Add security/ item to the wrapper, move existing CVE*txt there
[exim-website.git] / templates / web / index.xsl
index fa50b9d66a2e5d2c0efa0f6a6f674b754836392f..c27c43705cc4bac86a02826d9557978f39d31771 100644 (file)
        <xsl:variable name="html.head.append">
 
                <!-- CSS -->
-                       <link rel="stylesheet" type="text/css" href="{$docroot}/index.css"/>
+                       <link rel="stylesheet" type="text/css" href="{$staticroot}/css/index.css"/>
 
                <!-- Canonical -->
-                        <link rel="canonical" href="http://www.exim.org/"/>
+                        <link rel="canonical" href="https://www.exim.org/"/>
 
        </xsl:variable>
  
 
                 <!-- Summary -->
                        <p id="summary">
-                               <a href="http://www.exim.org/">
+                               <a href="https://www.exim.org/">
                                        <img src="i/exim-blue-ld-87x65.png" alt="Exim Logo" width="87" height="65"/>
                                </a>
                                <xsl:text>Exim is a message transfer agent (MTA) developed at the </xsl:text>
-                               <a href="http://www.cam.ac.uk/" title="University of Cambridge Home page">University of Cambridge</a>
+                               <a href="https://www.cam.ac.uk/" title="University of Cambridge Home page">University of Cambridge</a>
                                <xsl:text> for use on Unix systems connected to the Internet. It is freely available under the terms of the </xsl:text>
-                               <a href="http://www.gnu.org/licenses/gpl.html" title="GPL Information">GNU General Public Licence</a>
+                               <a href="https://www.gnu.org/licenses/gpl.html" title="GPL Information">GNU General Public Licence</a>
                                <xsl:text>. In style it is similar to </xsl:text>
-                               <a href="http://freshmeat.net/projects/smail/" rel="nofollow">Smail 3</a>
+                               <a href="http://freecode.com/projects/smail/" rel="nofollow">Smail 3</a>
                                <xsl:text>, but its facilities are more general. There is a great deal of flexibility in the way mail can be routed, and there are extensive facilities for checking incoming mail. Exim can be installed in place of </xsl:text>
-                               <a href="http://www.sendmail.org/" title="Sendmail home page" rel="nofollow">Sendmail</a>
+                               <a href="https://www.proofpoint.com/us/sendmail-open-source" title="Sendmail home page" rel="nofollow">Sendmail</a>
                                <xsl:text>, although the configuration of Exim is quite different.</xsl:text>
                        </p>
 
       <!-- Version Information -->
          <p id="obsolete_version_info">
-            <xsl:text>All versions of Exim previous to version 4.x are now obsolete and everyone is very strongly recommended to upgrade to a current release. The last 3.x release was 3.36. It is obsolete and should not be used.</xsl:text>
+
+            <xsl:text>All versions of Exim previous to version </xsl:text><xsl:value-of select="/content/current_version"/><xsl:text> are now obsolete. The last 3.x release was 3.36. It is obsolete and should not be used.</xsl:text>
+
          </p>
 
          <p id="version_info">
             <xsl:value-of select="/content/current_version"/>
          </p>
 
+        <p> We fixed CVE-2017-16943 and CVE-2017-16944 with this release.
+        To address these two CVEs, please update to 4.89.1 or simply disable
+        the SMTP CHUNKING extension by using <code>chunking_advertise_hosts = </code> in the main configuration section.
+        </p>
+
          <p id="beta_version_info">
             <xsl:text>There may be beta versions available from the ftp sites in the Testing directory. Many people are using these without problems, but they are not recommended unless you are willing to work with beta software.</xsl:text>
          </p>
                 <!-- Book Information -->
                    
                        <p id="book_info">
-                               <a href="http://www.uit.co.uk/exim-book">
+                               <a href="https://www.uit.co.uk/the-exim-smtp-mail-server">
                                        <img src="i/exim-book.png" width="74" height="100"/>
                                </a>
                                <xsl:text>You may wish to purchase </xsl:text>
-                               <a href="http://www.uit.co.uk/exim-book">The Exim SMTP Mail Server</a>
+                               <a href="https://www.uit.co.uk/the-exim-smtp-mail-server">The Exim SMTP Mail Server</a>
                                <xsl:text> book, written by the original author of Exim, </xsl:text>
-                               <a href="http://en.wikipedia.org/wiki/Philip_Hazel">Philip Hazel</a>
-                               <xsl:text>. The table of contents, and a sample chapter can be viewed </xsl:text>
-                               <a href="http://www.uit.co.uk/content/table-contents-summary-0">here</a>
+                               <a href="https://en.wikipedia.org/wiki/Philip_Hazel">Philip Hazel</a>
                                <xsl:text>.</xsl:text>
                        </p>