X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/19fdbfb4a2b6ca4a6a96ef52be848f0a23e2414f..6b331d5834d12bdda21857cd6fffac17038ce3c7:/doc/doc-txt/NewStuff diff --git a/doc/doc-txt/NewStuff b/doc/doc-txt/NewStuff index 3555d8c12..d9a9f6cda 100644 --- a/doc/doc-txt/NewStuff +++ b/doc/doc-txt/NewStuff @@ -6,6 +6,13 @@ Before a formal release, there may be quite a lot of detail so that people can test from the snapshots or the Git before the documentation is updated. Once the documentation is updated, this file is reduced to a short list. +Version 4.97 +------------ + + 1. The expansion-test faciility (exim -be) can set variables. + + 2. An event on a failing SMTP AUTH, for both client and server operations. + Version 4.96 ------------ @@ -17,13 +24,18 @@ Version 4.96 4. An event for failing TLS connects to the daemon. - 5. Tainted data used for a query-style lookup should be quoted using the - expansion item for the lookup type. If not, a warning will be written to - the main and panic logs. A future release will enforce this by failing - the lookup. + 5. The ACL "debug" control gains options "stop", "pretrigger" and "trigger". + + 6. Query-style lookups are now checked for quoting, if the query string is + built using untrusted data ("tainted"). For now lack of quoting is merely + logged; a future release will upgrade this to an error. - 6. The ACL "debug" control gains options "stop", "pretrigger" and "trigger". + 7. The expansion conditions match_ and inlist now set $value for + the expansion of the "true" result of the ${if}. With a static list, this + can be used for de-tainting. + 8. Recipient verify callouts now set $domain_data & $local_part_data, with + de-tainted values. Version 4.95 ------------