options, and new features, see the NewStuff file next to this ChangeLog.
-Exim version 4.93
------------------
+Exim version 4.92.1
+-------------------
-JH/01 Bug 2351: Log failures to extract envelope addresses from message headers.
+JH/31 Avoid re-expansion in ${sort } expansion. (CVE-2019-13917, OVE-20190718-0006)
Exim version 4.92
and multiple senders' messages were queued, only one sender would get
notified on each configured delay_warning cycle.
+JH/38 Bug 2351: Log failures to extract envelope addresses from message headers.
+
+JH/39 OpenSSL: clear the error stack after an SSL_accept(). With anon-auth
+ cipher-suites, an error can be left on the stack even for a succeeding
+ accept; this results in impossible error messages when a later operation
+ actually does fail.
+
+AM/01 Bug 2359: GnuTLS: repeat lowlevel read and write operations while they
+ return error codes indicating retry. Under TLS1.3 this becomes required.
+
+JH/40 Fix the feature-cache refresh for EXPERIMENTAL_PIPE_CONNECT. Previously
+ it only wrote the new authenticators, resulting in a lack of tracking of
+ peer changes of ESMTP extensions until the next cache flush.
+
+JH/41 Fix the loop reading a message header line to check for integer overflow,
+ and more-often against header_maxsize. Previously a crafted message could
+ induce a crash of the recive process; now the message is cleanly rejected.
+
+JH/42 Bug 2366: Fix the behaviour of the dkim_verify_signers option. It had
+ been totally disabled for all of 4.91. Discovery and fix by "Mad Alex".
+
Exim version 4.91
-----------------
git://git.exim.org / exim.git / blobdiff