X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/46ad960434683b3e15eb17edf3b2d748c191fbc4..7b162fc84e202a16b89fa11224737ffbdd240bc8:/doc/doc-txt/ChangeLog diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index c261e13c7..c5a47662b 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -5,6 +5,94 @@ options, and new features, see the NewStuff file next to this ChangeLog. Exim version 4.98 ----------------- +JH/01 Use fewer forks & execs for sending many messages to a single host. + By passing back more info from the transport to the delivery process, + we can loop there. A two-phase queue run will benefit, particularly for + mailinglist and smarthost cases. + +JH/02 Add transaction support for hintsdbs. The providers supported are tdb and + sqlite. Transactions are used for the wait-transport and retry DBs. + They imply locking internal to the DB. We no longer need a separate + lockfile, can keep the DB handle open for extended periods, yet + potentially benefit from concurrency on non-conflicting record uses. + +JH/03 With dkim_verify_minimal, avoid calling the DKIM ACL after the first + good verify. + +JH/04 Remove the docs and support scripts dealing with conversion of Exim + version 3 installations. + +JH/05 Fix hintsdb support for dbmjz when compiled using sqlite3. Previously + the backend support assumed keys would be simple C strings, but dbmjz + uses keys with embedded NUL bytes. The builtin hintsdb use is unaffected, + but installations using dbmjz will need to rebuild those DBs. + +JH/06 Bug 1141: When operating a continued-connection transport, verify that + the interface option, if specified, evaluates to match the connection. + Previously, a queued message for the same host was sent without checking. + +JH/07 Bug 3106: Fix coding in SPA authenticator. A macro argument was not + properly parenthesized, resulting in a logic error. While the simple + fix was provided by Andrew Aitchison, the over-large code block resulting + from this macro made me want to replace it with a real function so more + extensive rework becamse needed. + +JH/08 The output of "exim -bV" now includes lookup types built as dynamic-load + modules. + +JH/09 Not a change, but worthy of note: There is no test coverage of the + heimdall-gssapi authenticator driver. It does build, though with (on at + least one platform) library version conflicts with the gsasl auth + driver). Confidence in its operation is lacking. + +JH/10 Bug 3108: On platforms not providing strchrnul() [OpenBSD] supply a proper + prototype (as well as implementaton). Previously, a return type "int" + was assumed, resulting in type-conversion bugs when int and pointer had + different size. This resulted in crashes while processing DKIM signatures + of received messages. Identification and fix from Qualys Security. + +JH/11 Lookups built as dynamic-load modules which support a single lookup + type are now only loaded if required by the config. Previously all lookup + modules present in the modules directory were loaded; this now applies + only to those supporting multiple types. + +JH/12 Bug 3112: Fix logging of config-file position for "obsolete lookup + syntax". Previously, the end of the top-level file was reported. + +JH/13 Bug 3120: Fix parsing of DKIM pubkey DNS record. Previously a crafted + record could crash the meesage recieve process. Investigation by + Maxim Galaganov. + +JH/14 Bug 3116: Fix crash in dkim signing. On kernels supporting immutable + memory segments, a write was done into one when a constant string was + configured for a transport's dkim private key. + +JH/15 Disallow tainted metadata in lists. + - Change-of-separator prefixes are handled specially when they are + explicit text; only the remainder of the list is expanded. A change-of- + separator resulting from expansion will not take effect if tainted. + - Elements starting with a plus-sign (named-list inclusion, + case-interpretation etc) and (hostlist) @[] (et al) are not handled + specially and are still operative at this time - but warnings are logged; + if any of these are needed in a list with a tainted element (which taints + the entire list at string-expansion time) then a named-list can be used + for that element. + - Exclamation-marks ("!" signifying negation) are not checked for taint + at this time. + +JH/16 Bug 3124: Fix theoretical crash in received connection, triggerable by a + crafted packet with massive count of IP options. A buffer overflow was + detected, but a null-deref results. In practice, IP packets with options + are rare (to non-existent). Exim refuses connections having any, but this + issue was in the coding for logging preceding that refusal. If coredumps + were enabled (not common), an attack could cause filesystem space usage. + +JH/17 Bug 3126: Fix build error in the ibase lookup. Find & fix by + Andrew Aitchison. + +Exim version 4.98 +----------------- + JH/01 Support list of dkim results in the dkim_status ACL condition, making it more usable in the data ACL. @@ -116,7 +204,58 @@ JH/21 Bug 3059: Fix crash in smtp transport. When running for a message for dealt with. Thanks to Wolfgand Breyha for debug runs. JH/22 The ESMTP_LIMITS facility (RFC 9422) is promoted from experimental status - and is now controlled by the build-time option DISABLE_ESMTP_LIMITS.. + and is now controlled by the build-time option DISABLE_ESMTP_LIMITS. + +JH/23 Bug 3066: Avoid leaking lookup database credentials to log. + +JH/24 Bug 3081: Fix a delivery process crash. When the router "errors_to" + option specified a fixed address, later rewriting on that address would + trip on the configuration data being readonly. Instead of modifying + in-place, copy data. Found and fixed by Peter Benie. + +JH/25 Bug 3079: Fix crash in dbmnz. When a key was present for zero-length + data a null pointer was followed. Find and testcase by Sebastian Bugge. + +JH/26 Fix encoding for an AUTH parameter on a MAIL FROM command. Previously + decimal 127 chars were not encoded, and lowercase hex was used for + encoded values. Outstanding since at least 1999. + +JH/27 Fix crash in logging. When a message with a large number of recipients + had been received, and logging of recipients is enabled, the buffer used + for logging could reach limit. A read using a null pointer would then + be done, resulting in a crash of the receiving process before an SMTP + ACK for the message was returned to the sending system. Duplicate + messages were created as a result. + Find and debug help by Mateusz Krawczyk + +JH/28 Bug 3086: Fix exinext for ipv6. Change the format of keys in the retry + DB, wrapping transport record bare-ip "host names" and ipv6 + "host addresses" in square-brackets. This makes the parsing that + exinext does more reliable. + +JH/29 Bug 3087: Fix SRS encode. A zero-length quoted element in the local-part + would cause a crash. + +JH/30 Bug 3029: Avoid feeding Resent-From: to DMARC. + +JH/31 Bug 3027: For -bh / -bhc tests change to using the compressed form of + ipv6 addresses for the sender. Previously the uncompressed form was used, + and if used in textual form this would result in behavior difference + versus non-bh. + +JH/32 Bug 3096: MAIL before HELO/EHLO, where required by hosts_require_helo, is + now classed as a protocol error and subject to smtp_max_synprot_errors. + +JH/33 Bug 2994: A subdir dsearch lookup should permit a directory name that starts + ".." and has following characters. + +JH/34 Fix delivery ordering for 2-phase queue run combined with + queue_run_in_order. + +JH/35 Bug 3099: fix parsing of MIME filename= split over multiple paramemters. + Previously the $mime_filename variable would have an incorrect value. + While in the code, extend coverage to name= which previously was only + supported for single parameters, despite also filling in $mime_filename. Exim version 4.97 @@ -693,7 +832,7 @@ JH/44 Bug 2701: Fix list-expansion of dns_ipv4_lookup. Previously, it did mx_fail_domains. JH/45 Use a (new) separate store pool-pair for DKIM verify working data. - Previously the permanent pool was used, so the sore could not be freed. + Previously the permanent pool was used, so the store could not be freed. This meant a connection with many messages would use continually-growing memory.