anubis-4.3 released [stable]

2024-01-06 Thread Sergey Poznyakoff 
Hello,

This is to inform you that GNU anubis version 4.3 is available for download.
This is a maintenance release, introducing several new features.  See the end
of this message for a list of important changes.

Here are the compressed sources:

  https://ftp.gnu.org/gnu/anubis/anubis-4.3.tar.gz  1.2M
  https://ftp.gnu.org/gnu/anubis/anubis-4.3.tar.bz2 890K

Here are the GPG detached signatures:

  https://ftp.gnu.org/gnu/anubis/anubis-4.3.tar.gz.sig
  https://ftp.gnu.org/gnu/anubis/anubis-4.3.tar.bz2.sig

Here are the checksums:

MD5
---
bc80b9045b3c8f3b1d6798200cd81586  anubis-4.3.tar.gz
32dc9adf1d0daa54bff70f10b4e289b5  anubis-4.3.tar.bz2

SHA1

24aa5b8b5f87101f49b50550d263f654ae496404  anubis-4.3.tar.gz
9515d346c88a51e6718ca7fb1349e93e9c18ce19  anubis-4.3.tar.bz2

SHA256
--
ff0af3337c462218e5ee244c7ef90188af9efdf095bc05b6333401cf9882af2c  
anubis-4.3.tar.gz
098abec96097527be1857e4b8b5b5b4b7e58a8458f58ce2cb732f024df6e9ef5  
anubis-4.3.tar.bz2

Use a .sig file to verify that the corresponding file (without the
.sig suffix) is intact.  First, be sure to download both the .sig file
and the corresponding tarball.  Then, run a command like this:

  gpg --verify anubis-4.3.tar.gz.sig

If that command fails because you don't have the required public key,
try the following command to retrieve it, and then rerun the 'gpg
--verify' command.

  gpg --recv-keys 3602B07F55D0C732

As a last resort to find the key, you can try the official GNU
keyring:

  wget -q https://ftp.gnu.org/gnu/gnu-keyring.gpg
  gpg --keyring gnu-keyring.gpg --verify anubis-4.3.tar.gz.sig

Noteworthy changes in this release:

* Fix compilation with new GDBM versions

* Support for Guile version 2.2.0 and later

* anubisusr requires GnuTLS

* New configuration statement: use-pam

Used in CONTROL section, this boolean statement enables or disables the
use of the Pluggable Authentication Module interface for accounting and
session management.

* New configuration statement: identd-keyfile

Sets the name of the file with shared keys used for decryting replies
from the auth service.  It is used in traditional mode if anubis receives
an encrypted response from the client's identd server.

* Bugfixes

Best regards,
Sergey

mailutils-3.17 released [stable]

2024-01-06 Thread Sergey Poznyakoff 
Hello,

This is to inform you that GNU mailutils version 3.17 is available for
download.  This is a stable release.  See the end of this message for
a list of important changes.

Here are the compressed sources:

  https://ftp.gnu.org/gnu/mailutils/mailutils-3.17.tar.gz 7.6M
  https://ftp.gnu.org/gnu/mailutils/mailutils-3.17.tar.bz25.1M
  https://ftp.gnu.org/gnu/mailutils/mailutils-3.17.tar.xz 3.1M

Here are the checksums:

MD5
---
f3a1ded909cec18ceedce2ca73f5ad70  mailutils-3.17.tar.gz
375e05e6c3fd7e180bded50960ac978c  mailutils-3.17.tar.bz2
2df7bb7a076781a244635d311aac3f04  mailutils-3.17.tar.xz

SHA1

f96007ce3f0e19e74318316b04087b9f461ca713  mailutils-3.17.tar.gz
916f34a092f8f9155352b6ffa4eea228a9a00683  mailutils-3.17.tar.bz2
89f642c872a61868a3d0389261bff418ee847bfb  mailutils-3.17.tar.xz

SHA256
--
403d0a8a7d923560ee189783a35cec517e9993dda985e35b7afd9c488bf6f149  
mailutils-3.17.tar.gz
cf03c3f6abbc4f0cc6996856ebdf5abc4157bb4fc7c11a883f298371e4334893  
mailutils-3.17.tar.bz2
fa49bacec37566fe52f88221d3871673a633aeee0cd923cc3a8e65bbef2b84e9  
mailutils-3.17.tar.xz

Use a .sig file to verify that the corresponding file (without the
.sig suffix) is intact.  First, be sure to download both the .sig file
and the corresponding tarball.  Then, run a command like this:

  gpg --verify mailutils-3.16.tar.gz.sig

If that command fails because you don't have the required public key,
try the following command to retrieve it, and then rerun the 'gpg
--verify' command.

  gpg --recv-keys 3602B07F55D0C732

As a last resort to find the key, you can try the official GNU
keyring:

  wget -q https://ftp.gnu.org/gnu/gnu-keyring.gpg
  gpg --keyring gnu-keyring.gpg --verify mailutils-3.16.tar.gz.sig

Noteworthy changes in this release:

* Use of TLS in pop3d and imap4d

If not explicitly specified, the TLS mode to use (ondemand, connect,
etc.) is derived from the configured port.  E.g., for imap4d, port 143
implies ondemand mode, and port 993 implies connection mode.

The global tls-mode setting is used only when the mode cannot be detemined
otherwise, i.e. neither per-server tls-mode is given nor the port gives
any clues as to the TLS mode to use.

* Bugfixes

** movemail: fix handling of -P option.
** Improve file safety checking routine.
** Fix compilation with new gcc versions.

Best regards,
Sergey