Simon Arlott [Fri, 6 Oct 2023 07:08:22 +0000 (09:08 +0200)]
clear statement on CVE-2023-42118
Heiko Schlittermann (HS12-RIPE) [Wed, 4 Oct 2023 07:08:42 +0000 (09:08 +0200)]
add year to timeline
Christopher Kunz [Tue, 3 Oct 2023 12:24:31 +0000 (14:24 +0200)]
fix CVE number
Heiko Schlittermann (HS12-RIPE) [Mon, 2 Oct 2023 14:32:07 +0000 (16:32 +0200)]
fix type (pointed to by put_in)
Heiko Schlittermann (HS12-RIPE) [Mon, 2 Oct 2023 12:19:25 +0000 (14:19 +0200)]
mark the current release as a security release
Heiko Schlittermann (HS12-RIPE) [Mon, 2 Oct 2023 11:58:21 +0000 (13:58 +0200)]
new: exim-4.96.1 security release
Heiko Schlittermann (HS12-RIPE) [Mon, 2 Oct 2023 10:58:57 +0000 (12:58 +0200)]
update security info on current issues
Heiko Schlittermann (HS12-RIPE) [Mon, 2 Oct 2023 06:44:40 +0000 (08:44 +0200)]
place a hint on the libspf2 issue
Heiko Schlittermann (HS12-RIPE) [Sun, 1 Oct 2023 20:45:28 +0000 (22:45 +0200)]
fixup index page
Heiko Schlittermann (HS12-RIPE) [Sun, 1 Oct 2023 20:41:59 +0000 (22:41 +0200)]
move security info on index page to a more prominent place
Heiko Schlittermann (HS12-RIPE) [Sun, 1 Oct 2023 20:33:09 +0000 (22:33 +0200)]
trigger update
Heiko Schlittermann (HS12-RIPE) [Sun, 1 Oct 2023 20:27:55 +0000 (22:27 +0200)]
fix style usage
Heiko Schlittermann (HS12-RIPE) [Sun, 1 Oct 2023 17:38:52 +0000 (19:38 +0200)]
fix: use stylesheet
Heiko Schlittermann (HS12-RIPE) [Sun, 1 Oct 2023 17:30:57 +0000 (19:30 +0200)]
link the cve text on the start page
Heiko Schlittermann (HS12-RIPE) [Sun, 1 Oct 2023 17:08:45 +0000 (19:08 +0200)]
add document about CVE-2023-* assigned by ZDI
Heiko Schlittermann (HS12-RIPE) [Tue, 9 May 2023 14:42:14 +0000 (16:42 +0200)]
update maillinglist refs to ...@lists.exim.org
Heiko Schlittermann (HS12-RIPE) [Thu, 23 Mar 2023 20:24:39 +0000 (21:24 +0100)]
rename mirrors.xsl -> download.xsl
Heiko Schlittermann (HS12-RIPE) [Thu, 23 Mar 2023 20:21:46 +0000 (21:21 +0100)]
polish download info
Heiko Schlittermann (HS12-RIPE) [Thu, 23 Mar 2023 19:53:07 +0000 (20:53 +0100)]
Fix lost download info.
This partially reverts commit
7f378ca88d34d76bf324e7f5ad58bea9369c510c.
