Release Notes: This release fixes a password disclosure vulnerability (CVE-2006-5867) and a crash in certain situations (CVE-2006-5974). It re-reads /etc/resolv.conf at the beginning of a poll cycle, solving DNS issues on computers in changing network environments. The --logfile and --user options had been broken in 6.3.5, and have been repaired. Kerberos/GSSAPI error messages have been improved when support for these systems was not compiled in. Assorted minor fixes have been made.
Release Notes: This release fixes a few minor bugs, improves OpenSSL error reporting, and adds an Esperanto translation.
Release Notes: Compilation with OpenSSL implementations before 0.9.8m lacking SSL_CTX_clear_options() works again, but is neither supported nor recommended. The combination of "--plugin" and "-f -" was fixed. Logfile vs. syslog handling was cleaned up. Other minor changes were made.
Release Notes: A security issue where a misinterpreted server response could allow DoS and data theft in NTLM authentication was fixed. This issue was reported as CVE-2012-3482. The false disabling of a countermeasure against plaintext attacks in block ciphers was fixed. Various other minor fixes were made.
Release Notes: A NUL byte insertion bug in the IMAP client, which occurred when the last line of the input had no LF and no CRLF termination, was fixed.
Release Notes: This release fixes a STARTTLS denial of service vulnerability (CVE-2011-1947). It reduces repetitions in "unseen" message logging and speeds up IMAP fetches with full mailboxes quite a bit. Fetchmail now sets its Internet sockets to keepalive mode, to detect disconnections, and resolves MD5-related build problems.