release_monitoring Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from anitya: https://release-monitoring.org/project/2024/
Created attachment 1836064 [details] [patch] Update to 1.8.18 (#2003823)
the-new-hotness/release-monitoring.org's scratch build of msmtp-1.8.18-1.fc34.src.rpm for rawhide completed http://koji.fedoraproject.org/koji/taskinfo?taskID=77665110
Latest upstream release: 1.8.19 Current version/release in rawhide: 1.8.15-2.fc35 URL: https://marlam.de/msmtp/ Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/ More information about the service that created this bug can be found at: https://fedoraproject.org/wiki/Upstream_release_monitoring Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from anitya: https://release-monitoring.org/project/2024/
Created attachment 1839823 [details] [patch] Update to 1.8.19 (#2003823)
the-new-hotness/release-monitoring.org's scratch build of msmtp-1.8.19-1.fc34.src.rpm for rawhide completed http://koji.fedoraproject.org/koji/taskinfo?taskID=78309154
(In reply to Upstream Release Monitoring from comment #9) > Latest upstream release: 1.8.19 > Current version/release in rawhide: 1.8.15-2.fc35 > URL: https://marlam.de/msmtp/ > Based on the information from anitya: https://release-monitoring.org/project/2024/ ( https://github.com/marlam/msmtp-mirror/blob/master/NEWS ) - msmtp 1.8.19 is released 2021-11-04 This release fixes a security problem in the minimal SMTP server msmtpd: mail addresses starting with a hyphen could be interpreted as command line options by the pipe command. This could be used to make the pipe command run arbitrary executables with the user id of the msmtpd process. Note that msmtp itself is not affected. You are only affected if you run msmtpd without authentication and with a pipe command that does not end with -- (to separate options from arguments). Since msmtpd only accepts connections on the local interface by default, this bug can only be triggered by untrusted processes on your machine; it cannot be triggered over the network. As a workaround, you can configure the msmtpd pipe command to end with --. If you want to patch an older version instead of updating to 1.8.19, the relevant git commit is 2679609f72e27760f9785c3905f9943451b47a12 and this patch applies to all versions starting with 1.8.0 when used with patch -F3. - msmtp 1.8.18 is released 2021-10-22 This release fixes a few minor problems related to translations and the documentation. - msmtp 1.8.17 is released 2021-10-03 This release adds new options to the minimal SMTP server msmtpd to enable a new use case: now you can use it as a gateway between msmtp and mail software such as Thunderbird that cannot use msmtp directly and insists on using an SMTP server. Similarly, the new minimal POP3 server mpopd (part of mpop) can now be used as a gateway between a local mail box on your disk and mail software that insists on using a POP3 server. So now you can have full control over incoming and outgoing mail, including all the processing and filtering with any tools you want, while still using a mail client that does not give you these options itself. See the msmtpd and mpopd documentation for examples. - msmtp 1.8.16 is released 2021-09-13 With this release, the from command now accepts patterns (as in shell file name matching) so that many different envelope from addresses given on the command line can match the same account. The domain command now supports expansion of %H, %C and %M. The msmtpd daemon now supports sysexits.h error codes from the %pipe command. For configurations using libtls instead of GnuTLS, the %tls_fingerprint and tls_certcheck commands were fixed.
FEDORA-2022-0b473f2150 has been submitted as an update to Fedora 36. https://bodhi.fedoraproject.org/updates/FEDORA-2022-0b473f2150
FEDORA-2022-0b473f2150 has been pushed to the Fedora 36 stable repository. If problem still persists, please make note of it in this bug report.
FEDORA-2022-548e031444 has been submitted as an update to Fedora 35. https://bodhi.fedoraproject.org/updates/FEDORA-2022-548e031444
FEDORA-2022-b5d0f6a120 has been submitted as an update to Fedora 34. https://bodhi.fedoraproject.org/updates/FEDORA-2022-b5d0f6a120
FEDORA-2022-b5d0f6a120 has been pushed to the Fedora 34 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2022-b5d0f6a120` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2022-b5d0f6a120 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-2022-548e031444 has been pushed to the Fedora 35 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2022-548e031444` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2022-548e031444 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-2022-548e031444 has been pushed to the Fedora 35 stable repository. If problem still persists, please make note of it in this bug report.
FEDORA-2022-b5d0f6a120 has been pushed to the Fedora 34 stable repository. If problem still persists, please make note of it in this bug report.