Heiko Schlittermann (HS12-RIPE) [Tue, 21 Mar 2023 18:35:47 +0000 (19:35 +0100)]
remove spurious file
Heiko Schlittermann (HS12-RIPE) [Mon, 20 Mar 2023 22:40:27 +0000 (23:40 +0100)]
chg: do not log to logfile
Heiko Schlittermann (HS12-RIPE) [Mon, 20 Mar 2023 22:33:41 +0000 (23:33 +0100)]
chg: build script can be used as post-update hook now
Heiko Schlittermann (HS12-RIPE) [Mon, 20 Mar 2023 22:32:52 +0000 (23:32 +0100)]
typos
Heiko Schlittermann (HS12-RIPE) [Mon, 20 Mar 2023 21:26:22 +0000 (22:26 +0100)]
fix xsl
Heiko Schlittermann (HS12-RIPE) [Mon, 20 Mar 2023 20:16:44 +0000 (21:16 +0100)]
remove mirror info
Heiko Schlittermann (HS12-RIPE) [Mon, 20 Mar 2023 19:24:58 +0000 (20:24 +0100)]
fix: HTML entity
Heiko Schlittermann (HS12-RIPE) [Mon, 20 Mar 2023 10:14:19 +0000 (11:14 +0100)]
chg: add note about CVE-2021-38371 about not being a problem
Andrew Aitchison [Mon, 20 Mar 2023 10:13:22 +0000 (11:13 +0100)]
add: CVE-2021-38371
Jeremy Harris [Sun, 8 Jan 2023 16:24:30 +0000 (16:24 +0000)]
The current developers are no longer Cambridge
Jeremy Harris [Sun, 8 Jan 2023 16:22:49 +0000 (16:22 +0000)]
Avoid interpreting list-sep spec as HTML. Bug 2905
Heiko Schlittermann (HS12-RIPE) [Wed, 14 Dec 2022 23:04:39 +0000 (00:04 +0100)]
legal: clarify that domain ownership
Heiko Schlittermann (HS12-RIPE) [Wed, 14 Dec 2022 20:25:58 +0000 (21:25 +0100)]
new: add legal (about ownershop of the exim.org domain name)
Heiko Schlittermann (HS12-RIPE) [Wed, 14 Dec 2022 20:20:40 +0000 (21:20 +0100)]
fix: remove spurios half-open HTML (introduced by
77237db)
Heiko Schlittermann (HS12-RIPE) [Wed, 14 Dec 2022 18:38:36 +0000 (19:38 +0100)]
add schlittermann.de as a sponsor
Heiko Schlittermann (HS12-RIPE) [Fri, 4 Nov 2022 12:10:10 +0000 (13:10 +0100)]
fix links to paper book (fixes #6)
Jeremy Harris [Mon, 31 Oct 2022 09:36:51 +0000 (09:36 +0000)]
Deprecate 3.x even further
Jeremy Harris [Mon, 31 Oct 2022 09:29:06 +0000 (09:29 +0000)]
Sponsor acknowledgements
Andrew Aitchison [Fri, 21 Oct 2022 12:00:37 +0000 (13:00 +0100)]
De-tainting mailman configuration. Bug 2905
Jeremy Harris [Thu, 28 Jul 2022 23:12:52 +0000 (00:12 +0100)]
Fix indexing for varlistent when not within a section
Jeremy Harris [Tue, 26 Jul 2022 19:43:25 +0000 (20:43 +0100)]
Cambs no longer hosts the Exim website
Jeremy Harris [Fri, 22 Jul 2022 13:24:42 +0000 (14:24 +0100)]
Support indexes pointing directo to varlist items
Jeremy Harris [Sat, 9 Jul 2022 16:30:59 +0000 (17:30 +0100)]
Support subsections in HTML output
Jeremy Harris [Sat, 2 Jul 2022 18:14:38 +0000 (19:14 +0100)]
Nicer rendering for see-also in index
Jeremy Harris [Fri, 1 Jul 2022 20:47:44 +0000 (21:47 +0100)]
Fix up "see also" entries in indexes, in HTML output.
Not perfect, but better than it was (it used to show
a link to the Intro chapter).
Heiko Schlittermann (HS12-RIPE) [Thu, 30 Jun 2022 08:44:25 +0000 (10:44 +0200)]
new: no output redirection if STDIN is a terminal
Heiko Schlittermann (HS12-RIPE) [Thu, 30 Jun 2022 08:43:47 +0000 (10:43 +0200)]
Nigel Metheringham [Wed, 29 Jun 2022 19:11:17 +0000 (20:11 +0100)]
fix: corrected the URL for the exim book
Thanks to Johannes for the notification
Jeremy Harris [Sat, 25 Jun 2022 13:40:49 +0000 (14:40 +0100)]
Add Exim 4.96
Heiko Schlittermann (HS12-RIPE) [Tue, 28 Sep 2021 10:27:27 +0000 (12:27 +0200)]
Improve readability of the startpage
Heiko Schlittermann (HS12-RIPE) [Tue, 28 Sep 2021 10:16:10 +0000 (12:16 +0200)]
4.95 isn't a security release
Heiko Schlittermann (HS12-RIPE) [Tue, 28 Sep 2021 09:25:38 +0000 (11:25 +0200)]
Add Exim 4.95
Heiko Schlittermann (HS12-RIPE) [Mon, 7 Jun 2021 19:57:16 +0000 (21:57 +0200)]
test
Heiko Schlittermann (HS12-RIPE) [Tue, 4 May 2021 14:14:19 +0000 (16:14 +0200)]
Emphasize the security aspect, link to qualys
Heiko Schlittermann (HS12-RIPE) [Tue, 4 May 2021 14:12:03 +0000 (16:12 +0200)]
Update Information from Qualys
Heiko Schlittermann (HS12-RIPE) [Tue, 4 May 2021 12:33:40 +0000 (14:33 +0200)]
Add 4.94.1, 4.94.2 and initial draft of CVE-2020-qualys
Simon Arlott [Tue, 2 Jun 2020 22:02:09 +0000 (23:02 +0100)]
Fix build on Fedora 32
perl-XML-LibXML stopped loading HTML entities by default at 2.0202,
and f32 has v2.0205
Jeremy Harris [Mon, 1 Jun 2020 14:52:36 +0000 (15:52 +0100)]
Release 4.94
Phil Pennock [Wed, 11 Mar 2020 04:38:57 +0000 (00:38 -0400)]
Update some URLs & expand on PGP keys
Heiko Schlittermann (HS12-RIPE) [Tue, 21 Jan 2020 08:06:39 +0000 (09:06 +0100)]
Update Maintainer keyring location.
