Release Notes: This release fixes a long-standing (since 4.X or 5.X) DoS vulnerability in verbose mode in multi-byte locales. It also fixes a regression in the rcfile parser (since 6.3.0) that misparsed some rc files. It adds a new --sslcertfile option for bundle CA cert files. Many compiler warnings were fixed, and SSL/TLS usability was improved. fetchmailconf no longer loses the "invisible" setting. Translations have been updated.
Release Notes: This release fixes CVE-2009-2666, a SSL/TLS certificate verification weakness that was prone to NUL injection attacks (related to CVE-2009-2408). Non-printing characters in certificate names are now shown as ANSI-C hex escape sequences. The spurious "message delimiter found while scanning headers" message was removed, as the messages are actually RFC-5322.