X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/40525d07a858c90293bc09188fb539a1cec3f8aa..a5ffa9b475a426bc73366db01f7cc92a3811bc3a:/doc/doc-txt/ChangeLog diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index aca12ea00..6ba9a3e5e 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -63,7 +63,7 @@ JH/09 Avoid using a temporary file during transport using dkim. Unless a JH/10 Enable use of sendfile in Linux builds as default. It was disabled in 4.77 as the kernel support then wasn't solid, having issues in 64bit - mode. Now, it's been long enough. + mode. Now, it's been long enough. Add support for FreeBSD also. JH/11 Bug 2104: Fix continued use of a transport connection with TLS. In the case where the routing stage had gathered several addresses to send to @@ -76,7 +76,21 @@ JH/11 Bug 2104: Fix continued use of a transport connection with TLS. In the JH/12 Fix check on SMTP command input synchronisation. Previously there were false-negatives in the check that the sender had not preempted a response or prompt from Exim (running as a server), due to that code's lack of - awareness of the SMTP input buferring. + awareness of the SMTP input buffering. + +PP/04 Add commandline_checks_require_admin option. + Exim drops privileges sanely, various checks such as -be aren't a + security problem, as long as you trust local users with access to their + own account. When invoked by services which pass untrusted data to + Exim, this might be an issue. Set this option in main configuration + AND make fixes to the calling application, such as using `--` to stop + processing options. + +JH/13 Do pipelining under TLS. Previously, although safe, no advantage was + taken. Now take care to pack both (client) MAIL,RCPT,DATA, and (server) + responses to those, into a single TLS record each way (this usually means + a single packet). As a side issue, smtp_enforce_sync now works on TLS + connections. Exim version 4.89