:book: Notes

In addition to the usual share of bug fixes and enhancements, this release fixes a security vulnerability whereas an early error in communicating with an IMAP server was not properly detected as fatal, resulting in a potential for sensitive information (user, pass) being sent over an untrusted channel.

Thanks to Gabriel Salles-Loustau for spotting the problem.

:heart: Thanks

Many thanks to our new contributor:

  • Björn Ketelaars (@bket)

and our regular contributors:

:lock: Security

  • imap: close connection on all failures

:gift: Features

  • alias: add function to Alias/Query dialogs
  • config: add validators for {imap,smtp,pop}_authenticators
  • config: warn when signature file is missing or not readable
  • smtp: support for native SMTP LOGIN auth mech
  • notmuch: show originating folder in index

:beetle: Bug Fixes

  • sidebar: prevent the divider colour bleeding out
  • sidebar: fix <sidebar-{next,prev}-new>
  • notmuch: fix query for current email
  • restore shutdown-hook functionality
  • crash in reply-to
  • user-after-free in folder-hook
  • fix some leaks
  • fix application of limits to modified mailboxes
  • write Date header when postponing

:black_flag: Translations

  • :lithuania: 100% Lithuanian
  • :czech_republic: 100% Czech
  • :tr: 70% Turkish

:books: Docs

  • Document that $sort_alias affects the query menu

:building_construction: Build

  • improve ASAN flags
  • add SASL and S/MIME to –everything
  • fix contrib (un)install

:gear: Code

  • my_hdr compose screen notifications
  • add contracts to the MXAPI
  • maildir refactoring
  • further reduce the use of global variables

:recycle: Upstream

  • Add $count_alternatives to count attachments inside alternatives