JH/34 Bug 1192: replace the embedded copy of PolarSSL RSA routines in the DKIM
support, by using OpenSSL or GnuTLS library ones. This means DKIM is
- only supported when built with TLS support.
+ only supported when built with TLS support. The PolarSSL SHA routines
+ are still used when the TLS library is too old for convenient support.
JH/35 Require SINGLE_DH_USE by default in OpenSSL (main config option
openssl_options), for security. OpenSSL forces this from version 1.1.0
server-side so match that on older versions.
-JH/36 Fix a longstanding bug in memory use by the ${run } expansion: A fresh
+JH/36 Bug 1778: longstanding bug in memory use by the ${run } expansion: A fresh
allocation for $value could be released as the expansion processing
- concluded, but leaving the global pointer active for it. Possibly
- involved in Bug 1778.
+ concluded, but leaving the global pointer active for it.
JH/37 Bug 1769: Permit a VRFY ACL to override the default 252 response,
and to use the domains and local_parts ACL conditions.
+JH/38 Fix cutthrough bug with body lines having a single dot. The dot was
+ incorrectly not doubled on cutthrough transmission, hence seen as a
+ body-termination at the receiving system - resulting in truncated mails.
+ Commonly the sender saw a TCP-level error, and retransmitted the message
+ via the normal store-and-forward channel. This could result in duplicates
+ received - but deduplicating mailstores were liable to retain only the
+ initial truncated version.
+
+JH/39 Bug 1781: Fix use of DKIM private-keys having trailing '=' in the base-64.
+
+JH/40 Fix crash in queryprogram router when compiled with EXPERIMENTAL_SRS.
+
+JH/41 Bug 1792: Fix selection of headers to sign for DKIM: bottom-up. While
+ we're in there, support oversigning also; bug 1309.
+
+JH/42 Bug 1796: Fix error logged on a malware scanner connection failure.
+
+HS/04 Add support for keep_environment and add_environment options.
+
+JH/43 Tidy coding issues detected by gcc --fsanitize=undefined. Some remain;
+ either intentional arithmetic overflow during PRNG, or testing config-
+ induced overflows.
+
+JH/44 Bug 1800: The combination of a -bhc commandline option and cutthrough
+ delivery resulted in actual delivery. Cancel cutthrough before DATA
+ stage.
+
+JH/45 Fix cutthrough, when connection not opened by verify and target hard-
+ rejects a recipient: pass the reject to the originator.
+
+
Exim version 4.86
-----------------