X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/98820cd6053797a63f8daddd56c67ea6d8c13d46..0d82dc37b36017c11fd37936bd76cfeea9516e2d:/doc/doc-txt/ChangeLog diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index 9d7c45a79..4306cabc0 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -88,7 +88,7 @@ JH/18 Fix a fencepost error in logging. Previously (since 4.92) when a log line JH/19 Bug 2911: Fix a recursion in DNS lookups. Previously, if the main option dns_again_means_nonexist included an element causing a DNS lookup which - iteslf returned DNS_AGAIN, unbounded recursion occurred. Possible results + itself returned DNS_AGAIN, unbounded recursion occurred. Possible results included (though probably not limited to) a process crash from stack memory limit, or from excessive open files. Replace this with a paniclog whine (as this is likely a configuration error), and returning @@ -170,6 +170,49 @@ JH/31 Bug 2998: Fix ${utf8clean:...} to disallow UTF-16 surrogate codepoints. JH/32 Fix "tls_dhparam = none" under GnuTLS. At least with 3.7.9 this gave a null-indirection SIGSEGV for the receive process. +JH/33 Fix free for live variable $value created by a ${run ...} expansion during + -bh use. Internal checking would spot this and take a panic. + +JH/34 Bug 3013: Fix use of $recipients within arguments for ${run...}. + In 4.96 this would expand to empty. + +JH/35 Bug 3014: GnuTLS: fix expiry date for an auto-generated server + certificate. Find and fix by Andreas Metzler. + +JH/36 Add ARC info to DMARC hostory records. + +JH/37 Bug 3016: Avoid sending DSN when message was accepted under fakereject + or fakedefer. Previously the sender could discover that the message + had in fact been accepted. + +JH/38 Taint-track intermediate values from the peer in multi-stage authentation + sequences. Previously the input was not noted as being tainted; notably + this resulted in behaviour of LOGIN vs. PLAIN being inconsistent under + bad coding of authenticators. + +JH/39 Bug 3023: Fix crash induced by some combinations of zero-length strings + and ${tr...}. Found and diagnosed by Heiko Schlichting. + +JH/40 Bug 2999: Fix a possible OOB write in the external authenticator, which + could be triggered by externally-supplied input. Found by Trend Micro. + CVE-2023-42115 + +JH/41 Bug 3000: Fix a possible OOB write in the SPA authenticator, which could + be triggered by externally-controlled input. Found by Trend Micro. + CVE-2023-42116 + +JH/42 Bug 3001: Fix a possible OOB read in the SPA authenticator, which could + be triggered by externally-controlled input. Found by Trend Micro. + CVE-2023-42114 + +JH/43 Bug 2903: avoid exit on an attempt to rewrite a malformed address. + Make the rewrite never match and keep the logging. Trust the + admin to be using verify=header-syntax (to actually reject the message). + +JH/44 Bug 3033: Harden dnsdb lookups against crafted DNS responses. + CVE-2023-42219 + +HS/02 Fix string_is_ip_address() CVE-2023-42117 (Bug 3031) Exim version 4.96 -----------------