It fixes a possible SMTP buffer overflow triggerable by
a malicious server as reported by Olav Mørkrid, and a socket code
memory access error that can be seen when using IMAP on at least
Solaris, which was reported by Jörg Schilling.
While at it switch from libedit to s-nail's own line editing function to
avoid bugs with non-ASCII input in various places. (Changing setlocale
call in main.c to use LC_CTYPE solves most of them, but some remain, eg.
saving attachments with non-ASCII names.)
With this commit I take maintainership from william@
OK william@
This update does not include the new "dotlock" program since there's no
way to make it work out of the box on OpenBSD.
Enable tests while here.
Feedback from Steffen Nurpmeso (upstream), ok william@ (maintainer)
Fixes for CVE-2004-2771 and CVE-2014-7844 ("shell command injection via
crafted email addresses").
Reminder and initial patch by "trondd" on ports@.
Ack'd by william@ (MAINTAINER) who returned EBUSY.
S-nail is a fork of Heirloom mailx, formerly known as nail. It is a mail user
agent derived from Berkeley Mail 8.1 and is intended to provide the
functionality of the POSIX.2 mailx command with additional support for MIME
messages, Maildir, POP3, IMAP, SMTP, threading, spam control, and other
features.
ok sthen@
