4. An event for failing TLS connects to the daemon.
- 5. Tainted data used for a query-style lookup should be quoted using the
- expansion item for the lookup type. If not, a warning will be written to
- the main and panic logs. A future release will enforce this by failing
- the lookup.
+ 5. The ACL "debug" control gains options "stop", "pretrigger" and "trigger".
- 6. The ACL "debug" control gains options "stop", "pretrigger" and "trigger".
+ 6. Query-style lookups are now checked for quoting, if the query string is
+ built using untrusted data ("tainted"). For now lack of quoting is merely
+ logged; a future release will upgrade this to an error.
+ 7. The expansion conditions match_<list-type> and inlist now set $value for
+ the expansion of the "true" result of the ${if}. With a static list, this
+ can be used for de-tainting.
+
+ 8. Recipient verify callouts now set $domain_data & $local_part_data, with
+ de-tainted values.
Version 4.95
------------