Change log file for Exim from version 4.21
-------------------------------------------
+Exim version 4.77
+-----------------
+
+PP/01 Solaris build fix for Oracle's LDAP libraries.
+ Bugzilla 1109, patch from Stephen Usher.
+
+TF/01 HP/UX build fix: avoid arithmetic on a void pointer.
+
+TK/01 DKIM Verification: Fix relaxed canon for empty headers w/o
+ whitespace trailer
+
+TF/02 Fix a couple more cases where we did not log the error message
+ when unlink() failed. See also change 4.74-TF/03.
+
+
+Exim version 4.76
+-----------------
+
+PP/01 The new ldap_require_cert option would segfault if used. Fixed.
+
+PP/02 Harmonised TLS library version reporting; only show if debugging.
+ Layout now matches that introduced for other libraries in 4.74 PP/03.
+
+PP/03 New openssl_options items: no_sslv2 no_sslv3 no_ticket no_tlsv1
+
+PP/04 New "dns_use_edns0" global option.
+
+PP/05 Don't segfault on misconfiguration of ref:name exim-user as uid.
+ Bugzilla 1098.
+
+PP/06 Extra paranoia around buffer usage at the STARTTLS transition.
+ nb: Exim is not vulnerable to http://www.kb.cert.org/vuls/id/555316
+
+TK/01 Updated PolarSSL code to 0.14.2.
+ Bugzilla 1097. Patch from Andreas Metzler.
+
+PP/07 Catch divide-by-zero in ${eval:...}.
+ Fixes bugzilla 1102.
+
+PP/08 Condition negation of bool{}/bool_lax{} did not negate. Fixed.
+ Bugzilla 1104.
+
+TK/02 Bugzilla 1106: CVE-2011-1764 - DKIM log line was subject to a
+ format-string attack -- SECURITY: remote arbitrary code execution.
+
+TK/03 SECURITY - DKIM signature header parsing was double-expanded, second
+ time unintentionally subject to list matching rules, letting the header
+ cause arbitrary Exim lookups (of items which can occur in lists, *not*
+ arbitrary string expansion). This allowed for information disclosure.
+
+PP/09 Fix another SIGFPE (x86) in ${eval:...} expansion, this time related to
+ INT_MIN/-1 -- value coerced to INT_MAX.
+
+
Exim version 4.75
-----------------
-NM/01 Workround for PCRE version dependancy in version reporting
+NM/01 Workround for PCRE version dependency in version reporting
Bugzilla 1073
TF/01 Update valgrind.h and memcheck.h to copies from valgrind-3.6.0.
PP/13 Bugzilla 1086: Deal with maildir quota file races.
Based on patch from Heiko Schlittermann.
+PP/14 Bugzilla 1019: DKIM multiple signature generation fix.
+ Patch from Uwe Doering, sign-off by Michael Haardt.
+
+NM/05 Fix to spam.c to accommodate older gcc versions which dislike
+ variable declaration deep within a block. Bug and patch from
+ Dennis Davis.
+
+PP/15 lookups-Makefile IRIX compatibilty coercion.
+
+PP/16 Make DISABLE_DKIM build knob functional.
+
+NM/06 Bugzilla 968: child_open_uid: restore default SIGPIPE handler
+ Patch by Simon Arlott
+
+TF/03 Fix valgrind.h portability to C89 compilers that do not support
+ variable argument macros. Our copy now differs from upstream.
+
Exim version 4.74
-----------------
PP/27 Bugzilla 1047: change the default for system_filter_user to be the Exim
run-time user, instead of root.
-PP/28 Add WHITELIST_D_MACROS option to let some macros be overriden by the
+PP/28 Add WHITELIST_D_MACROS option to let some macros be overridden by the
Exim run-time user without dropping privileges.
DW/29 Remove use of va_copy() which breaks pre-C99 systems. Duplicate the