They keys do not need to be stored in several places on the same server.
Heiko Schlittermann (HS12-RIPE) [Tue, 21 Jan 2020 08:05:34 +0000 (09:05 +0100)]
Use the keys from https://ftp.exim.org/pub/exim/Exim-Maintainers-Keyring.asc
Phil Pennock [Tue, 21 Jan 2020 05:52:37 +0000 (00:52 -0500)]
PGP: Jeremy new UID; Heiko add cross-sigs
The openpgpkey-control repo can emit a bundle of keys, such as we
distribute for the maintainer keyring. That bundle is "keys, plus
signatures from other keys in the bundle". In addition, it will not
export each key in the bundle, with those other sigs on it.
So one `update-bundles` command later, we have a version of Heiko's key
with signatures from other people on it.
And Jeremy's key now has an @exim.org UID upon it.
Phil Pennock [Sun, 19 Jan 2020 02:51:44 +0000 (21:51 -0500)]
Update PGP keys for Phil & Jeremy
Jeremy has a new self-sig made with SHA256.
Phil has new encryption subkeys in a new year.
Heiko Schlittermann (HS12-RIPE) [Sat, 18 Jan 2020 17:10:19 +0000 (18:10 +0100)]
Update GPG key hs@schlittermann.de (new expiration date)
Graeme Fowler [Mon, 30 Dec 2019 09:51:35 +0000 (09:51 +0000)]
Fix public suffix list link
Andreas Metzler [Sun, 15 Dec 2019 18:57:24 +0000 (19:57 +0100)]
Accept 4 part version number
Heiko Schlittermann (HS12-RIPE) [Thu, 12 Dec 2019 21:32:01 +0000 (22:32 +0100)]
Fix ftp URL
Heiko Schlittermann (HS12-RIPE) [Thu, 12 Dec 2019 21:17:37 +0000 (22:17 +0100)]
Mention maintenance releases
Heiko Schlittermann (HS12-RIPE) [Mon, 9 Dec 2019 09:52:34 +0000 (10:52 +0100)]
force update
Heiko Schlittermann (HS12-RIPE) [Mon, 9 Dec 2019 08:53:26 +0000 (09:53 +0100)]
force update
Heiko Schlittermann (HS12-RIPE) [Mon, 9 Dec 2019 07:40:15 +0000 (08:40 +0100)]
Redirect output to /tmp/website-$(date +%s).log
Heiko Schlittermann (HS12-RIPE) [Mon, 9 Dec 2019 06:45:04 +0000 (07:45 +0100)]
This is not a security release
Heiko Schlittermann (HS12-RIPE) [Sun, 8 Dec 2019 21:43:35 +0000 (22:43 +0100)]
force update again
Heiko Schlittermann (HS12-RIPE) [Sun, 8 Dec 2019 21:12:37 +0000 (22:12 +0100)]
force update
Heiko Schlittermann (HS12-RIPE) [Sun, 8 Dec 2019 18:36:19 +0000 (19:36 +0100)]
Release 4.93
Heiko Schlittermann (HS12-RIPE) [Tue, 19 Nov 2019 11:18:52 +0000 (19:18 +0800)]
Add link to the origin of the tarballs
Heiko Schlittermann (HS12-RIPE) [Tue, 19 Nov 2019 11:13:27 +0000 (19:13 +0800)]
Use the template in the right way
Heiko Schlittermann (HS12-RIPE) [Tue, 19 Nov 2019 11:13:11 +0000 (19:13 +0800)]
Add Keys for Exim Maintainers to the website
