Notes
In addition to the usual share of bug fixes and enhancements, this release fixes a security vulnerability whereas an early error in communicating with an IMAP server was not properly detected as fatal, resulting in a potential for sensitive information (user, pass) being sent over an untrusted channel.
Thanks to Gabriel Salles-Loustau for spotting the problem.
Thanks
Many thanks to our new contributor:
- Björn Ketelaars (@bket)
and our regular contributors:
- наб (@nabijaczleweli)
- Matthew Hughes (@matthewhughes934)
- Austin Ray (@Austin-Ray)
- Romeu Vieira (@RomeuG)
- Marius Gedminas (@mgedmin)
- Reto Brunner (@reto)
- Jakub Jindra (@jindraj)
- Yousef Akbar (@yousefakbar)
- ftilde (@ftilde)
- Pietro Cerutti (@gahr)
Security
- imap: close connection on all failures
Features
- alias: add
function to Alias/Query dialogs - config: add validators for {imap,smtp,pop}_authenticators
- config: warn when signature file is missing or not readable
- smtp: support for native SMTP LOGIN auth mech
- notmuch: show originating folder in index
Bug Fixes
- sidebar: prevent the divider colour bleeding out
- sidebar: fix <sidebar-{next,prev}-new>
- notmuch: fix
query for current email - restore shutdown-hook functionality
- crash in reply-to
- user-after-free in folder-hook
- fix some leaks
- fix application of limits to modified mailboxes
- write Date header when postponing
Translations
- 100% Lithuanian
- 100% Czech
- 70% Turkish
Docs
- Document that $sort_alias affects the query menu
Build
- improve ASAN flags
- add SASL and S/MIME to –everything
- fix contrib (un)install
Code
- my_hdr compose screen notifications
- add contracts to the MXAPI
- maildir refactoring
- further reduce the use of global variables
Upstream
- Add $count_alternatives to count attachments inside alternatives