X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/c2bcbe20d113563a876c2a05d25b1a2898bac5eb..85b87bc2af652a81dbb7f12fe0a030f0abdeac4c:/doc/doc-txt/ChangeLog diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index a0e85bee3..ba8b15bfb 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -1,4 +1,4 @@ -$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.55 2004/12/21 14:38:02 ph10 Exp $ +$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.59 2004/12/29 10:55:58 ph10 Exp $ Change log file for Exim from version 4.21 ------------------------------------------- @@ -236,14 +236,42 @@ Exim version 4.50 55. Some experimental protocols are using DNS PTR records for new purposes. The keys for these records are domain names, not reversed IP addresses. The - dnsdb lookup now tests whether it's key is an IP address. If not, it leaves - it alone. Component reversal etc. now happens only for IP addresses. + dnsdb PTR lookup now tests whether its key is an IP address. If not, it + leaves it alone. Component reversal etc. now happens only for IP addresses. 56. Improve error message when ldap_search() fails in OpenLDAP or Solaris LDAP. 57. Double the size of the debug message buffer (to 2048) so that more of very long debug lines gets shown. +58. The exicyclog utility now does better if the number of log files to keep + exceeds 99. In this case, it numbers them 001, 002 ... instead of 01, 02... + +59. Two changes related to the smtp_active_hostname option: + + (1) $smtp_active_hostname is now available as a variable. + (2) The default for smtp_banner uses $smtp_active_hostname instead + of $primary_hostname. + +60. The host_aton() function is supposed to be passed a string that is known + to be a valid IP address. However, in the case of IPv6 addresses, it was + not checking this. This is a hostage to fortune. Exim now panics and dies + if the condition is not met. A case was found where this could be provoked + from a dnsdb PTR lookup with an IPv6 address that had more than 8 + components; fortuitously, this particular loophole had already been fixed + by change 4.50/55 above. + + If there are any other similar loopholes, the new check in host_aton() + itself should stop them being exploited. The report I received stated that + data on the command line could provoke the exploit when Exim was running as + exim, but did not say which command line option was involved. All I could + find was the use of -be with a bad dnsdb PTR lookup, and in that case it is + running as the user. + +61. There was a buffer overflow vulnerability in the SPA authentication code + (which came originally from the Samba project). I have added a test to the + spa_base64_to_bits() function which I hope fixes it. + Exim version 4.43 -----------------