X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/58eb016e585187a87ade7602b2aecb2208605320..6c512171a8449f14cc284e13aabc0153d9977c43:/doc/doc-txt/ChangeLog diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index 4a8d41d66..cd802708e 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -1,8 +1,63 @@ -$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.502 2007/04/13 15:13:47 ph10 Exp $ +$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.513 2007/06/18 13:57:49 ph10 Exp $ Change log file for Exim from version 4.21 ------------------------------------------- +Exim version 4.68 +----------------- + +PH/01 Another patch from the Sieve maintainer. + +PH/02 When an IPv6 address is converted to a string for single-key lookup + in an address list (e.g. for an item such as "net24-dbm;/net/works"), + dots are used instead of colons so that keys in lsearch files need not + contain colons. This was done some time before quoting was made available + in lsearch files. However, iplsearch files do require colons in IPv6 keys + (notated using the quote facility) so as to distinguish them from IPv4 + keys. This meant that lookups for IP addresses in host lists did not work + for iplsearch lookups. + + This has been fixed by arranging for IPv6 addresses to be expressed with + colons if the lookup type is iplsearch. This is not incompatible, because + previously such lookups could never work. + + The situation is now rather anomolous, since one *can* have colons in + ordinary lsearch keys. However, making the change in all cases is + incompatible and would probably break a number of configurations. + +TK/01 Change PRVS address formatting scheme to reflect latests BATV draft + version. + +MH/01 The "spam" ACL condition code contained a sscanf() call with a %s + conversion specification without a maximum field width, thereby enabling + a rogue spamd server to cause a buffer overflow. While nobody in their + right mind would setup Exim to query an untrusted spamd server, an + attacker that gains access to a server running spamd could potentially + exploit this vulnerability to run arbitrary code as the Exim user. + +TK/02 Bugzilla 502: Apply patch to make the SPF-Received: header use + $primary_hostname instead of what libspf2 thinks the hosts name is. + +MH/02 The dsearch lookup now uses lstat(2) instead of stat(2) to look for + a directory entry by the name of the lookup key. Previously, if a + symlink pointed to a non-existing file or a file in a directory that + Exim lacked permissions to read, a lookup for a key matching that + symlink would fail. Now it is enough that a matching directory entry + exists, symlink or not. (Bugzilla 503.) + +PH/03 The body_linecount and body_zerocount variables are now exported in the + local_scan API. + +PH/04 Added the $dnslist_matched variable. + +PH/05 Unset $tls_cipher and $tls_peerdn before making a connection as a client. + This means they are set thereafter only if the connection becomes + encrypted. + +PH/06 Added the client_condition to authenticators so that some can be skipped + by clients under certain conditions. + + Exim version 4.67 ----------------- @@ -203,14 +258,19 @@ SC/03 Eximstats - V1.58 Fix to get <> and blackhole to show in edomain tables. PH/43 Yet another patch from the Sieve maintainer. PH/44 I found a way to check for a TCP/IP connection going away before sending - the response to the final '.' that terminates a message. At this time, - there should not be any pending input - the client should be waiting for - the response. Therefore, a select() can be used: if it shows that the - input is "ready", there is either input waiting, or the socket has been - closed. Both cases are errors. (It's a bit more complicated than this - because of buffering, but that's the essence of it.) Previously, Exim + the response to the final '.' that terminates a message, but only in the + case where the client has not sent further data following the '.' + (unfortunately, this is allowed). However, in many cases there won't be + any further data because there won't be any more messages to send. A call + to select() can be used: if it shows that the input is "ready", there is + either input waiting, or the socket has been closed. An attempt to read + the next input character can distinguish the two cases. Previously, Exim would have sent an OK response which the client would never have see. - This could lead to message repetition. This fix should cure that. + This could lead to message repetition. This fix should cure that, at + least in a lot of common cases. + +PH/45 Do not advertise STARTTLS in response to HELP unless it would be + advertised in response to EHLO. Exim version 4.66