Jeremy Harris [Wed, 13 Nov 2019 10:37:40 +0000 (10:37 +0000)]
Add credit to Bytemark
Heiko Schlittermann (HS12-RIPE) [Sat, 28 Sep 2019 22:37:21 +0000 (00:37 +0200)]
Release 4.92.3 CVE-2019-16928
Heiko Schlittermann (HS12-RIPE) [Fri, 6 Sep 2019 14:56:16 +0000 (16:56 +0200)]
Better wording in CVE txt
Heiko Schlittermann (HS12-RIPE) [Fri, 6 Sep 2019 11:18:14 +0000 (13:18 +0200)]
Add more detail to the mitigation
Heiko Schlittermann (HS12-RIPE) [Fri, 6 Sep 2019 10:58:36 +0000 (12:58 +0200)]
Add acl snippet as a mitigation method
Heiko Schlittermann (HS12-RIPE) [Fri, 6 Sep 2019 10:07:16 +0000 (12:07 +0200)]
Merge remote-tracking branch 'origin'
Heiko Schlittermann (HS12-RIPE) [Thu, 5 Sep 2019 16:42:51 +0000 (18:42 +0200)]
Update website index CVE-2019-15846
Heiko Schlittermann (HS12-RIPE) [Thu, 5 Sep 2019 16:37:58 +0000 (18:37 +0200)]
Add CVE-2019-15846 document
Heiko Schlittermann (HS12-RIPE) [Thu, 5 Sep 2019 14:43:09 +0000 (16:43 +0200)]
Add doc for 4.92.2
Heiko Schlittermann (HS12-RIPE) [Sat, 20 Jul 2019 21:07:54 +0000 (23:07 +0200)]
Update CVE info on index page
Heiko Schlittermann (HS12-RIPE) [Sat, 20 Jul 2019 21:05:44 +0000 (23:05 +0200)]
Add documents on CVE-2019-13917
Heiko Schlittermann (HS12-RIPE) [Sat, 20 Jul 2019 21:14:17 +0000 (23:14 +0200)]
Merge branch 'security/4.92.1'
Heiko Schlittermann (HS12-RIPE) [Sat, 20 Jul 2019 21:07:54 +0000 (23:07 +0200)]
Update CVE info on index page
Heiko Schlittermann (HS12-RIPE) [Sat, 20 Jul 2019 21:05:44 +0000 (23:05 +0200)]
Add documents on CVE-2019-13917
Heiko Schlittermann (HS12-RIPE) [Wed, 5 Jun 2019 14:57:02 +0000 (16:57 +0200)]
CVE-2019-10149 notice about new CRD
Heiko Schlittermann (HS12-RIPE) [Tue, 4 Jun 2019 14:19:30 +0000 (16:19 +0200)]
Update info on CVE-2019-10149
Heiko Schlittermann (HS12-RIPE) [Tue, 4 Jun 2019 09:30:51 +0000 (11:30 +0200)]
Update the CVE-2019-10149 document about restricted access
Heiko Schlittermann (HS12-RIPE) [Tue, 4 Jun 2019 09:09:14 +0000 (11:09 +0200)]
Fix fix. Finally.
Heiko Schlittermann (HS12-RIPE) [Tue, 4 Jun 2019 08:59:48 +0000 (10:59 +0200)]
Fix last commit
Heiko Schlittermann (HS12-RIPE) [Mon, 3 Jun 2019 21:38:40 +0000 (23:38 +0200)]
Link CVE-2019-10149 to the start page
Heiko Schlittermann (HS12-RIPE) [Mon, 3 Jun 2019 21:03:12 +0000 (23:03 +0200)]
CVE-2019-10149: Fix bad t0+7d
Heiko Schlittermann (HS12-RIPE) [Mon, 3 Jun 2019 20:10:18 +0000 (22:10 +0200)]
CVE-2019-10149: update t0 and t0+7d with expected real dates
Heiko Schlittermann (HS12-RIPE) [Mon, 3 Jun 2019 19:32:49 +0000 (21:32 +0200)]
CVE-2019-10149: Add note about 4.92 not being affected